urlscan.io logo urlscan.io
SecurityTrails logo

xtremedownloadmanager.com Open in urlscan Pro
185.199.109.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xtremedownloadmanager.com/
Effective URL: https://xtremedownloadmanager.com/
Submission: On October 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 8 countries across 34 domains to perform 179 HTTP transactions. The main IP is 185.199.109.153, located in San Francisco, United States and belongs to FASTLY, US. The main domain is xtremedownloadmanager.com.
TLS certificate: Issued by R3 on September 13th 2023. Valid for: 3 months.
This is the only time xtremedownloadmanager.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 185.199.109.153 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:234... 15133 (EDGECAST)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 192.0.66.2 2635 (AUTOMATTIC)
2 2001:4860:480... 15169 (GOOGLE)
2 104.244.42.200 13414 (TWITTER)
5 21 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 9 2a00:1450:400... 15169 (GOOGLE)
10 142.250.185.66 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 3.120.0.219 16509 (AMAZON-02)
2 20 142.250.186.34 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.250.1.9 44788 (ASN-CRITE...)
3 3 37.157.5.132 198622 (ADFORM)
1 2 2.16.97.41 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
2 52.223.40.198 16509 (AMAZON-02)
1 1 3.69.18.113 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 51.38.120.206 16276 (OVH)
1 1 151.101.194.49 54113 (FASTLY)
1 18.195.142.87 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 2.23.197.190 16625 (AKAMAI-AS)
2 2 213.155.156.181 1299 (TWELVE99 ...)
179 29
11    185.199.109.153 (San Francisco, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com
xtremedownloadmanager.com
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
21    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
github.blog
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
21    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
33    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
20    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    3.120.0.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-0-219.eu-central-1.compute.amazonaws.com
pm.w55c.net
20    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
5    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    3.69.18.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-18-113.eu-central-1.compute.amazonaws.com
d.agkn.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    85.114.159.118 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.195.142.87 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-142-87.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a05:d018:d29:3605:baeb:931e:26a0:842 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2a05:d01c:1d8:8101:1c5f:4441:3961:92ce (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
2    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
Apex Domain
Subdomains		 Transfer
54 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
521 KB
41 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
270 KB
25 gstatic.com
www.gstatic.com
fonts.gstatic.com
320 KB
11 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
www.googleadservices.com — Cisco Umbrella Rank: 153
612 B
11 xtremedownloadmanager.com
xtremedownloadmanager.com
309 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
8 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
353 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
149 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
248 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
653 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 2090
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
r.turn.com — Cisco Umbrella Rank: 4738
869 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
677 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
297 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1584
494 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 648
725 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
2 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
207 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
796 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
315 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8325
557 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
613 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 2075
297 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
761 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
146 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
590 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
586 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 914
98 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 796
732 B
1 github.blog
github.blog — Cisco Umbrella Rank: 91169
7 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
2 KB
179 34
Domain Requested by
33 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
21 googleads.g.doubleclick.net 5 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
21 pagead2.googlesyndication.com xtremedownloadmanager.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
20 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
20 www.gstatic.com googleads.g.doubleclick.net
11 xtremedownloadmanager.com 1 redirects xtremedownloadmanager.com
10 www.googleadservices.com googleads.g.doubleclick.net
9 www.google.com 4 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
7 fonts.googleapis.com googleads.g.doubleclick.net
6 www.googletagservices.com googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
4 platform.twitter.com xtremedownloadmanager.com
platform.twitter.com
3 c1.adform.net 3 redirects
3 www.googletagmanager.com xtremedownloadmanager.com
www.googletagmanager.com
2 d5p.de17a.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 onetag-sys.com 2 redirects
2 match.adsrvr.org googleads.g.doubleclick.net
2 sync.teads.tv 1 redirects
2 dis.criteo.com googleads.g.doubleclick.net
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 pm.w55c.net 2 redirects
2 dclk-match.dotomi.com googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 syndication.twitter.com platform.twitter.com
xtremedownloadmanager.com
2 region1.google-analytics.com www.googletagmanager.com
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 r.turn.com
1 ad.turn.com 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 x.bidswitch.net googleads.g.doubleclick.net
1 sync-tm.everesttech.net 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 id.rlcdn.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 s.tribalfusion.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 github.blog xtremedownloadmanager.com
1 www.facebook.com xtremedownloadmanager.com
179 41

This site contains links to these domains. Also see Links.

Domain
github.com
www.microsoft.com
sourceforge.net
xdman.sourceforge.net
Subject Issuer Validity Valid
xtremedownloadmanager.com
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-26 -
2023-10-24		 3 months crt.sh
github.blog
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.innovid.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-04-14		 a year crt.sh

This page contains 29 frames:

Primary Page: https://xtremedownloadmanager.com/
Frame ID: 4ECD09E3B1CF5B9F266A4760E431B322
Requests: 27 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fdevelopers.facebook.com%2Fdocs%2Fplugins%2F&width=122&layout=button&action=like&size=large&show_faces=true&share=true&height=65&appId
Frame ID: AC001B4BE7D1077AAAD43FC7666A3304
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fxtremedownloadmanager.com
Frame ID: FD5E519761BA31350F3C6B61E205E98E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 63109CFE2A3EB181DBD119C34478703D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Frame ID: E66C23B0C1F9599BE1748A1EA3FF2B8D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&adk=1812271804&adf=3025194257&lmt=1689009923&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550590751&bpp=3&bdt=480&idt=283&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6367588460782&frm=20&pv=2&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303
Frame ID: 3C262A777B0F72416FAFD05AE985B22D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Frame ID: EF0961C1536465DE0C1D23E08824BDCC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Frame ID: 8F759616CAA3B2D7F848D2C9E4461F95
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Frame ID: 13819114FCEAE3CAF4FCFEBB57DD51EE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Frame ID: 4205A3FB84716E4DFF720ED720862CE1
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0C7030A27A6E11FAD2A06351100C2687
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 479CD00B96F7A3C04652CA0BBD06F16F
Requests: 14 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Frame ID: 69C8F98E13AD20A69CAC32A7C7678455
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D611AD59618B2659CA46188DCD1FBC81
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EEA94D407233439709D11D3D76B87686
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A18F6872071D7AF6C5575533EF633700
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 912248D451C40A1C060895A425E97426
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 30064F9AF67BEBA1667A984FAF1EC5AE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8128565B40C27495B9E5C9594E2010FD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 66B5E46C6D3F26096DDEC01043917ECC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D610AC30E0264FE59D543039BC4DCC19
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 79C74B4B792AAB10EDE6C13170AC60CF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BFB5B85AD8C4B121A47818111A8C7C5F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 737EAD32C4BA7D545CE572BC1C99B5EC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 930167720D11BE3D8C97B58EE735C246
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 474140E13EE56366808B47FDB4292F58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B32FFB0585061D9FA1C54AD614A3D954
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5920764F0D302FCB6D9C5457750C55F2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 6A75BF5F2C7CF456193ADF4F0F1CDFA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xtreme Download Manager | XDMAN | XDM Home

Page URL History Show full URLs

  1. http://xtremedownloadmanager.com/ HTTP 301
    https://xtremedownloadmanager.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

