downfile.site Open in urlscan Pro
151.139.128.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Submission: On December 27 via manual (December 27th 2021, 2:48:15 pm UTC) from VN — Scanned from DE

Summary HTTP 241 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 45 IPs in 8 countries across 45 domains to perform 241 HTTP transactions. The main IP is 151.139.128.10, located in United States and belongs to HIGHWINDS3, US. The main domain is downfile.site.
TLS certificate: Issued by GoGetSSL RSA DV CA on October 28th 2021. Valid for: a year.

This is the only time downfile.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
12	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.201.103.212 35.201.103.212	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
13	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	103.150.124.185 103.150.124.185	135987 (INDRA-REL...) (INDRA-RELOAD-AS-VN Reload Company Limited)
24	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
25	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:b200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 9	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4 4	18.198.121.250 18.198.121.250	16509 (AMAZON-02) (AMAZON-02)
1	34.149.60.21 34.149.60.21	15169 (GOOGLE) (GOOGLE)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	34.254.166.91 34.254.166.91	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:303... 2606:4700:3039::6815:c098	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:c759:eaa3:7bf2:5466	16509 (AMAZON-02) (AMAZON-02)
4 4	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
1 1	78.46.85.162 78.46.85.162	24940 (HETZNER-AS) (HETZNER-AS)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1 1	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
1	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
2	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1	143.204.98.127 143.204.98.127	16509 (AMAZON-02) (AMAZON-02)
2	54.72.0.164 54.72.0.164	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.130 172.217.16.130	() ()
241	45

31 151.139.128.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map3.hwcdn.net

downfile.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.103.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.103.201.35.bc.googleusercontent.com

expansioneggnog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.150.124.185 (Viet Nam)

ASN135987 (INDRA-RELOAD-AS-VN Reload Company Limited, VN)

azsoft.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:b200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.198.121.250 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-121-250.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.60.21 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 21.60.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.166.91 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-166-91.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.50 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3039::6815:c098 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:c759:eaa3:7bf2:5466 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN31400 (ACCELERATED-IT, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.85.162 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.62.19 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-127.fra50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.0.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	527 KB
31	downfile.site downfile.site	727 KB
30	doubleclick.net 4 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	286 KB
24	facebook.com www.facebook.com	153 KB
15	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	99 KB
14	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	232 KB
12	demand.supply live.demand.supply	34 KB
10	google.com 1 redirects adservice.google.com www.google.com	2 KB
8	gstatic.com fonts.gstatic.com	168 KB
7	rubiconproject.com 2 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com pixel-us-west.rubiconproject.com	12 KB
6	2mdn.net s0.2mdn.net	180 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	ampproject.org cdn.ampproject.org	103 KB
4	googletagservices.com www.googletagservices.com	147 KB
4	bidswitch.net 4 redirects x.bidswitch.net	3 KB
4	google.de adservice.google.de	1 KB
4	azsoft.org azsoft.org	440 KB
3	webgains.io analytics.webgains.io api.webgains.io	51 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	expansioneggnog.com expansioneggnog.com	27 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	webgains.com track.webgains.com	28 KB
2	blau.de 1 redirects partner.blau.de portal.blau.de	2 KB
2	o2online.de 1 redirects partner.o2online.de portal.o2online.de	2 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net	1 KB
2	telefonica-partner.de 2 redirects www.telefonica-partner.de	571 B
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com	950 B
2	googleadservices.com partner.googleadservices.com	331 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	360yield.com 2 redirects ad.360yield.com	613 B
2	mookie1.com odr.mookie1.com	430 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	754 B
2	e-volution.ai 2 redirects sync.e-volution.ai	918 B
2	adsrvr.org 2 redirects match.adsrvr.org	907 B
1	innovid.com ag.innovid.com	296 B
1	quantserve.com cms.quantserve.com	463 B
1	ad4mat.net prod-rtb.ad4mat.net
1	lentainform.com cm.lentainform.com	495 B
1	seedtag.com s.seedtag.com	507 B
1	zeotap.com mwzeom.zeotap.com	453 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	347 B
1	idealmedia.io cm.idealmedia.io	412 B
1	adtelligent.com s.adtelligent.com sync.adtelligent.com Failed	881 B
1	adsafeprotected.com static.adsafeprotected.com	484 B
241	45