179
Requests

88 %
HTTPS

49 %
IPv6

34
Domains

41
Subdomains

29
IPs

8
Countries

2190 kB
Transfer

5867 kB
Size

35
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xtremedownloadmanager.com/ HTTP 301
    https://xtremedownloadmanager.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C_v1R_5AuZfrRBeOp1fAPiLSbiAfK-oDvcueDnPTSELbcutSyKhABIL-mzoQBYJWCgICwB6AB_9uKyAPIAQGoAwHIA8sEqgTdAU_Qt6OYmulekyTSE9vg5oRSUGdr-hyif-N8VfDcI-BGLagmTvWCZQi0T8kkVDFhgNPphqTl9257VPn3DLGjarDln9yIAqVVyzgowfVwKm_r4XU6yytXS9BkeY469j-whU-cYdlhlWRBl6HxvHGA34EE0xgLdQhKZ913HqVm-Q8xuf8bQnEHsczL1Pai09Hv3AQ-cr3BKwVNzTmW1GkO034X7LHFJkm7HGcBhAlRQeKB2ZcGUCMH__tRS7bXhnFvW1rKk2TObjoisWsZfCkoL0VT9RBcqCcg0TyNo85XwATxodOvuQOIBdjA_L8skgUECAQYAZIFBAgFGASAB_DurKICqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQ4KulAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCZcBaHR0cHM6Ly93d3cuZ3JhbW1hcmx5LmNvbS9hP3V0bV9tZWRpdW09Y3BjJnV0bV9zb3VyY2U9Z2RuJnV0bV9jYW1wYWlnbj0xMTk0NTMyMDUzNiZ1dG1fY29udGVudD02Mjk5MDUzNDE4MjUmdXRtX3Rlcm09eHRyZW1lZG93bmxvYWRtYW5hZ2VyLmNvbSZkZXZpY2U9Y4AKAcgLAdgTC4gUAtAVAYAXAbIXHAoaCAASFHB1Yi0zNTMyMDY2MzMyMzQ0NTU0GAA&sigh=QxaITIDR6ZY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNo_VSO2UD8r4Ob2jPZ4HvKLF248jzAYyUhWn3J9DFFq8eJP7O6ywo75kcJ2BT2k-3s5MaNI2o7HlaxpX1XUfQr_dCWzktZaMYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211771717827740211615%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22874991160117279649%22}&andc=true
Request Chain 67
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 87
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENDMrKteAdR_R7QjRz4j_7I&google_cver=1&google_push=AXcoOmSnxhtVawh_YDWEIa-TMQKxlnWNrrDcfSJwL3H5vFPSuEe_EE3pMMrnHO4MjbqGBu3Xfym7jsdlsX7J80gGu34Wki28q19runIk6eCmDQ6c_OMYkk3xU3AFb0hHFe-7FFREb3Fpm_vWDisLGTZI5QETYw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENDMrKteAdR_R7QjRz4j_7I&google_cver=1&google_push=AXcoOmSnxhtVawh_YDWEIa-TMQKxlnWNrrDcfSJwL3H5vFPSuEe_EE3pMMrnHO4MjbqGBu3Xfym7jsdlsX7J80gGu34Wki28q19runIk6eCmDQ6c_OMYkk3xU3AFb0hHFe-7FFREb3Fpm_vWDisLGTZI5QETYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cDZ2RmlBY00xUVNLc2g1&google_gid=CAESENDMrKteAdR_R7QjRz4j_7I&google_cver=1&google_push=AXcoOmSnxhtVawh_YDWEIa-TMQKxlnWNrrDcfSJwL3H5vFPSuEe_EE3pMMrnHO4MjbqGBu3Xfym7jsdlsX7J80gGu34Wki28q19runIk6eCmDQ6c_OMYkk3xU3AFb0hHFe-7FFREb3Fpm_vWDisLGTZI5QETYw
Request Chain 88
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJVJGUfzProEBM-e38iFqvg&google_cver=1&google_push=AXcoOmSYYE3qAlQNOT6p6XntgD8O16mgpmWgHwgOu3b_XVbKOBazH24H9Z7k0aQAeHymCxXxAklLKly5bUc7qgWOZLFSo_herQLqXaKIUlJ9i-zIcSTLbJQuODhC50cO2KD6fMDv4go22YfCrFVvMFv2smUX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSYYE3qAlQNOT6p6XntgD8O16mgpmWgHwgOu3b_XVbKOBazH24H9Z7k0aQAeHymCxXxAklLKly5bUc7qgWOZLFSo_herQLqXaKIUlJ9i-zIcSTLbJQuODhC50cO2KD6fMDv4go22YfCrFVvMFv2smUX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJVJGUfzProEBM-e38iFqvg&google_cver=1&google_push=AXcoOmSYYE3qAlQNOT6p6XntgD8O16mgpmWgHwgOu3b_XVbKOBazH24H9Z7k0aQAeHymCxXxAklLKly5bUc7qgWOZLFSo_herQLqXaKIUlJ9i-zIcSTLbJQuODhC50cO2KD6fMDv4go22YfCrFVvMFv2smUX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSYYE3qAlQNOT6p6XntgD8O16mgpmWgHwgOu3b_XVbKOBazH24H9Z7k0aQAeHymCxXxAklLKly5bUc7qgWOZLFSo_herQLqXaKIUlJ9i-zIcSTLbJQuODhC50cO2KD6fMDv4go22YfCrFVvMFv2smUX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 90
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN45M7iotzpVIYwI2b8xC_4&google_cver=1&google_push=AXcoOmSHUMHI5U2cpvrx-tWZ0esxaMRzvT96V-ZCfYPbGmTDRq_SVLm8BqVjjric1FerucAIe2KUnQgq3VGC38q5j6-mKGJNPhvG1EVr8gXT4JsPdCtpR4t8SCibkyk56n_zKMiP1BOeoGv60bgsiDdjHnkk HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN45M7iotzpVIYwI2b8xC_4&google_cver=1&google_push=AXcoOmSHUMHI5U2cpvrx-tWZ0esxaMRzvT96V-ZCfYPbGmTDRq_SVLm8BqVjjric1FerucAIe2KUnQgq3VGC38q5j6-mKGJNPhvG1EVr8gXT4JsPdCtpR4t8SCibkyk56n_zKMiP1BOeoGv60bgsiDdjHnkk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2NjE3MzQ1NTA4NzkwMDAwNg&google_push=AXcoOmSHUMHI5U2cpvrx-tWZ0esxaMRzvT96V-ZCfYPbGmTDRq_SVLm8BqVjjric1FerucAIe2KUnQgq3VGC38q5j6-mKGJNPhvG1EVr8gXT4JsPdCtpR4t8SCibkyk56n_zKMiP1BOeoGv60bgsiDdjHnkk
Request Chain 91
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECUbxBrZCr4znAxvyTpAAUs&google_cver=1&google_push=AXcoOmSu6JgH076T6hPfX9onQ-MMBksXcTAbA6IFeUtTH40gkFdqwA1LHkpebEDvUWBvQzQaDb7GNrGy9dTa3rR9RO58sdg67uLKWJ7ZrchW-Fy9S09B9crzdLnqyUP9UVYJulVwwpQQ83VgANaB1PHMdtzKcBg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSu6JgH076T6hPfX9onQ-MMBksXcTAbA6IFeUtTH40gkFdqwA1LHkpebEDvUWBvQzQaDb7GNrGy9dTa3rR9RO58sdg67uLKWJ7ZrchW-Fy9S09B9crzdLnqyUP9UVYJulVwwpQQ83VgANaB1PHMdtzKcBg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 96
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CcQSBAJEuZZLIJ7uFkPIPismT0A2AyPq2c_mhiYnYD9Kh2-KaMBABIL-mzoQBYJWCgICwB6AB8qSazSjIAQmoAwHIA8sEqgTsAU_QDpRCMAyMPYm4SMg4t57q2JROiOyTijp4_Xdtcp7H9BR2KMO2anoV0G_1f_2h_hd-OstIt9sYGyyfcBxiyVMl73Qz444koORTOoeEz0H8Z_qEY2XugO88a0APKjuU__D4emkeDTfaEKkn8sKefj1slPEpO9YG9J3FP951E1oOIjHkguONulq5Ve4RyycNTyWoJ7kS4SnEp70H-PHMHFQi5UhPNK0LIKUhZ6_Eh6fXeLvJIdM6xQjX3YzO-nUpx8K1gymH_ZWaSK250_5M39pIItIl5AhQ1o4V1v_wGMkeKWWt2l0Y-0xBlYv9wATIxvPjgASIBaX6w8hAkgUECAQYAZIFBAgFGASgBi6AB_Lc6qwDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ280D0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJiQFodHRwczovL2Nocm9tZS5nb29nbGUuY29tL3dlYnN0b3JlL2RldGFpbC9taWNyb3NvZnQtYmluZy1zZWFyY2gtd2l0L2ZiZ2NlZGphY21sYmdsZWRkbm9hY2JuaWpnbWlvbGVtP3V0bV9zb3VyY2U9YmdhZHMmdXRtX2NhbXBhaWduPXJ3ZGRkZYAKAcgLAbgT5APYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzUzMjA2NjMzMjM0NDU1NBgA&sigh=KWxDtKc1tpM&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNzUm6zJgruCIpN5TOtxy2p-HybnnsvRNoV2CBJDlBLyHB507kQTNV_LbcejnR7FMmKJvIgStmTRgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228742071266410296834%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218433744954849138865%22}&andc=true
Request Chain 110
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CtEcTAJEuZa3hI52s1fAPrISiuA2AyPq2c_mhiYnYD9Kh2-KaMBABIL-mzoQBYJWCgICwB6AB8qSazSjIAQGoAwHIA8sEqgTsAU_QJS09CNwiy97DM1IqAkRKHzxGVlG1sA2nGt2v5_OTY2iPWFwkXAY94XX1aslnLr1bx4ji-XeWBcsq2-oXWUDwrIXaWApjozE6ssowt9O705ypFz5GV6Q_Ybpa8_jKLoN3j1doHItteriNYgUJe2tHy-05gNtCUCr0koU_YFTLSy2_Z9k9vo5UY1tschM_7uOBl8MhYZaeXnMf4IYMZB2F7tI85nJpXMLm0Yjpl6TdBo9Op9SvrZo3gPRTKhS6yMvkOrvB29_yE23d0aU1jtDIWVltCqwP-EGJiL3zwEw1vI3sGUOILuwLiVvmwATIxvPjgASIBaX6w8hAkgUECAQYAZIFBAgFGASAB_Lc6qwDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQ_p6VBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCYkBaHR0cHM6Ly9jaHJvbWUuZ29vZ2xlLmNvbS93ZWJzdG9yZS9kZXRhaWwvbWljcm9zb2Z0LWJpbmctc2VhcmNoLXdpdC9mYmdjZWRqYWNtbGJnbGVkZG5vYWNibmlqZ21pb2xlbT91dG1fc291cmNlPWJnYWRzJnV0bV9jYW1wYWlnbj1yd2RkZGWACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzUzMjA2NjMzMjM0NDU1NBgA&sigh=fkmIWZyY_N0&uach_m=[UACH]&ase=2&cid=CAQSPADICaaNUPBVL7jbl2glWU2fjnOrUIGy8I12JX62NaE9X51kwdrwb3GO6S2nARCXrMYWjzc5CnOSWDIuBxgB&template_id=5001&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212582954954667964204%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210948004848321533617%22}&andc=true
Request Chain 114
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE0Z2AR0o1WLnQHgdXm4iOg&google_cver=1&google_push=AXcoOmSokUMiJsWL8JGzVwjoqdBMG4t5utwa0w6zegT6jRr3OeZ1Apb8BOXjsE21UmwCsQZ76leXjjT0MpVBbj_7rOOigwc6_wEY7_o HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSokUMiJsWL8JGzVwjoqdBMG4t5utwa0w6zegT6jRr3OeZ1Apb8BOXjsE21UmwCsQZ76leXjjT0MpVBbj_7rOOigwc6_wEY7_o&google_hm=4q4pZbEXJ_Cj4yb_RdTAvg
Request Chain 117
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEAxJlmuCGq1mkgEq2dWtPnU&google_cver=1&google_push=AXcoOmR-Tgt3yvrnuELrv6wB_Hwa8J85WDTOE4t-ZijOnlQcPEmYHdRloibbkTSsnu7HUqVKjT8NQidF0vcrOe5d9VolqUw7JYOvuBE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmR-Tgt3yvrnuELrv6wB_Hwa8J85WDTOE4t-ZijOnlQcPEmYHdRloibbkTSsnu7HUqVKjT8NQidF0vcrOe5d9VolqUw7JYOvuBE&google_hm=Q0FFU0VBeEpsbXVDR3ExbWtnRXEyZFd0UG5V
Request Chain 119
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAlI5aAnQZrxTOUuIyrQ5n0&google_cver=1&google_push=AXcoOmTWAoNsHcqCP1sKcq5iL-rjPTRiHkRy2AxOH9Kh8DJf_gMafSgsBsWlh7-L_j32R_0zTDf1Hx2CJUl7h3ajvcVBBooAU2wnjQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MDkyNDI4MDI1Njk4NTIyNw%3D%3D&google_push=AXcoOmTWAoNsHcqCP1sKcq5iL-rjPTRiHkRy2AxOH9Kh8DJf_gMafSgsBsWlh7-L_j32R_0zTDf1Hx2CJUl7h3ajvcVBBooAU2wnjQ
Request Chain 120
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECP9lFtZ7pomd5bF_6Krdfo&google_cver=1&google_push=AXcoOmQ2VBMDOfyw0inerGZuuf1y_-fpHB0w4mwNq_NftKRkI9PzqA7TWfWxI8Lj9h1soUOyJupBKkJ9T-yWo_mgqF_mqJhGvxjLOYg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ2VBMDOfyw0inerGZuuf1y_-fpHB0w4mwNq_NftKRkI9PzqA7TWfWxI8Lj9h1soUOyJupBKkJ9T-yWo_mgqF_mqJhGvxjLOYg
Request Chain 122
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 140
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHs1qRTsQ9cuD8aPNPH0o1I&google_cver=1&google_push=AXcoOmSmJZSEa9zbNEglt-pXNfnX7i1AJTPF8SZQcC_dbojRlvCzkWFl4K_Jb3d5qkoSG0QuvD-a9kmgYMBT9YJAJzdsxVfhXZ-WIuOgWbc33WHgtVrXmkIZrIxDmqeVovXU5ZKEXTmMMzcofGSabKVl01QRDg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHs1qRTsQ9cuD8aPNPH0o1I&google_push=AXcoOmSmJZSEa9zbNEglt-pXNfnX7i1AJTPF8SZQcC_dbojRlvCzkWFl4K_Jb3d5qkoSG0QuvD-a9kmgYMBT9YJAJzdsxVfhXZ-WIuOgWbc33WHgtVrXmkIZrIxDmqeVovXU5ZKEXTmMMzcofGSabKVl01QRDg
Request Chain 143
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENI_-Ut2b5CWnxqeDJU3HRk&google_cver=1&google_push=AXcoOmQl87bSfC6nBJqd7CGW0KBOINgYrHyQfBXzZK906LHv3OiM3fIyTFxq_zoRr8nYHFkLyPP_JHxLq-eYG0Jn-oxHG6GLk9GIqkWFZo9hvzkgQKObfTiAI6MTi81--l_ULFfRdMjMWeR8DhiVDc4sC6dSQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQl87bSfC6nBJqd7CGW0KBOINgYrHyQfBXzZK906LHv3OiM3fIyTFxq_zoRr8nYHFkLyPP_JHxLq-eYG0Jn-oxHG6GLk9GIqkWFZo9hvzkgQKObfTiAI6MTi81--l_ULFfRdMjMWeR8DhiVDc4sC6dSQQ&google_hm=eS0wS3VSSmFCRTJwRnhIN25BbGlaUlBxZWo5bWtDaXVpOX5B
Request Chain 144
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL3oXjTJV9dwtWZ0T9RiytE&google_cver=1&google_push=AXcoOmQg1FQbyJhDX1YhVTENVDbE1DTFhXuo4O1itdS6IoqKJrlHq97TWt9yVpXsT1VIQi3yZ5KNX06N3CCKu5VBjxhfGFZVRrjWmDWrLzoG5HSXreWK5ytMNaIveoI2hwsV4dXTIUlqA_tr0uvifeGhhoWVhQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2NjE3MzQ1NTA4NzkwMDAwNg&google_push=AXcoOmQg1FQbyJhDX1YhVTENVDbE1DTFhXuo4O1itdS6IoqKJrlHq97TWt9yVpXsT1VIQi3yZ5KNX06N3CCKu5VBjxhfGFZVRrjWmDWrLzoG5HSXreWK5ytMNaIveoI2hwsV4dXTIUlqA_tr0uvifeGhhoWVhQ
Request Chain 149
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 150
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CAkoFAJEuZb-iJ-KrkPIP842CwAmAyPq2c8miiYnYD9Kh2-KaMBABIL-mzoQBYJWCgICwB6AB8qSazSjIAQGoAwHIA8sEqgTmAU_Q3ZX8UQC-XvklnMlkauGq4OaEiSagiIJxHJC17y8vJQhfvM_-LxiPxFPH-opKOsATFwP2fWzMsUTZWA_HzgdDuhMcJ6JGxWmuOoRbflYZ5cOvfn4fUQc15tptNggcTubCpVcczl712dUTMIqpj0vNPs87ypspdH3hEudAKLqtdTl__u7x-L9hpIjFBWZ5dQm7F8_Dv0_F__fiVrdtuyGp7GvSlabquJV49GAWIrXnKwjgysFQQoRn8BH4v4mtIni9XXPhFvqHeJnRhp5De3VNBRDfd0hWD9e8y_I6fI21OVHJwPT4wATIxvPjgASIBaX6w8hAkgUECAQYAZIFBAgFGASAB_Lc6qwDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQluQE0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJqwFodHRwczovL2Nocm9tZS5nb29nbGUuY29tL3dlYnN0b3JlL2RldGFpbC9taWNyb3NvZnQtYmluZy1zZWFyY2gtd2l0L2ZiZ2NlZGphY21sYmdsZWRkbm9hY2JuaWpnbWlvbGVtP3V0bV9zb3VyY2U9YmdhZHMmdXRtX21lZGl1bT1nYSZ1dG1fY2FtcGFpZ249cndkZGRlJnV0bV9jb250ZW50PWdlbnJpYzOACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzUzMjA2NjMzMjM0NDU1NBgA&sigh=eAiIZZwIFu0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNxo7uukoB-fbvDShWRgZNuYkIkqcI8Pzn7xr959TznEJCcfiJIf6dvkc9mOnTWhvfv6Jyappb_BgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221113030764957145414%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222292509790997843809%22}&andc=true
Request Chain 170
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIfVyupSyfU-fVBCMOSK2DI&google_cver=1&google_push=AXcoOmQFLF-LKKLBOnkc1FAohZ0v8B70874W4c3QfOQPwjdvvqbwmNK5a39eEBnbsai4uD9baVlX-G8sgVHHqn8s971IOB65L7Ve1sU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc0ODMxODI0ODU5NDE4OTA0OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIfVyupSyfU-fVBCMOSK2DI&google_cver=1
Request Chain 171
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL61IFiVrqt0ZlMlsKNvhXo&google_cver=1&google_push=AXcoOmRVX8neaYjCgDLZnddbq55NauRkUGcjIZMT1ulpKIv4LF1jFBuoBYzGogoTujRCDaCMQs8tLZBJX8Kcrm-XQJXlTQVUdKGa3kE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRVX8neaYjCgDLZnddbq55NauRkUGcjIZMT1ulpKIv4LF1jFBuoBYzGogoTujRCDaCMQs8tLZBJX8Kcrm-XQJXlTQVUdKGa3kE&google_hm=xUXekP-wT7Sm4HY6moTUnhQ
Request Chain 172
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEbIOoa1wkk3Uw64qcN5nB0&google_cver=1&google_push=AXcoOmR9VWGoAZ_4vztuwqDyJUBdsK5DFNibR3iMEkCUWL9OD18m9m6idZwmczZIIzGT67cTRdgCqnfjZT1L35_zJ_oIvdQEN8tZjdI HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=rw_f6Pa2QZ0dUY70JD6Kdg&google_push=AXcoOmR9VWGoAZ_4vztuwqDyJUBdsK5DFNibR3iMEkCUWL9OD18m9m6idZwmczZIIzGT67cTRdgCqnfjZT1L35_zJ_oIvdQEN8tZjdI
Request Chain 173
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmReURkOaf6nHiYw_sscJUljK4sOwbK05p8l4LfEglrDRlD5WYhX2LqqorTGY5Bz9nJJl8DXUJOcEhwLXomK8GLPLC58C7mLKCs&google_gid=CAESEAMrkapxs48OCJFfVH5NsyM&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmReURkOaf6nHiYw_sscJUljK4sOwbK05p8l4LfEglrDRlD5WYhX2LqqorTGY5Bz9nJJl8DXUJOcEhwLXomK8GLPLC58C7mLKCs&google_gid=CAESEAMrkapxs48OCJFfVH5NsyM&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMTcxMzQ5NTQwMDAxNDcyODA1MjE3Mw%3D%3D&google_push=AXcoOmReURkOaf6nHiYw_sscJUljK4sOwbK05p8l4LfEglrDRlD5WYhX2LqqorTGY5Bz9nJJl8DXUJOcEhwLXomK8GLPLC58C7mLKCs
Request Chain 174
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEE_368p74s7jzjdke-Yu48w&google_cver=1&google_push=AXcoOmRQxuA2In1TxGTYOjr0YQanD-dsgwOCQ9zQrVkwkEdZQfhQMWd11pdIKuFR0rUpCiPrT-e2aiJU4g4rt5S7YqNsEwckFPlMgF4 HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEE_368p74s7jzjdke-Yu48w&google_cver=1&google_push=AXcoOmRQxuA2In1TxGTYOjr0YQanD-dsgwOCQ9zQrVkwkEdZQfhQMWd11pdIKuFR0rUpCiPrT-e2aiJU4g4rt5S7YqNsEwckFPlMgF4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRQxuA2In1TxGTYOjr0YQanD-dsgwOCQ9zQrVkwkEdZQfhQMWd11pdIKuFR0rUpCiPrT-e2aiJU4g4rt5S7YqNsEwckFPlMgF4
Request Chain 176
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEDJkb9GQOMVze4rq5y6nMk&google_cver=1&google_push=AXcoOmSdX1B_AWmyV-VAj58Xj-F9IYIf3M6iriamA37oiYy_N5iaIEix5QRHXhjmo7hOmofOrYi8x70etYzShvruEEbTgU4d2E9Nwy4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSdX1B_AWmyV-VAj58Xj-F9IYIf3M6iriamA37oiYy_N5iaIEix5QRHXhjmo7hOmofOrYi8x70etYzShvruEEbTgU4d2E9Nwy4
Request Chain 178
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 180
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CvXXhAJEuZbCBJJ2s1fAPrISiuA2AyPq2c8miiYnYD9Kh2-KaMBABIL-mzoQBYJWCgICwB6AB8qSazSjIAQGoAwHIA8sEqgTsAU_Q9bcD-A1U3dvifv36wQj5nn8tO9y1qGNGojwTrdES-LwzMfxi1h31KYNIikAvVk2MD_AEa9x2NsrdJH21vwekE2vGV28fyVhVIdC55obpvJmM7aON6vByo2IKdg8ZQaDMcTjJkgETDzFxM83WWaMcf9gzOf84vvhM4Rl01KWBU07Krfxq9m7M8KYxVFa05IFbGHV9toRvECiG6aB0aJblR2MpLrJghFQp86e8EvjQaB3LhjvMjdliL-NUpm5EitqYTNDAvM1_jA7bCRkfFk8Ci7mG4SVHqJW0ibcNGAkt5Lp0x9d7POgVbBNAwATIxvPjgASIBaX6w8hAkgUECAQYAZIFBAgFGASAB_Lc6qwDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQiqog0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJqwFodHRwczovL2Nocm9tZS5nb29nbGUuY29tL3dlYnN0b3JlL2RldGFpbC9taWNyb3NvZnQtYmluZy1zZWFyY2gtd2l0L2ZiZ2NlZGphY21sYmdsZWRkbm9hY2JuaWpnbWlvbGVtP3V0bV9zb3VyY2U9YmdhZHMmdXRtX21lZGl1bT1nYSZ1dG1fY2FtcGFpZ249cndkZGRlJnV0bV9jb250ZW50PWdlbnJpYzOACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzUzMjA2NjMzMjM0NDU1NBgA&sigh=1MzgF8nrPIU&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNQ0zypUQDuiiswt4jg0UoYK5R1uUogKOxVN_70Of3mMN_8L-M8Vg7ZcYh1y1CA0HBCMy_K0SqIxgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214916916994641962898%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214204575962301800145%22}&andc=true

179 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xtremedownloadmanager.com/
Redirect Chain
  • http://xtremedownloadmanager.com/
  • https://xtremedownloadmanager.com/
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
884da8e6af1811e388396179f0c70859f24771b715351428f4205f255d633e7f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
6674
content-type
text/html; charset=utf-8
date
Tue, 17 Oct 2023 13:49:50 GMT
etag
W/"64ac5b23-5aa7"
expires
Tue, 17 Oct 2023 13:36:53 GMT
last-modified
Mon, 10 Jul 2023 19:25:23 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
f4f1115b964856593158d8a64aa92c5614513b40
x-github-request-id
50BA:9445:10C0BF3:10F36FD:652E8B9D
x-proxy-cache
MISS
x-served-by
cache-cph2320028-CPH
x-timer
S1697550590.136840,VS0,VE110

Redirect headers

Accept-Ranges
bytes
Age
0
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 17 Oct 2023 13:49:50 GMT
Location
https://xtremedownloadmanager.com/
Server
GitHub.com
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Fastly-Request-ID
4bcbddc525ff711026c416009126f1dad4819da8
X-GitHub-Request-Id
5E46:458A:101EA53:1050EE1:652E90FD
X-Served-By
cache-cph2320039-CPH
X-Timer
S1697550590.916341,VS0,VE108
bootstrap.min.css
xtremedownloadmanager.com/bootstrap/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xtremedownloadmanager.com/bootstrap/css/bootstrap.min.css
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
bdfa985743023af398a84db5433f7b1b3fc58e5a
date
Tue, 17 Oct 2023 13:49:50 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
20089
x-served-by
cache-cph2320028-CPH
last-modified
Mon, 10 Jul 2023 19:25:23 GMT
server
GitHub.com
x-github-request-id
71A0:90A7:101CC54:1050882:652E88C6
x-timer
S1697550590.288235,VS0,VE110
etag
W/"64ac5b23-1d9ac"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 17 Oct 2023 13:24:50 GMT
bootstrap-theme.min.css
xtremedownloadmanager.com/bootstrap/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xtremedownloadmanager.com/bootstrap/css/bootstrap-theme.min.css
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
ca262572a8a9780862873549dac551437c26e2b1
date
Tue, 17 Oct 2023 13:49:50 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
2853
x-served-by
cache-cph2320028-CPH
last-modified
Mon, 10 Jul 2023 19:25:23 GMT
server
GitHub.com
x-github-request-id
EBD4:CD15:36D0A8:379744:652DE6E2
x-timer
S1697550590.288739,VS0,VE105
etag
W/"64ac5b23-5b71"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Tue, 17 Oct 2023 01:54:05 GMT
jquery.js
xtremedownloadmanager.com/jquery/ 		242 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xtremedownloadmanager.com/jquery/jquery.js
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
e18f9f24da2acb00d42ff9fdb9739a539b35f400
date
Tue, 17 Oct 2023 13:49:50 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
74820
x-served-by
cache-cph2320028-CPH
last-modified
Mon, 10 Jul 2023 19:25:23 GMT
server
GitHub.com
x-github-request-id
EED8:E72B:102DFAF:1060E00:652E88C9
x-timer
S1697550590.289172,VS0,VE104
etag
W/"64ac5b23-3c72d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Tue, 17 Oct 2023 13:24:50 GMT
bootstrap.min.js
xtremedownloadmanager.com/bootstrap/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xtremedownloadmanager.com/bootstrap/js/bootstrap.min.js
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
0d303133f5e83f853f79a996bd831c74ed84c095
date
Tue, 17 Oct 2023 13:49:50 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
9856
x-served-by
cache-cph2320028-CPH
last-modified
Mon, 10 Jul 2023 19:25:23 GMT
server
GitHub.com
x-github-request-id
CE48:B5F9:107A4E5:10AE218:652E88CA
x-timer
S1697550590.289195,VS0,VE107
etag
W/"64ac5b23-9004"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Tue, 17 Oct 2023 13:24:50 GMT
js
www.googletagmanager.com/gtag/ 		237 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KWNQZP27ZE
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7aebdf2a7ea88649a8b1df1d68e124784367068206045fd5d60adf64ed573737
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84252
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 13:49:50 GMT
js
www.googletagmanager.com/gtag/ 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LPEMF0VGC2
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
762b7b7ed82d11e77b3a488f9a18dacdaea006c56f7fbc5c5a5b910dbdd45a6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84253
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 13:49:50 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abc6d2eab029a6541dda84274cf909d6a811cc6023e147e4fc91c8776344825b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51155
x-xss-protection
0
server
cafe
etag
3864195000452385562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:49:50 GMT
img.jpg
xtremedownloadmanager.com/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtremedownloadmanager.com/img.jpg
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
af1bbacd5c89e24dc274f430ddbd71cfad5d39c46987a3e0d95d60cc9b8336a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
b66475ca87f47e840c75f61ce98f338a0e6dbfa1
date
Tue, 17 Oct 2023 13:49:50 GMT
via
1.1 varnish
expires
Tue, 17 Oct 2023 13:24:50 GMT
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
58083
x-served-by
cache-cph2320028-CPH
last-modified
Mon, 10 Jul 2023 19:25:23 GMT
server
GitHub.com
x-github-request-id
AF0C:309C:1082950:10B583E:652E88C9
x-timer
S1697550590.289160,VS0,VE109
etag
"64ac5b23-e2e3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1
link2.png
xtremedownloadmanager.com/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtremedownloadmanager.com/link2.png
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
a22ca4edf7f974d38acbd09bf7c658ec79bab1c85297e955540901b59a0d0f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
b7945f99f2f062a938b040eccce2440b0a54dae2
date
Tue, 17 Oct 2023 13:49:50 GMT
via
1.1 varnish
expires
Tue, 17 Oct 2023 01:54:05 GMT
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
33878
x-served-by
cache-cph2320028-CPH
last-modified
Mon, 10 Jul 2023 19:25:23 GMT
server
GitHub.com
x-github-request-id
DEB2:E72B:360AE7:36D4BF:652DE6E5
x-timer
S1697550590.289260,VS0,VE114
etag
"64ac5b23-8456"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1
link8.png
xtremedownloadmanager.com/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtremedownloadmanager.com/link8.png
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
1fc1982a130aeee0682e533212b5b6c6d4e76a66b4d7226c6e266fb98ee8c37c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
9ab71650cb2a9a353fc6fd94c1b798f0331ea023
date
Tue, 17 Oct 2023 13:49:50 GMT
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
58982
x-served-by
cache-cph2320028-CPH
last-modified
Mon, 10 Jul 2023 19:25:23 GMT
server
GitHub.com
x-github-request-id
A5EA:CD15:36D0A8:379743:652DE6E4
x-timer
S1697550591.511202,VS0,VE111
etag
"64ac5b23-e666"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 17 Oct 2023 01:54:05 GMT
link9.png
xtremedownloadmanager.com/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xtremedownloadmanager.com/link9.png
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
4df4f2fea28f1d1b73a268fce8ed70d5c346a35792570b8f18e1095417dc4a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
b55db8d20b5fa7765766000cf6026099276540ba
date
Tue, 17 Oct 2023 13:49:50 GMT
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
29827
x-served-by
cache-cph2320028-CPH
last-modified
Mon, 10 Jul 2023 19:25:23 GMT
server
GitHub.com
x-github-request-id
83D0:E72B:360B02:36D4E3:652DE6DD
x-timer
S1697550591.515100,VS0,VE110
etag
"64ac5b23-7483"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 17 Oct 2023 01:54:05 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 13:49:50 GMT
Content-Encoding
gzip
Age
1309
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27598
Last-Modified
Mon, 09 Oct 2023 20:29:49 GMT
Server
ECS (frb/6796)
Etag
"391b7fdf0c468036f27102529636f0ca+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
like.php
www.facebook.com/plugins/ Frame AC00 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fdevelopers.facebook.com%2Fdocs%2Fplugins%2F&width=122&layout=button&action=like&size=large&show_faces=true&share=true&height=65&appId
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 17 Oct 2023 13:49:50 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
+f5Or4Z1RrZHZOfaFfnQMwJSc4DWEdn3g4P6RqJ2znwUWiszWFgCeu9UOdaZibm9yXUc6Me5dZ05/p7jEaLHqw==
x-xss-protection
0
glyphicons-halflings-regular.woff2
xtremedownloadmanager.com/bootstrap/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xtremedownloadmanager.com/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/bootstrap/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://xtremedownloadmanager.com/bootstrap/css/bootstrap.min.css
Origin
https://xtremedownloadmanager.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
0acc13e5bd1dcc308e606b440dd77af77ef9ca4b
date
Tue, 17 Oct 2023 13:49:50 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
18028
x-served-by
cache-cph2320028-CPH
last-modified
Mon, 10 Jul 2023 19:25:23 GMT
server
GitHub.com
x-github-request-id
71A0:90A7:101CD28:1050962:652E88CB
x-timer
S1697550591.519444,VS0,VE108
etag
"64ac5b23-466c"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 17 Oct 2023 13:24:51 GMT
forkme_left_orange_ff7600.png
github.blog/wp-content/uploads/2008/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://github.blog/wp-content/uploads/2008/12/forkme_left_orange_ff7600.png?resize=149%2C149
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
10319579e9eeb6653a30a3e358abd270057ebfc791195faac04c53b91381a13a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains;preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:50 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-rq
hhn2 109 88 443
last-modified
Mon, 03 Jul 2023 08:56:27 GMT
server
nginx
etag
"060b06290850834a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
6854
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame FD5E 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fxtremedownloadmanager.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
667034
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 13:49:50 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6796)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
js
www.googletagmanager.com/gtag/ 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KWNQZP27ZE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LPEMF0VGC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c95d0faa65646be3cd5a0b03bd0c1daefbeeb3665f1c368e9def3d27badd0a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84332
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 17 Oct 2023 13:49:50 GMT
collect
region1.google-analytics.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LPEMF0VGC2&gtm=45je3ab0&_p=1154571864&cid=66072763.1697550591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697550590&sct=1&seg=0&dl=https%3A%2F%2Fxtremedownloadmanager.com%2F&dt=Xtreme%20Download%20Manager%20%7C%20XDMAN%20%7C%20XDM%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LPEMF0VGC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xtremedownloadmanager.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KWNQZP27ZE&gtm=45je3ab0&_p=1154571864&cid=66072763.1697550591&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697550590&sct=1&seg=0&dl=https%3A%2F%2Fxtremedownloadmanager.com%2F&dt=Xtreme%20Download%20Manager%20%7C%20XDMAN%20%7C%20XDM%20Home&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KWNQZP27ZE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xtremedownloadmanager.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame FD5E 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=063155f375316ba0c95f305907f969bb28e2c906
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fxtremedownloadmanager.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
158
date
Tue, 17 Oct 2023 13:49:50 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 17 Oct 2023 13:49:50 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
bba3b55e2cce8f64
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
474eb0deff27fcd37fe0f3caa1ec13c2ef2dd8b2ae26537743424222fce1cb72
content-length
337
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/ 		394 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a3398be0c8a112fbae8131848b2506c2d4c77c9bcd354bc4c5257e4fec4e741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136744
x-xss-protection
0
server
cafe
etag
5741354299286502147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:49:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 6310 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3215
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 12:56:15 GMT
etag
2603938475786422795
expires
Tue, 31 Oct 2023 12:56:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
button.13c48d2966337fafa1c1eb5533fdf29d.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.13c48d2966337fafa1c1eb5533fdf29d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Tue, 17 Oct 2023 13:49:50 GMT
Content-Encoding
gzip
Age
667038
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2617
Last-Modified
Mon, 09 Oct 2023 20:29:15 GMT
Server
ECS (frb/6796)
Etag
"def6f3052007521ae22a38b870dfd318+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
follow_button.d37472b4a6622d0b1fff46ad904f6896.en.html
platform.twitter.com/widgets/ Frame E66C 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
94c0a4ba5b1ff9b8156f2488a599c030fb197585a94a1a3053f9054bbb2a0974