	Domain	Requested by
31	downfile.site	downfile.site
25	pagead2.googlesyndication.com	live.demand.supply securepubads.g.doubleclick.net downfile.site 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
24	www.facebook.com	downfile.site www.facebook.com
15	tpc.googlesyndication.com	downfile.site securepubads.g.doubleclick.net 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com googleads.g.doubleclick.net
12	live.demand.supply	downfile.site client
10	securepubads.g.doubleclick.net	downfile.site securepubads.g.doubleclick.net www.googletagservices.com
9	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net downfile.site
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com downfile.site 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
7	cm.mgid.com	jsc.mgid.com downfile.site
6	assets.ad4m.at	as.ad4m.at
6	s0.2mdn.net	downfile.site s0.2mdn.net
6	www.google.com	1 redirects downfile.site 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.googletagservices.com	securepubads.g.doubleclick.net downfile.site 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	x.bidswitch.net	4 redirects
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	azsoft.org	downfile.site
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	expansioneggnog.com	downfile.site
3	fonts.googleapis.com	downfile.site securepubads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	as.ad4m.at
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	image6.pubmatic.com	2 redirects
2	id.rlcdn.com	2 redirects
2	googleads4.g.doubleclick.net	downfile.site
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	creativecdn.com	2 redirects
2	ad.360yield.com	2 redirects
2	odr.mookie1.com	downfile.site googleads.g.doubleclick.net
2	rtb-usw.mfadsrvr.com	2 redirects
2	pixel.rubiconproject.com	1 redirects downfile.site
2	sync.e-volution.ai	2 redirects
2	match.adsrvr.org	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	s-img.mgid.com	downfile.site
2	cdn.mgid.com	downfile.site
2	45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	jsc.mgid.com	downfile.site jsc.mgid.com
1	ade.googlesyndication.com	downfile.site
1	analytics.webgains.io	track.webgains.com
1	portal.blau.de	as.ad4m.at
1	partner.blau.de	1 redirects
1	portal.o2online.de	as.ad4m.at
1	partner.o2online.de	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	pixel-us-west.rubiconproject.com	eus.rubiconproject.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.lentainform.com	downfile.site
1	s.seedtag.com	downfile.site
1	mwzeom.zeotap.com	downfile.site
1	ssbsync.smartadserver.com	1 redirects
1	cm.idealmedia.io	downfile.site
1	secure-assets.rubiconproject.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	static.adsafeprotected.com	downfile.site
0	sync.adtelligent.com Failed	s.adtelligent.com
241	67

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
api.whatsapp.com
www.mgid.com
widgets.mgid.com
sulvo.com

Subject Issuer	Validity	Valid
downfile.site GoGetSSL RSA DV CA	`2021-10-28` - `2022-10-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2021-04-21` - `2022-04-20`	a year	crt.sh
expansioneggnog.com R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
azsoft.biz R3	`2021-12-15` - `2022-03-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-12-03` - `2022-03-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Frame ID: 0F5EF6070151096447D1569E8500EF98
Requests: 86 HTTP requests in this frame

Frame: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT
Frame ID: C50CB79184D63F841D777ABD24B4158C
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Frame ID: 7C5F09D767A7496302BB9C2D59311077
Requests: 24 HTTP requests in this frame

Frame: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7C70206379E6865983EB6A753A6400E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 78054325049926C5B520415CA3885C1F
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1640616481070369726058
Frame ID: B05AAF97FCA8452690828C3502146A0B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: F63ADB9D4A02B3431A5A25C11FD2D142
Requests: 17 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 2CB02923C4D60BB5E1EBC25131CA880A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Frame ID: C6A46C3F51A427339CDC2069728FF843
Requests: 4 HTTP requests in this frame