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
667028
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13969
Content-Type
text/html; charset=utf-8
Date
Tue, 17 Oct 2023 13:49:51 GMT
Etag
"ffd6a24763e0df7e3253134648ac324f+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:15 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6796)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fxtremedownloadmanager.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1697550591015%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=063155f375316ba0c95f305907f969bb28e2c906
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
157
date
Tue, 17 Oct 2023 13:49:50 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 17 Oct 2023 13:49:51 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
2da2d67ae676d68e
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
474eb0deff27fcd37fe0f3caa1ec13c2ef2dd8b2ae26537743424222fce1cb72
content-length
43
cookie.js
partner.googleadservices.com/gampad/ 		417 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=xtremedownloadmanager.com&callback=_gfp_s_&client=ca-pub-3532066332344554
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e9d5fb62d9d9c9debc2e4d6e1a449b3643d85181abc100de980819cbd49bfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3C26 		374 KB
84 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&adk=1812271804&adf=3025194257&lmt=1689009923&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550590751&bpp=3&bdt=480&idt=283&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6367588460782&frm=20&pv=2&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
775b0261a5cf2c2bff3b3456510b1085f383778cded09c11a3476a335cf428c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
85839
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:52 GMT
expires
Tue, 17 Oct 2023 13:49:52 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: xtremedownloadmanager.com
URL: https://xtremedownloadmanager.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E66C 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93a92193403d3cfcccab5a3fb2a47d23b38263ee9e372bf3e593019ed2b9a797
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12200
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/ 		157 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/reactive_library_fy2021.js?bust=31078802
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40305b2806736f4399ebee2e023ac75e2000830f070be7cb7c413b3202fa5311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54894
x-xss-protection
0
server
cafe
etag
1032825444363022706
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:49:52 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EF09 		127 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fe9883169da3dfdcf3bfa9e5a269c97e4af5b92ef372744ca4e74f7269be24e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44787
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:53 GMT
expires
Tue, 17 Oct 2023 13:49:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8F75 		118 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35b8e6c2e56eb991b071af597256ee889b30bd8799884c1ca7576f05547afd63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41608
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:53 GMT
expires
Tue, 17 Oct 2023 13:49:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1381 		123 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
922bd1e823222b1d7c32741ffa86dd0814331f9f456769c59e77e41ea4ab2d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42037
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:53 GMT
expires
Tue, 17 Oct 2023 13:49:53 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4205 		125 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c48f4858ab5d2125e63fae97f06de30caac5f6518e1a95bc3425e8d0e4781cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43704
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:54 GMT
expires
Tue, 17 Oct 2023 13:49:54 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 0C70 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 10:26:49 GMT
etag
2603938475786422795
expires
Tue, 31 Oct 2023 10:26:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 479C 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 10:26:49 GMT
etag
2603938475786422795
expires
Tue, 31 Oct 2023 10:26:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3532066332344554&plah=xtremedownloadmanager.com&bust=31078802
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 17 Oct 2023 13:49:52 GMT
css2
fonts.googleapis.com/ Frame 0C70 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 13:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 13:03:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 13:49:52 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0C70 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 01:08:26 GMT
x-content-type-options
nosniff
age
477686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 11 Oct 2024 01:08:26 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0C70 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 23:08:01 GMT
x-content-type-options
nosniff
age
484911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 10 Oct 2024 23:08:01 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 0C70 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70edd2297ecb201306acff5be959f7251f0b8402706bd52e138b6663f2d40c4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:38:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
11457
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6575
x-xss-protection
0
server
cafe
etag
17858602555770451360
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Oct 2023 10:38:55 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 0C70 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
53507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8568
x-xss-protection
0
server
cafe
etag
3657364187347500438
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:58:05 GMT
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame 479C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 12:45:24 GMT
f9452dcf4f221a00d49f3197c484e17d.js
www.gstatic.com/mysidia/ Frame 479C 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4599
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:18:21 GMT
css
fonts.googleapis.com/ Frame 479C 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 13:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 13:06:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 13:49:52 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 479C 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53849
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:52:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 479C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
53890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:51:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 479C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
84121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 479C 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
54169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 479C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:49:52 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 479C 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:16:14 GMT
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame 69C8 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 12:45:24 GMT
df89abdecff295c4d82ff8e5ff90ccc1.js
www.gstatic.com/mysidia/ Frame 69C8 		143 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/df89abdecff295c4d82ff8e5ff90ccc1.js?tag=video_mra/web_interstitial_raspberry_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b00ea4567856f6610a1213e2bafc2fee432955fcd575594f6ec6bac54c98b0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53582
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 15 Jan 2024 03:09:30 GMT
css
fonts.googleapis.com/ Frame 69C8 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 13:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 13:11:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 13:49:52 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 69C8 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53849
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:52:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 69C8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
53890
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:51:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 69C8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
84121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 69C8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
54169
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69C8 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:49:52 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 69C8 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:16:14 GMT
64398191824271526
tpc.googlesyndication.com/simgad/ Frame 479C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/64398191824271526?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f826e4c233a39aea2e649a4f9b2da7386c629ace2278fa60e7abc219a8a59939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:30:08 GMT
x-content-type-options
nosniff
age
22784
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3058
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 21:24:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 16 Oct 2024 07:30:08 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D611 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1554
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EEA9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
129568
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Oct 2023 01:50:24 GMT
expires
Tue, 15 Oct 2024 01:50:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A18F 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
15922f653bbddb686a27dbc3652572f0d3c98eca3bd50921c481c11d018a82ec
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q4oDZrU_05sie68v_fVUEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xtremedownloadmanager.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Q4oDZrU_05sie68v_fVUEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:52 GMT
expires
Tue, 17 Oct 2023 13:49:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 479C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
289c8263dd9a9eb58bf2e205413dac40dfe2e58e8b60812eb1c2da77045b6822

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 479C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C_v1R_5AuZfrRBeOp1fAPiLSbiAfK-oDvcueDnPTSELbcutSyKhABIL-mzoQBYJWCgICwB6AB_9uKyAPIAQGoAwHIA8sEqgTdAU_Qt6OYmulekyTSE9vg5oRSUGdr-hyif-N8VfDcI-BGLag...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211771717827740211615%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211771717827740211615%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22874991160117279649%22}&andc=true
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"11771717827740211615","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"874991160117279649"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 17 Oct 2023 13:49:53 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 17 Oct 2023 13:49:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11771717827740211615","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"874991160117279649"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D611
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:52 GMT
expires
Tue, 17 Oct 2023 13:49:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:52 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame 9122 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
120756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame 3006 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
120756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame EEA9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 10:29:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
11994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 10:29:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A18F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=2440747694010542&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211771717827740211615%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22874991160117279649%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 13:49:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame EEA9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RcW0AQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
css
fonts.googleapis.com/ Frame 8F75 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 13:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 13:01:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 13:49:53 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 8F75 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53850
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:52:23 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/9732217700925381105/ Frame 8F75 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9732217700925381105/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b3e015e4a4c63cf75c482964d863e36ccbed181013870b49a74afe30f09864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:54:40 GMT
x-content-type-options
nosniff
age
604513
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19450
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 11:59:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 09 Oct 2024 13:54:40 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/9912758474830837888/ Frame 8F75 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9912758474830837888/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df1e0f8fbcddc6ca44b04512aedd7f3d292d9cd70570980bc05a16ee63a0a29d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:51:30 GMT
x-content-type-options
nosniff
age
511103
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1590
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 13:36:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Oct 2024 15:51:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 8F75 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
53891
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:51:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 8F75 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
84122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8128 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 18 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 8F75 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
54170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame 8F75 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSkrjC9Z6GrgpWlrroPAuAcN09V5vFEv07Bl42M41l551ptlhuAeELR0VlB3dT4yCKkTirdC5nFbigPFu94pwM4aZM3A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F75 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:49:53 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 8F75 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:16:14 GMT
dpixel
cms.quantserve.com/ Frame 8128 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENV56Mv1bNwVhHLPH5UhIcc&google_cver=1&google_push=AXcoOmTjIQwfRkJLcF2CHHjgbe6P8aqhDnnTe-xvlMTtCYyv-Xmj0zblwo2h6ZCE0AXWh_T9rYMalz5Xrr0-iPKTwMMUKqxPEESgyNcdtUJbYJWcrpWb4R-psVKu0um0BjGt6EaJFXOh3xU1OfPey5Bk6O3y5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 8128 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOvMTz-cbMG_rkkQdRAuhC4&google_cver=1&google_push=AXcoOmTWDddLtqMhMmRgerkh4mnygjOjegsnHujRx1YIWm8lX_h1rwbzBF-rtv9HWMWw_Crz1VlbJNgBBG5jIYrItGe4BSlimzJzkVUSPMojVMG8Nsu9JJPeEMdXAJTi-L5rt-VLgbbccVcVY1LgdoH7_Q3-bA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 8128
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENDMrKteAdR_R7QjRz4j_7I&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENDMrKteAdR_R7QjRz4j_7I&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cDZ2RmlBY00xUVNLc2g1&google_gid=CAESENDMrKteAdR_R7QjRz4j_7I&google_cver=1&google_push=AXcoOmSnxhtVawh_YDWEIa-TMQKxlnWNrrDcfSJwL3H5vFP...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cDZ2RmlBY00xUVNLc2g1&google_gid=CAESENDMrKteAdR_R7QjRz4j_7I&google_cver=1&google_push=AXcoOmSnxhtVawh_YDWEIa-TMQKxlnWNrrDcfSJwL3H5vFPSuEe_EE3pMMrnHO4MjbqGBu3Xfym7jsdlsX7J80gGu34Wki28q19runIk6eCmDQ6c_OMYkk3xU3AFb0hHFe-7FFREb3Fpm_vWDisLGTZI5QETYw
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 13:49:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-038ad97d93033251e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cDZ2RmlBY00xUVNLc2g1&google_gid=CAESENDMrKteAdR_R7QjRz4j_7I&google_cver=1&google_push=AXcoOmSnxhtVawh_YDWEIa-TMQKxlnWNrrDcfSJwL3H5vFPSuEe_EE3pMMrnHO4MjbqGBu3Xfym7jsdlsX7J80gGu34Wki28q19runIk6eCmDQ6c_OMYkk3xU3AFb0hHFe-7FFREb3Fpm_vWDisLGTZI5QETYw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 8128
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJVJGUfzProEBM-e38iFqvg&google_cver=1&google_push=AXcoOmSYYE3qAlQNOT6p6XntgD8O16mgpmWgHwgOu3b_XVbKOBazH24H9Z7k0aQAeHymCxXxAklLKly5bUc7qgWOZLFSo_herQLqX...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJVJGUfzProEBM-e38iFqvg&google_cver=1&google_push=AXcoOmSYYE3qAlQNOT6p6XntgD8O16mgpmWgHwgOu3b_XVbKOBazH24H9Z7k0aQAeHymCxXxAklLKly5bUc7qgWOZLFSo_herQL...
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJVJGUfzProEBM-e38iFqvg&google_cver=1&google_push=AXcoOmSYYE3qAlQNOT6p6XntgD8O16mgpmWgHwgOu3b_XVbKOBazH24H9Z7k0aQAeHymCxXxAklLKly5bUc7qgWOZLFSo_herQLqXaKIUlJ9i-zIcSTLbJQuODhC50cO2KD6fMDv4go22YfCrFVvMFv2smUX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSYYE3qAlQNOT6p6XntgD8O16mgpmWgHwgOu3b_XVbKOBazH24H9Z7k0aQAeHymCxXxAklLKly5bUc7qgWOZLFSo_herQLqXaKIUlJ9i-zIcSTLbJQuODhC50cO2KD6fMDv4go22YfCrFVvMFv2smUX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
817901ea0f7690d4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
957
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJVJGUfzProEBM-e38iFqvg&google_cver=1&google_push=AXcoOmSYYE3qAlQNOT6p6XntgD8O16mgpmWgHwgOu3b_XVbKOBazH24H9Z7k0aQAeHymCxXxAklLKly5bUc7qgWOZLFSo_herQLqXaKIUlJ9i-zIcSTLbJQuODhC50cO2KD6fMDv4go22YfCrFVvMFv2smUX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSYYE3qAlQNOT6p6XntgD8O16mgpmWgHwgOu3b_XVbKOBazH24H9Z7k0aQAeHymCxXxAklLKly5bUc7qgWOZLFSo_herQLqXaKIUlJ9i-zIcSTLbJQuODhC50cO2KD6fMDv4go22YfCrFVvMFv2smUX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
817901e8ae1a90d4-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 8128 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR891AMOJyjv3I4ahMcvd-sMLjXLx1yhyIMzoSdi9sLbzU3n91XyNFH9qsN8WukuohRxJNOznvDLMzYc8cVbk7si7Di_E1MUyM-XQoaAjNjfoSTJdGaYXtGxhW5BB8IWI_XqQHXuxm1faDLIlWAxsEEow&google_gid=CAESEGTUUF1mcJiQW6zu0zLyLc0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
190788
expires
Tue, 17 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8128
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN45M7iotzpVIYwI2b8xC_4&google_cver=1&google_push=AXcoOmSHUMHI5U2cpvrx-tWZ0esxaMRzvT96V-ZCfYPbGmTDRq_SVLm8BqVjjric1FerucAIe2KUnQgq...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN45M7iotzpVIYwI2b8xC_4&google_cver=1&google_push=AXcoOmSHUMHI5U2cpvrx-tWZ0esxaMRzvT96V-ZCfYPbGmTDRq_SVLm8BqVjjric1FerucAIe2K...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2NjE3MzQ1NTA4NzkwMDAwNg&google_push=AXcoOmSHUMHI5U2cpvrx-tWZ0esxaMRzvT96V-ZCfYPbGmTDRq_SVLm8BqVjjric1FerucAIe2KUnQ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2NjE3MzQ1NTA4NzkwMDAwNg&google_push=AXcoOmSHUMHI5U2cpvrx-tWZ0esxaMRzvT96V-ZCfYPbGmTDRq_SVLm8BqVjjric1FerucAIe2KUnQgq3VGC38q5j6-mKGJNPhvG1EVr8gXT4JsPdCtpR4t8SCibkyk56n_zKMiP1BOeoGv60bgsiDdjHnkk
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2NjE3MzQ1NTA4NzkwMDAwNg&google_push=AXcoOmSHUMHI5U2cpvrx-tWZ0esxaMRzvT96V-ZCfYPbGmTDRq_SVLm8BqVjjric1FerucAIe2KUnQgq3VGC38q5j6-mKGJNPhvG1EVr8gXT4JsPdCtpR4t8SCibkyk56n_zKMiP1BOeoGv60bgsiDdjHnkk
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame 8128
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECUbxBrZCr4z...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSu6JgH076T6hPfX9onQ-MMBksXcTAbA6IFeUtTH40gkFdqwA1LHkpebEDvUWBvQzQaDb7GNrGy9dTa3rR9RO58sdg67uLKWJ7ZrchW-Fy9S09B9...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Tue, 17 Oct 2023 13:49:53 GMT
pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8128 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KnZcx0wE_1po-aRdrvDjydRk4b_u9Bo1VaerGhNkPaXr2FcJd42dHhBhMHfIqbR-ir351MyQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 8F75 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
493a8119a3a2a93d9a0174fe00b97785d3cf58bd5b0952879923eac8b09ba773

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F75 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 17:26:14 GMT
x-content-type-options
nosniff
age
591819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Oct 2024 17:26:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F75 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:12:51 GMT
x-content-type-options
nosniff
age
423422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 16:12:51 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 8F75
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CcQSBAJEuZZLIJ7uFkPIPismT0A2AyPq2c_mhiYnYD9Kh2-KaMBABIL-mzoQBYJWCgICwB6AB8qSazSjIAQmoAwHIA8sEqgTsAU_QDpRCMAyMPYm4SMg4t57q2JROiOyTijp4_Xdtcp7H9BR...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228742071266410296834%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228742071266410296834%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218433744954849138865%22}&andc=true
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8742071266410296834","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10899329650"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"18433744954849138865"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 17 Oct 2023 13:49:53 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 17 Oct 2023 13:49:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8742071266410296834","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10899329650"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"18433744954849138865"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame 66B5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=1495118685&pi=t.aa~a.2596424302~i.17~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=1&bdt=2252&idt=1&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4284&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=snbQFFz0TC&p=https%3A//xtremedownloadmanager.com&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
120757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228742071266410296834%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218433744954849138865%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 13:49:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame 1381 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 12:45:24 GMT
7bc0f8eff6a2a2fdaeb41b24f78f1c91.js
www.gstatic.com/mysidia/ Frame 1381 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7bc0f8eff6a2a2fdaeb41b24f78f1c91.js?tag=text/vanilla_highlight_ms_cta_adjustment
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e04377547f4f385424062100464bece701d3fc9dd19056f8b31a86d01d2bbfe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4742
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:19:11 GMT
css
fonts.googleapis.com/ Frame 1381 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 13:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:59:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 13:49:53 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 1381 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53850
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:52:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 1381 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
53891
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:51:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 1381 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
84122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 1381 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
54170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame 1381 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTovuGYp8Xanvlys-JYsof4jXaS3LGZZFN9V49LFShC1Ee-gB4rxZnw9zlTWCxESuN-yBm6OmPhCD3MG4lAtqW2A-ZeHw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1381 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:49:53 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 1381 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:16:14 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/9912758474830837888/ Frame 1381 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9912758474830837888/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df1e0f8fbcddc6ca44b04512aedd7f3d292d9cd70570980bc05a16ee63a0a29d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 15:51:30 GMT
x-content-type-options
nosniff
age
511103
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1590
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 13:36:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Oct 2024 15:51:30 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 1381
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CtEcTAJEuZa3hI52s1fAPrISiuA2AyPq2c_mhiYnYD9Kh2-KaMBABIL-mzoQBYJWCgICwB6AB8qSazSjIAQGoAwHIA8sEqgTsAU_QJS09CNwiy97DM1IqAkRKHzxGVlG1sA2nGt2v5_OTY2i...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212582954954667964204%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212582954954667964204%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210948004848321533617%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"12582954954667964204","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10899329650"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"10948004848321533617"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 17 Oct 2023 13:49:53 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 17 Oct 2023 13:49:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12582954954667964204","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10899329650"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"10948004848321533617"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame D610 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1555
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 79C7 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 18 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1381 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d3920f73eef51f4cea85c84c861339cd5fb63d49248be4524cf99387fad510a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 79C7
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE0Z2AR0o1WLnQHgdXm4iOg&google_cver=1&google_push=AXcoOmSokUMiJsWL8JGzVwjoqdBMG4t5utwa0w6zegT6jRr3OeZ1Apb8BO...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSokUMiJsWL8JGzVwjoqdBMG4t5utwa0w6zegT6jRr3OeZ1Apb8BOXjsE21UmwCsQZ76leXjjT0MpVBbj_7rOOigwc6_wEY7_o&google_hm=4q4pZbEXJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSokUMiJsWL8JGzVwjoqdBMG4t5utwa0w6zegT6jRr3OeZ1Apb8BOXjsE21UmwCsQZ76leXjjT0MpVBbj_7rOOigwc6_wEY7_o&google_hm=4q4pZbEXJ_Cj4yb_RdTAvg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSokUMiJsWL8JGzVwjoqdBMG4t5utwa0w6zegT6jRr3OeZ1Apb8BOXjsE21UmwCsQZ76leXjjT0MpVBbj_7rOOigwc6_wEY7_o&google_hm=4q4pZbEXJ_Cj4yb_RdTAvg
pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 79C7 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFB8sQXDVrUZpCivlLljmOY&google_cver=1&google_push=AXcoOmT6fo5vIvomCFH6H-fSW2cZ7XUwzE23CDT3Nrd3sIL7_vXzCp1fRmwQwXBIHkttS6QV6drOB-XDMbEtPGy_boUpJKbi7s-DVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 79C7 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELJJSLeqA2TtGIkWuwZ-bdU&google_cver=1&google_push=AXcoOmQ0hCdEYJWqVLu7TTfh_P5MZMxPPu9A47QCVIypJc0aLtfDBS9zbMsUmhTapi6sQPDTz2seIosAeNld-nyhQcf9Rzd5kdj5-Sk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 79C7
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEAxJlmuCGq1mkgEq2dWtPnU&google_cver=1&google_push=AXcoOmR-Tgt3yvrnuELrv6wB_Hwa8J85WDTOE4t-ZijOnlQcPEmYHdRloibbkTSsnu7HUqVKjT8NQidF0vcrOe5d9VolqUw7JYOvuBE
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmR-Tgt3yvrnuELrv6wB_Hwa8J85WDTOE4t-ZijOnlQcPEmYHdRloibbkTSsnu7HUqVKjT8NQidF0vcrOe5d9VolqUw7JYOvuBE&google_hm=Q0FFU0VBeEpsbXVDR3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmR-Tgt3yvrnuELrv6wB_Hwa8J85WDTOE4t-ZijOnlQcPEmYHdRloibbkTSsnu7HUqVKjT8NQidF0vcrOe5d9VolqUw7JYOvuBE&google_hm=Q0FFU0VBeEpsbXVDR3ExbWtnRXEyZFd0UG5V
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Oct 2023 13:49:53 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmR-Tgt3yvrnuELrv6wB_Hwa8J85WDTOE4t-ZijOnlQcPEmYHdRloibbkTSsnu7HUqVKjT8NQidF0vcrOe5d9VolqUw7JYOvuBE&google_hm=Q0FFU0VBeEpsbXVDR3ExbWtnRXEyZFd0UG5V
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 79C7 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQJG7XJseNbmkHdB-dAL6ZG4coaty11msQ2du-WtgffAREmk9Crs02bxcDQ5_gz7VFdPI8z1uA-QzB6cjkSRXeecMZFGchZbPo&google_gid=CAESED9s66ugPnuMUMv6HXWTQoc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 79C7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAlI5aAnQZrxTOUuIyrQ5n0&google_cver=1&google_push=AXcoOmTWAoNsHcqCP1sKcq5iL-rjPTRiHkRy2AxOH9Kh8DJf_gMafSgsBsWlh7-L_j32R_0zTDf1Hx2CJUl7h3...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MDkyNDI4MDI1Njk4NTIyNw%3D%3D&google_push=AXcoOmTWAoNsHcqCP1sKcq5iL-rjPTRiHkRy2AxOH9Kh8DJf_gMafSgsBsWlh7-L_j32R_0zTDf1Hx2CJUl7h3ajvc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MDkyNDI4MDI1Njk4NTIyNw%3D%3D&google_push=AXcoOmTWAoNsHcqCP1sKcq5iL-rjPTRiHkRy2AxOH9Kh8DJf_gMafSgsBsWlh7-L_j32R_0zTDf1Hx2CJUl7h3ajvcVBBooAU2wnjQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MDkyNDI4MDI1Njk4NTIyNw%3D%3D&google_push=AXcoOmTWAoNsHcqCP1sKcq5iL-rjPTRiHkRy2AxOH9Kh8DJf_gMafSgsBsWlh7-L_j32R_0zTDf1Hx2CJUl7h3ajvcVBBooAU2wnjQ
Date
Tue, 17 Oct 2023 13:49:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 79C7
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECP9lFtZ7pomd5bF_6Krdfo&google_cver=1&google_push=AXcoOmQ2VBMDOfyw0inerGZuuf1y_-fpHB0w4mwNq_NftKRkI9PzqA7TWfWxI8Lj9h1soUOyJupBKkJ9T-yW...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ2VBMDOfyw0inerGZuuf1y_-fpHB0w4mwNq_NftKRkI9PzqA7TWfWxI8Lj9h1soUOyJupBKkJ9T-yWo_mgqF_mqJhGvxjLOYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ2VBMDOfyw0inerGZuuf1y_-fpHB0w4mwNq_NftKRkI9PzqA7TWfWxI8Lj9h1soUOyJupBKkJ9T-yWo_mgqF_mqJhGvxjLOYg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ2VBMDOfyw0inerGZuuf1y_-fpHB0w4mwNq_NftKRkI9PzqA7TWfWxI8Lj9h1soUOyJupBKkJ9T-yWo_mgqF_mqJhGvxjLOYg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 79C7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQ3_6dpBFYHjuQvyOJ1DZY7yHMhY-qk3eR2awMLFYw4haVD5iFeGrYgQF5wG58WjygUGUs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame D610
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:53 GMT
expires
Tue, 17 Oct 2023 13:49:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:53 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame EF09 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 12:45:24 GMT
f9452dcf4f221a00d49f3197c484e17d.js
www.gstatic.com/mysidia/ Frame EF09 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4599
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:18:21 GMT
css
fonts.googleapis.com/ Frame EF09 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 13:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 13:02:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 13:49:53 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212582954954667964204%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210948004848321533617%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 13:49:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1381 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 09:09:18 GMT
x-content-type-options
nosniff
age
16835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Oct 2024 09:09:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame EF09 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53850
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:52:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame EF09 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
53891
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:51:42 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BFB5 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1555
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame EF09 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
84122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 737E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 18 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame EF09 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
54170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame EF09 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIIiswQ_rSApof0WRh8WdRCErJfLWUVfUb0RsJNnD3fdhvAl5dQvXyW1LmF0H93G2cdtUNTMb62zXbKWYvZB6KY3076w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF09 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:49:53 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame EF09 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:16:14 GMT
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame 9301 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1418185256&adf=3198278716&pi=t.aa~a.3071576090~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=ip8VH6oQTi&p=https%3A//xtremedownloadmanager.com&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
120757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
truncated
/ Frame EF09 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d31ef5a29f8fe34540f568102f4d0b9550ba4a37bc67a7e2498cff4d54713e6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
i.match
a.tribalfusion.com/ Frame 737E 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESELuM4hlDl2zh54c65XSlrQg&google_cver=1&google_push=AXcoOmScVpnKf9XdcfINtG98QIgFnVyBaEBe3VoniSF76zbu3RiIMq2gAYdn960Ek8X8fiRZ1XZL2cFiy8je7gClWkynITSMBuG155p4JRq6Wbp57Q1xvxFBvzJau-1FSbdik3HlS6q15ycyWQCw6gNgpbYamg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmScVpnKf9XdcfINtG98QIgFnVyBaEBe3VoniSF76zbu3RiIMq2gAYdn960Ek8X8fiRZ1XZL2cFiy8je7gClWkynITSMBuG155p4JRq6Wbp57Q1xvxFBvzJau-1FSbdik3HlS6q15ycyWQCw6gNgpbYamg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
817901eae83c90d4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 737E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHs1qRTsQ9cuD8aPNPH0o1I&google_push=AXcoOmSmJZSEa9zbNEglt-pXNfnX7i1AJTPF8SZQcC_dbojRlvCzkWFl4K...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHs1qRTsQ9cuD8aPNPH0o1I&google_push=AXcoOmSmJZSEa9zbNEglt-pXNfnX7i1AJTPF8SZQcC_dbojRlvCzkWFl4K_Jb3d5qkoSG0QuvD-a9kmgYMBT9YJAJzdsxVfhXZ-WIuOgWbc33WHgtVrXmkIZrIxDmqeVovXU5ZKEXTmMMzcofGSabKVl01QRDg
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230116-FRA
pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1697550594.814939,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHs1qRTsQ9cuD8aPNPH0o1I&google_push=AXcoOmSmJZSEa9zbNEglt-pXNfnX7i1AJTPF8SZQcC_dbojRlvCzkWFl4K_Jb3d5qkoSG0QuvD-a9kmgYMBT9YJAJzdsxVfhXZ-WIuOgWbc33WHgtVrXmkIZrIxDmqeVovXU5ZKEXTmMMzcofGSabKVl01QRDg
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 737E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPHifXWLcEefU0CJTN6sluQ&google_cver=1&google_push=AXcoOmSv0lp0neP9XfVsIWraQazwG-oW5GU-mR4sW_CMTYnJdjtUDpZybWDwJfC-isMvNpEFk-KtrXQbBzrMwcPRBq93QHpL2Nk3HHlsOHiFy91jmq0pX6ggxT8AJA3Rdj8klnjYRtOBfGReNymS8URSrxFtUw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 737E 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEK3BNjlNkBZFSC9WbIOF52s&google_cver=1&google_push=AXcoOmSngZFHM-6FQsXh29T_p8kHCZgYWbpBXo1cLUA6H8BKlqnGH2vm1hG7I2XKPackRv4OKZrmzIJFPxlF-UPfGO0TLnkZUuve3ntNb1wpLB9BXGd0iPDE6UHLcvqevcAu2_FpTtYKdMiBPnppKifoDHXAbQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.142.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-142-87.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 737E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENI_-Ut2b5CWnxqeDJU3HRk&google_cver=1&google_push=AXcoOmQl87bSfC6nBJqd7CGW0KBOINgYrHyQfBXzZK906LHv3OiM3fIyTFxq_zoRr8nYHFkLyPP_JHxLq-eYG0Jn-oxHG6G...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQl87bSfC6nBJqd7CGW0KBOINgYrHyQfBXzZK906LHv3OiM3fIyTFxq_zoRr8nYHFkLyPP_JHxLq-eYG0Jn-oxHG6GLk9GIqkWFZo9hvzkgQKObfTiAI6MTi81--l_UL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQl87bSfC6nBJqd7CGW0KBOINgYrHyQfBXzZK906LHv3OiM3fIyTFxq_zoRr8nYHFkLyPP_JHxLq-eYG0Jn-oxHG6GLk9GIqkWFZo9hvzkgQKObfTiAI6MTi81--l_ULFfRdMjMWeR8DhiVDc4sC6dSQQ&google_hm=eS0wS3VSSmFCRTJwRnhIN25BbGlaUlBxZWo5bWtDaXVpOX5B
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 Oct 2023 13:49:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQl87bSfC6nBJqd7CGW0KBOINgYrHyQfBXzZK906LHv3OiM3fIyTFxq_zoRr8nYHFkLyPP_JHxLq-eYG0Jn-oxHG6GLk9GIqkWFZo9hvzkgQKObfTiAI6MTi81--l_ULFfRdMjMWeR8DhiVDc4sC6dSQQ&google_hm=eS0wS3VSSmFCRTJwRnhIN25BbGlaUlBxZWo5bWtDaXVpOX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 737E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL3oXjTJV9dwtWZ0T9RiytE&google_cver=1&google_push=AXcoOmQg1FQbyJhDX1YhVTENVDbE1DTFhXuo4O1itdS6IoqKJrlHq97TWt9yVpXsT1VIQi3yZ5KNX06N...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2NjE3MzQ1NTA4NzkwMDAwNg&google_push=AXcoOmQg1FQbyJhDX1YhVTENVDbE1DTFhXuo4O1itdS6IoqKJrlHq97TWt9yVpXsT1VIQi3yZ5KNX0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2NjE3MzQ1NTA4NzkwMDAwNg&google_push=AXcoOmQg1FQbyJhDX1YhVTENVDbE1DTFhXuo4O1itdS6IoqKJrlHq97TWt9yVpXsT1VIQi3yZ5KNX06N3CCKu5VBjxhfGFZVRrjWmDWrLzoG5HSXreWK5ytMNaIveoI2hwsV4dXTIUlqA_tr0uvifeGhhoWVhQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA2NjE3MzQ1NTA4NzkwMDAwNg&google_push=AXcoOmQg1FQbyJhDX1YhVTENVDbE1DTFhXuo4O1itdS6IoqKJrlHq97TWt9yVpXsT1VIQi3yZ5KNX06N3CCKu5VBjxhfGFZVRrjWmDWrLzoG5HSXreWK5ytMNaIveoI2hwsV4dXTIUlqA_tr0uvifeGhhoWVhQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
trk
ag.innovid.com/ Frame 737E 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOIi8PmrH1ArApeqPXg7wmw&google_cver=1&google_push=AXcoOmROTij6wqAYZZdtwMeSX5g5OfcRlGI-TkqovKkpyHIoB0n63fKEvjSwD14jOvCiNUh75Uo3M-ZO0MQ9StuUZPRfraUSYZe9dx7_DVV-8YWJFOBPnoRgozdyMnC8aArpeEf6QuUZNpBkgi1bIF_9SXAB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:1c5f:4441:3961:92ce London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
cache-control
no-cache
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 737E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3vU9z1x5G0zOR4A2HK4UjDirLirf_B-n7G6JE1Iweew15OtOSaRcddJsf6C4D2x1Tz0Ew
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EF09 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 09:09:18 GMT
x-content-type-options
nosniff
age
16835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Oct 2024 09:09:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=2440747694010542&bg=!IyClIG_NAAbFpEfJ5aQ7ADQBe5WfOMbCC3p8K0HJzFVilkodIFNlfxLYWMHufCIjyRyhJQTlZ1aqKIulLzrb1RvwTtW5AgAAAH9SAAAAB2gBB5kC9OcWPiW-0Acj1y3AFOYmuP1UiWmH5hrOmQJVUa6zsyjZYrbMlaxnI0SnT78AqDTwAq_AVyuFrbB_bqOA_Nkf1z8y1uc-E7aLHavMs3UEGdAcWnDkSVaFaFe_CqY9N4EIyNvfuqYdOWhhtDT3fk03Ftjx6CjfS_iERBd1j-BImB0mUdzw85Uot8Q4r1KNYN5LOVdWzpUh371pzAjvovWAc065DsIEF3mprS-eTRf8DHpQRlMY49Cm8W3X4_fZfzjxVMAawW7PgZDZFNWm_eiOwVm2Rv84teWPWCq3M1rLqDNIsgU93ydgWUxQF4CBnPiHdbqEJTTWQYg9ZovASCTbUld5fYO9cTNuxJC1_2Oji7U4p7JT6CnFfIyp4wSzAsIg9DFoF8P0HOpHkul70Yutwm7ZKFhUVAI0pA7O45mSYD09GQr223jbCjnvN-9hLBfR-wXa0Hgd10wArqT0H3fpS3z1DIY55mxve6vfcDFBmYaDgLKibU5l4gNs1U8Iqx6bxtOFiw2PI8IjUlW9p7igzAibRTnsQp2tW-8injFbvgs-OsCdWEA0zqvJKp_0wIHxGiyt_HAOMsaDqc8pcvgpAbOZb3piVPic1AV-a_aiM9J-gyDaH01fkPH4djviHt6qEMJEGMTq_AyARvBM9t2aOvlnDjTUmYlTJNzWkaQvxPM0T0lHmfb0xdwUJ9zwU73uMZV-uWlisMCX9YDuHJ7KEZOIkr2ah5iwlJMWLIaj5LkhDDUQN1DJ87edbm_9yZ6PmkqdZ-6-mcGT3qK6UHB39y9wS_Krl01hlEyqXemmo9_xL-93Qms5a4KnVNWn1qJ2GaOzn8fxgJwndJ-z7KDPMbXjkO_GZGFV9ASRljBZc8hjn12LhjJFZgClPBKcMiN1Bvlh-qVqRZKLvcAVKLU47gHRpdXipLkG5OLq3CYj707nEfJF-ANws40rXi_FmrmVq045QvgLfqnw5_dr4Hspn2T20M6YaXgsAz9kHiclK7xLzoUdIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xtremedownloadmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame BFB5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:53 GMT
expires
Tue, 17 Oct 2023 13:49:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:53 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame EF09
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CAkoFAJEuZb-iJ-KrkPIP842CwAmAyPq2c8miiYnYD9Kh2-KaMBABIL-mzoQBYJWCgICwB6AB8qSazSjIAQGoAwHIA8sEqgTmAU_Q3ZX8UQC-XvklnMlkauGq4OaEiSagiIJxHJC17y8vJQh...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221113030764957145414%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221113030764957145414%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222292509790997843809%22}&andc=true
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:53 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1113030764957145414","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10899329650"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"2292509790997843809"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 17 Oct 2023 13:49:53 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 17 Oct 2023 13:49:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1113030764957145414","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10899329650"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"2292509790997843809"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame 4741 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=2723956906&adf=3722057857&pi=t.aa~a.2596424302~i.11~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4518177630&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rh=200&rw=1530&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592524&bpp=2&bdt=2252&idt=-M&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0&nras=2&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3864&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=kvXruXPRl8&p=https%3A//xtremedownloadmanager.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
120757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221113030764957145414%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222292509790997843809%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 13:49:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
88cf7d8f92971695aa333eeba8ca195d.js
www.gstatic.com/mysidia/ Frame 4205 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 12:45:24 GMT
f9452dcf4f221a00d49f3197c484e17d.js
www.gstatic.com/mysidia/ Frame 4205 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4599
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:18:21 GMT
a262df46fe0a0cd38c190fa2e10da9d0.js
www.gstatic.com/mysidia/ Frame 4205 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a262df46fe0a0cd38c190fa2e10da9d0.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eeeff557381f3f5978a067d71b9cfa41bc0e7805ab0a4211f07fa4cf591d32f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 12:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8045
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 12:45:30 GMT
css
fonts.googleapis.com/ Frame 4205 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 17 Oct 2023 13:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 13:02:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Oct 2023 13:49:54 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 4205 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
53851
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:52:23 GMT
b1061a67d76c681653b1020afc8e9f9b.js
www.gstatic.com/mysidia/ Frame 4205 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b1061a67d76c681653b1020afc8e9f9b.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff4cb575ec738d7eee32348a4c9116ac789d53037fdac28ee6a38ee90947e410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:55:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413635
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2230
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 01:21:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Jan 2024 18:55:59 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 4205 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:51:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
53892
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:51:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 4205 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:27:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
84123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 14:27:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 4205 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
54171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 22:47:03 GMT
l
www.google.com/ads/measurement/ Frame 4205 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgED0lHEJf-coO5UvHbCurr2BYzE9fICA_MLvXoztfbhUW2WLz1rwlcRQovjslp8e2WjTF9nO6xIUNmRnyQdJ-ozStQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4205 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 13:49:54 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame 4205 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:16:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 14 Jan 2024 21:16:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 479C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2oU7sts7Ddo5pGHQC0ipT4KQHRtdu-MF_ZXNArkxFGzy9BWWfBOE3g10DkWlNwSHUlClUIFZi38_6o0AKzxucOVhjgTOisIrtWGDUotQAlXcLxE7FpbNeqra_vFjlgXu5HRMqLFkSFu4V&sai=AMfl-YQUfQp313-Q47kqfqpsTkwCr6L0uHifrkkxuKsz0XhrxLhp1W_YOdHVHZEsn0n39JbHgDlePI--drycB-vxU4r2OdiiLvoTPG076-xyiKjcAQNZX798SbW0l9hJtB92sYt3kW9J8tSBx6rnuA&sig=Cg0ArKJSzBdR24rX88ZlEAE&cid=CAQSTADICaaNo_VSO2UD8r4Ob2jPZ4HvKLF248jzAYyUhWn3J9DFFq8eJP7O6ywo75kcJ2BT2k-3s5MaNI2o7HlaxpX1XUfQr_dCWzktZaMYAQ&id=lidar2&mcvt=1011&p=0,0,124,1005&mtos=137,821,1011,1153,1168&tos=137,684,190,142,15&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697550592629&rpt=234&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B32F 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:23:58 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5920 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Wed, 18 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4205 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df11ab58cbf1c193c15a91528f477c8f353ce70caa562e699120d029e4766e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4205 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 09:09:18 GMT
x-content-type-options
nosniff
age
16836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Oct 2024 09:09:18 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5920
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIfVyupSyfU-fVBCMOSK2DI&google_cver=1&google_push=AXcoOmQFLF-LKKLBOnkc1FAohZ0v8B70874W4c3QfOQPwjdvvqbwmNK5a39eEBnbsai4uD9baVlX-G8sgVHHqn8s971IOB65L7Ve1sU
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc0ODMxODI0ODU5NDE4OTA0OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIfVyupSyfU-fVBCMOSK2DI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIfVyupSyfU-fVBCMOSK2DI&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIfVyupSyfU-fVBCMOSK2DI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5920
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL61IFiVrqt0ZlMlsKNvhXo&google_cver=1&google_push=AXcoOmRVX8neaYjCgDLZnddbq55NauRkUGcjIZMT1ulpKIv4LF1jFBuoBYzGogoTujRCDaCMQs8tLZBJX8K...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRVX8neaYjCgDLZnddbq55NauRkUGcjIZMT1ulpKIv4LF1jFBuoBYzGogoTujRCDaCMQs8tLZBJX8Kcrm-XQJXlTQVUdKGa3kE&google_hm=xUXekP-wT7Sm4HY6m...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRVX8neaYjCgDLZnddbq55NauRkUGcjIZMT1ulpKIv4LF1jFBuoBYzGogoTujRCDaCMQs8tLZBJX8Kcrm-XQJXlTQVUdKGa3kE&google_hm=xUXekP-wT7Sm4HY6moTUnhQ
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRVX8neaYjCgDLZnddbq55NauRkUGcjIZMT1ulpKIv4LF1jFBuoBYzGogoTujRCDaCMQs8tLZBJX8Kcrm-XQJXlTQVUdKGa3kE&google_hm=xUXekP-wT7Sm4HY6moTUnhQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5920
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEbIOoa1wkk3Uw64qcN5nB0&google_cver=1&google_push=AXcoOmR9VWGoAZ_4vztuwqDyJUBdsK5DFNibR3iMEkCUWL9OD18m9m6idZwmczZIIzGT67cTRdgCqnfjZT1L35_z...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=rw_f6Pa2QZ0dUY70JD6Kdg&google_push=AXcoOmR9VWGoAZ_4vztuwqDyJUBdsK5DFNibR3iMEkCUWL9OD18m9m6idZwmczZIIzGT67cTRdgCqnfjZT1L35_zJ_oIvdQEN8tZjdI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=rw_f6Pa2QZ0dUY70JD6Kdg&google_push=AXcoOmR9VWGoAZ_4vztuwqDyJUBdsK5DFNibR3iMEkCUWL9OD18m9m6idZwmczZIIzGT67cTRdgCqnfjZT1L35_zJ_oIvdQEN8tZjdI
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 17 Oct 2023 13:49:54 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=rw_f6Pa2QZ0dUY70JD6Kdg&google_push=AXcoOmR9VWGoAZ_4vztuwqDyJUBdsK5DFNibR3iMEkCUWL9OD18m9m6idZwmczZIIzGT67cTRdgCqnfjZT1L35_zJ_oIvdQEN8tZjdI
x-host
tde-deliveryengine-production-7595df5684-bv8d5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5920
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmReURkO...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmReURkO...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMTcxMzQ5NTQwMDAxNDcyODA1MjE3Mw%3D%3D&google_push=AXcoOmReURkOaf6nHiYw_sscJUljK4sOwbK05p8l4LfEglrDRlD5WYhX2LqqorTGY5Bz9n...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMTcxMzQ5NTQwMDAxNDcyODA1MjE3Mw%3D%3D&google_push=AXcoOmReURkOaf6nHiYw_sscJUljK4sOwbK05p8l4LfEglrDRlD5WYhX2LqqorTGY5Bz9nJJl8DXUJOcEhwLXomK8GLPLC58C7mLKCs
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMTcxMzQ5NTQwMDAxNDcyODA1MjE3Mw%3D%3D&google_push=AXcoOmReURkOaf6nHiYw_sscJUljK4sOwbK05p8l4LfEglrDRlD5WYhX2LqqorTGY5Bz9nJJl8DXUJOcEhwLXomK8GLPLC58C7mLKCs
pragma
no-cache
date
Tue, 17 Oct 2023 13:49:54 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 17 Oct 2023 13:49:54 GMT
pixel
cm.g.doubleclick.net/ Frame 5920
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEE_368p74s7jzjdke-Yu48w&google_cver=1&google_push=AXcoOmRQxuA2In1TxGTYOjr0YQanD-dsgwOCQ9zQrVkwkEdZQfhQMWd11pdIKuFR0rUpCiPrT-e2aiJU4g4rt5S7YqNsEwc...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEE_368p74s7jzjdke-Yu48w&google_cver=1&google_push=AXcoOmRQxuA2In1TxGTYOjr0YQanD-dsgwOCQ9zQrVkwkEdZQfhQMWd11pdIKuFR0rUpCiPrT-e2aiJU4g4rt5S7YqNsE...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRQxuA2In1TxGTYOjr0YQanD-dsgwOCQ9zQrVkwkEdZQfhQMWd11pdIKuFR0rUpCiPrT-e2aiJU4g4rt5S7YqNsEwckFPlMgF4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRQxuA2In1TxGTYOjr0YQanD-dsgwOCQ9zQrVkwkEdZQfhQMWd11pdIKuFR0rUpCiPrT-e2aiJU4g4rt5S7YqNsEwckFPlMgF4
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRQxuA2In1TxGTYOjr0YQanD-dsgwOCQ9zQrVkwkEdZQfhQMWd11pdIKuFR0rUpCiPrT-e2aiJU4g4rt5S7YqNsEwckFPlMgF4
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 5920 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRgEBnZCOcnrY8XF3GiRB5ro5xaSS8Q43XCQWPXbvAVYfGqGgXaPvpUkRR_HTApCc8zQv70iBTlmsLrCEz3LyJf1sz9PvAqTDc&google_gid=CAESEJd98oxKYH8JRvin97BKP5E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:53 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
205224
expires
Tue, 17 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5920
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEDJkb9GQOMVze4rq5y6nMk&google_cver=1&google_push=AXcoOmSdX1B_AWmyV-VAj58Xj-F9IYIf3M6iriamA37oiYy_N5iaIEix5QRHXhjmo7hOmofOrYi8x70etYzS...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSdX1B_AWmyV-VAj58Xj-F9IYIf3M6iriamA37oiYy_N5iaIEix5QRHXhjmo7hOmofOrYi8x70etYzShvruEEbTgU4d2E9Nwy4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSdX1B_AWmyV-VAj58Xj-F9IYIf3M6iriamA37oiYy_N5iaIEix5QRHXhjmo7hOmofOrYi8x70etYzShvruEEbTgU4d2E9Nwy4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSdX1B_AWmyV-VAj58Xj-F9IYIf3M6iriamA37oiYy_N5iaIEix5QRHXhjmo7hOmofOrYi8x70etYzShvruEEbTgU4d2E9Nwy4
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 5920 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrC2e7H11_mRZlvVacvJ0jShvYb3H1Mpz_faE7tpruCIEdTvjuD7GGvRbfoDTiCIpf899Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame B32F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:54 GMT
expires
Tue, 17 Oct 2023 13:49:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 13:49:54 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4205 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoYCAEqFGJhbm5lci1sYXJnZS12YW5pbGxhCgoIAioGc2VydmVyCg0QKyEAAAAAAAAiQDAECg0QAyEAAABnZh6YQDAECg0QCiEAAAAAwJm5PzAECg0QDSEAAAAAgJm5PzAECg4QHioIMTIwMHgyODAwBAoOEBkqCDEyMDB4MjgwMAQKDRAOIQAAAADAmbk_MAQKDRAEIQAAAGdmIJhAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAACpAMAQKDRAFIQAAAM3MIJhAMAQKDRAQIQAAAACAfOVAMAQKDRARIQAAAADgy_NAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAJqZ15hAMAQSGkNMQ0J2ZUNjX1lFREZSMVdGUWdkTElJSTF3Ihl0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0X21zKBU=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a262df46fe0a0cd38c190fa2e10da9d0.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 4205
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CvXXhAJEuZbCBJJ2s1fAPrISiuA2AyPq2c8miiYnYD9Kh2-KaMBABIL-mzoQBYJWCgICwB6AB8qSazSjIAQGoAwHIA8sEqgTsAU_Q9bcD-A1U3dvifv36wQj5nn8tO9y1qGNGojwTrdES-Lw...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214916916994641962898%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214916916994641962898%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214204575962301800145%22}&andc=true
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 13:49:54 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"14916916994641962898","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10899329650"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"14204575962301800145"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 17 Oct 2023 13:49:54 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 17 Oct 2023 13:49:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14916916994641962898","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10899329650"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"14204575962301800145"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
pagead2.googlesyndication.com/bg/ Frame 6A75 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3532066332344554&output=html&h=280&adk=1213588912&adf=1776016447&pi=t.aa~a.2711611007~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1689009923&rafmt=1&to=qs&pwprc=4518177630&format=1200x280&url=https%3A%2F%2Fxtremedownloadmanager.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550592550&bpp=1&bdt=2278&idt=0&shv=r20231011&mjsv=m202310120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbbb0ec80acddd145-2218ba6aebe200a4%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MbPwBi8ABbeMblhU6SO7r7w-SJ_jA&gpic=UID%3D00000c9b6cce485f%3AT%3D1697550591%3ART%3D1697550591%3AS%3DALNI_MYvn4DExIlLloqqtNTEHUIMgcSNiQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=6367588460782&frm=20&pv=1&ga_vid=66072763.1697550591&ga_sid=1697550591&ga_hid=1154571864&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44805112%2C44805680%2C31078802%2C44803793&oid=2&pvsid=2440747694010542&tmod=819695796&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=UrQT2zDD40&p=https%3A//xtremedownloadmanager.com&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 04:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
120758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14709
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 04:17:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4205 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoYCAEqFGJhbm5lci1sYXJnZS12YW5pbGxhCgoIAioGc2VydmVyCg0QFCEAAAAA0H70QDAECg0QFSEAAAAAAAAsQDAECg0QFiEAAAAAAAAYQDAECg0QGCEAAAAAAEiaQDAECg0QMiEAAAAAODPjPzAECg0QMyEAAAAAODPjPzAECg0QNCEAAAAAODPjPzAECg0QNSEAAAAAODPjPzAECg0QNiEAAAAAODPjPzAECg0QNyEAAAAAODPjPzAECg0QOCEAAAAAAAAAQDAECg0QOSEAAAAzM1OXQDAECg0QOiEAAADNzHaXQDAECg0QOyEAAAAAANKYQDAECg0QPCEAAAAAANKYQDAECg0QPSEAAACamdeYQDAECg0QPiEAAADNzCqaQDAECg0QPyEAAADNzCqaQDAECg0QQCEAAACamVGaQDAEEhpDTENCdmVDY19ZRURGUjFXRlFnZExJSUkxdyIZdGV4dC92YW5pbGxhX2hpZ2hsaWdodF9tcygV
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/a262df46fe0a0cd38c190fa2e10da9d0.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Oct 2023 13:49:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214916916994641962898%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210899329650%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214204575962301800145%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 17 Oct 2023 13:49:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| $ function| jQuery function| gtag object| dataLayer object| __twttrll object| twttr object| __twttr object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms object| googletag

35 Cookies

Domain/Path Name / Value
.xtremedownloadmanager.com/ Name: _ga_LPEMF0VGC2
Value: GS1.1.1697550590.1.0.1697550590.0.0.0
.xtremedownloadmanager.com/ Name: _ga
Value: GA1.1.66072763.1697550591
.xtremedownloadmanager.com/ Name: _ga_KWNQZP27ZE
Value: GS1.1.1697550590.1.0.1697550590.0.0.0
.xtremedownloadmanager.com/ Name: __gads
Value: ID=fa9bc5ea30fdd224:T=1697550591:RT=1697550591:S=ALNI_MbXaThWjTmkbES9LmryeCMS1v6czQ
.xtremedownloadmanager.com/ Name: __gpi
Value: UID=00000cbb1f18fd00:T=1697550591:RT=1697550591:S=ALNI_MaZ8WP-s_wAKTeRRXi7t6A0GoLZ4A
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.quantserve.com/ Name: d
Value: ECgBCQGaKoEA
.quantserve.com/ Name: mc
Value: 652e9101-5ebe7-85071-fe68a
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: p6vFiAcM1QSKsh5
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: uid
Value: 2066173455087900006
.adfarm1.adition.com/ Name: UserID1
Value: 7290924280256985227
.agkn.com/ Name: ab
Value: 0001%3AJQZ4nEi0YPe8Dj1e8ZX7jHXv3Ftonc%2FC
.agkn.com/ Name: u
Value: C|0CEAswU2BLMFNgQAAAAAAAQ13AQCAAQpAAAAAAA
.yahoo.com/ Name: A3
Value: d=AQABBAGRLmUCEOBUIZu9P5uL9SPE8l3ZfQoFEgEBAQHiL2U4ZQAAAAAA_eMAAA&S=AQAAAl8yy_dfV98kY5r2pq3Pd6I
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZS6RAQAVQz-jQQBV
.tribalfusion.com/ Name: ANON_ID
Value: avntuJtMPmFUTgUpySVoq8GMDM92iB77S1nMQjVBr63bUkcEXtytBZbWRxb6sOoPUZbfbEPAqlT53EIR2ErEHw3too
.innovid.com/ Name: uuid
Value: 2c6e560a-9d5a-4819-8efa-53f14240128f-20231017 09:49:53
.doubleclick.net/ Name: IDE
Value: AHWqTUlIMcD-ujhWnzACf22NGe1DO3g6rVyGCOfHzlwlvpBn0cBn8Mp40z7hYtlvmuE
.ctnsnet.com/ Name: cid_c545de90ffb04fb4a6e0763a9a84d49e
Value: 1
.ctnsnet.com/ Name: gid_CAESEL61IFiVrqt0ZlMlsKNvhXo
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22AF0FDFE8-F6B6-419D-1D51-8EF4243E8A76%22%7D
.turn.com/ Name: uid
Value: 7748318248594189049
.de17a.com/ Name: guid
Value: 1.1978104610047773746
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2023101713495400014728052173
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 652e910282c2ed7c
.addthis.com/ Name: ouid
Value: 652e910200019f0ae874711851fb3b1c3ec92cb5c2ed9f78d9cf
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20231017
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQJG7XJseNbmkHdB-dAL6ZG4coaty11msQ2du-WtgffAREmk9Crs02bxcDQ5_gz7VFdPI8z1uA-QzB6cjkSRXeecMZFGchZbPo&google_gid=CAESED9s66ugPnuMUMv6HXWTQoc&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
github.blog
googleads.g.doubleclick.net
id.rlcdn.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.google-analytics.com
s.tribalfusion.com
sync-tm.everesttech.net
sync.teads.tv
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xtremedownloadmanager.com
104.244.42.200
142.250.185.66
142.250.186.34
151.101.194.49
178.250.1.9
18.195.142.87
185.199.109.153
192.0.66.2
2.16.97.41
2.23.197.190
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.181
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:19ad
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2002
2a00:1450:4001:803::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2003
2a02:fa8:8806:13::1400
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3605:baeb:931e:26a0:842
2a05:d01c:1d8:8101:1c5f:4441:3961:92ce
3.120.0.219
3.69.18.113
35.186.193.173
35.190.0.66
35.244.174.68
37.157.5.132
51.38.120.206
52.223.40.198
85.114.159.118
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
0a3398be0c8a112fbae8131848b2506c2d4c77c9bcd354bc4c5257e4fec4e741
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10319579e9eeb6653a30a3e358abd270057ebfc791195faac04c53b91381a13a
15922f653bbddb686a27dbc3652572f0d3c98eca3bd50921c481c11d018a82ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc1982a130aeee0682e533212b5b6c6d4e76a66b4d7226c6e266fb98ee8c37c
289c8263dd9a9eb58bf2e205413dac40dfe2e58e8b60812eb1c2da77045b6822
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d3920f73eef51f4cea85c84c861339cd5fb63d49248be4524cf99387fad510a
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35b8e6c2e56eb991b071af597256ee889b30bd8799884c1ca7576f05547afd63
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c95d0faa65646be3cd5a0b03bd0c1daefbeeb3665f1c368e9def3d27badd0a4
40305b2806736f4399ebee2e023ac75e2000830f070be7cb7c413b3202fa5311
40b3e015e4a4c63cf75c482964d863e36ccbed181013870b49a74afe30f09864
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493a8119a3a2a93d9a0174fe00b97785d3cf58bd5b0952879923eac8b09ba773
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4df4f2fea28f1d1b73a268fce8ed70d5c346a35792570b8f18e1095417dc4a9c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e9d5fb62d9d9c9debc2e4d6e1a449b3643d85181abc100de980819cbd49bfdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
70edd2297ecb201306acff5be959f7251f0b8402706bd52e138b6663f2d40c4a
762b7b7ed82d11e77b3a488f9a18dacdaea006c56f7fbc5c5a5b910dbdd45a6d
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
775b0261a5cf2c2bff3b3456510b1085f383778cded09c11a3476a335cf428c7
7aebdf2a7ea88649a8b1df1d68e124784367068206045fd5d60adf64ed573737
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
7fe9883169da3dfdcf3bfa9e5a269c97e4af5b92ef372744ca4e74f7269be24e
884da8e6af1811e388396179f0c70859f24771b715351428f4205f255d633e7f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eeeff557381f3f5978a067d71b9cfa41bc0e7805ab0a4211f07fa4cf591d32f
922bd1e823222b1d7c32741ffa86dd0814331f9f456769c59e77e41ea4ab2d08
93a92193403d3cfcccab5a3fb2a47d23b38263ee9e372bf3e593019ed2b9a797
94c0a4ba5b1ff9b8156f2488a599c030fb197585a94a1a3053f9054bbb2a0974
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a22ca4edf7f974d38acbd09bf7c658ec79bab1c85297e955540901b59a0d0f77
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abc6d2eab029a6541dda84274cf909d6a811cc6023e147e4fc91c8776344825b
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af1bbacd5c89e24dc274f430ddbd71cfad5d39c46987a3e0d95d60cc9b8336a7
b00ea4567856f6610a1213e2bafc2fee432955fcd575594f6ec6bac54c98b0d0
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2215cce5830e2350b9d420271d9bd82340f664c3f60f0ea850f7e9c0392704e
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c48f4858ab5d2125e63fae97f06de30caac5f6518e1a95bc3425e8d0e4781cf7
d31ef5a29f8fe34540f568102f4d0b9550ba4a37bc67a7e2498cff4d54713e6b
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
df11ab58cbf1c193c15a91528f477c8f353ce70caa562e699120d029e4766e14
df1e0f8fbcddc6ca44b04512aedd7f3d292d9cd70570980bc05a16ee63a0a29d
e04377547f4f385424062100464bece701d3fc9dd19056f8b31a86d01d2bbfe6
e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f826e4c233a39aea2e649a4f9b2da7386c629ace2278fa60e7abc219a8a59939
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff4cb575ec738d7eee32348a4c9116ac789d53037fdac28ee6a38ee90947e410