Frame: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 169D9ECDFD3D2CAA1419BD76C8BEAE19
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 4B933519ED2E0226D54ED6A229D4933E
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkRgvLQ8iUvNRYd3_J1TfPvnGQL-sDADUt0-xGrFzbXrqeM-ErHNl2yOZGF2qlG9qG-ga3cV78TXDKztIA2fLYWFaFD4Q7nbhbGSj3lw-JurFNjogzUmOs-EBAF9ekU0O9tbVBluDpNUpL1uXh3yS_EXCBlJWNadP2s3NMYtP6zwNUIZHyKxpUpQbe3Rij31XTNn2hrj3B6fdBNeSDvLMp5hfAAOEyygEHYFOF67I0A9Be8J-uvDBy_jK-JvYhmw-7XfPJphn2ikwHX6GjbfZ0rIYzowyURqJ3oZ4VHcyUsN2EhobLAPo79sJra4RloN85DZw&sai=AMfl-YS0UpoqcW9LH-IZPxg1OB-W7zQ2G1DVIUAq2EcBcwJLeZ6LmSFNsDN7Vu4xjzdsmVy49Onn_GWXI6akHjNN6cXX-xZYwBCyiw6609L29G45mh_RnhPtR3ewhDmYFAZA&sig=Cg0ArKJSzGGaYfwjZPLPEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 18C4A5707F093B83BDE07EFEB639C46F
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1995021269147151
Frame ID: D2F1E0A7B6465B01E32E86BED8671471
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYgvvvvAEwAQ&v=APEucNUCkOzrRO_oVuwS7yQivmxLjMFxk4kK5rddziHDVqqDYHMUxzSPpiRUNCIwPi-Ow1qIXPS2MIMOIqq_NyO9nCic_FV9NiRGObFnwm3lL5SqyLhVS4oYm5ubVinJAlkIMJbnierblTdk8WzEqvcdfDW60j2CCMrW4NCPxAvDnkEsLH4OE7U
Frame ID: 338B9EE24BE1FB525F4AC9AB4B87160E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&adk=1812271804&adf=2751417941&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481537&bpp=2&bdt=69&idt=105&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&nras=1&correlator=6025612048166&frm=23&ife=4&pv=2&ga_vid=573611523.1640616482&ga_sid=1640616482&ga_hid=659228861&ga_fc=0&nhd=1&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3696954092&scr_x=0&scr_y=0&eid=31062422%2C31063246&oid=2&pvsid=389013987179716&pem=274&tmod=847&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.el7wd0tqx2oh&fsb=1&dtd=124
Frame ID: D9F5C910BFE1AA2C3982B0EEE74A1193
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&h=250&slotname=5605423233&adk=3391074604&adf=776186313&pi=t.ma~as.5605423233&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481539&bpp=1&bdt=71&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&prev_fmts=0x0&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=573611523.1640616482&ga_sid=1640616482&ga_hid=659228861&ga_fc=0&nhd=1&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3696954092&scr_x=0&scr_y=0&eid=31062422%2C31063246&oid=2&pvsid=389013987179716&pem=274&tmod=847&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.uuu7g8z4v49c&fsb=1&dtd=160
Frame ID: 7C9242DE982E4494F481752327E0643C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&adk=1812271804&adf=3407277755&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481564&bpp=2&bdt=102&idt=142&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=993416566.1640616482&ga_sid=1640616482&ga_hid=793451948&ga_fc=0&nhd=2&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2296956567&scr_x=0&scr_y=0&oid=2&pvsid=4041987728523401&pem=274&tmod=794&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.t59c376f2z1u&fsb=1&dtd=149
Frame ID: 79A13C7EBAB23AB27DFD58AAB9CBFF57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&h=480&slotname=6253108731&adk=3465567970&adf=4198862046&pi=t.ma~as.6253108731&w=320&psa=0&format=320x480&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481566&bpp=1&bdt=104&idt=160&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&prev_fmts=0x0&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=993416566.1640616482&ga_sid=1640616482&ga_hid=793451948&ga_fc=0&nhd=2&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2296956567&scr_x=0&scr_y=0&oid=2&pvsid=4041987728523401&pem=274&tmod=794&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.voj5i5a0j0sm&fsb=1&dtd=163
Frame ID: 7F861BD47393804009221EF7DADD29E1
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15967189577522001263/index.html?e=69&leftOffset=0&topOffset=0&c=uglTz90crQ&t=1&renderingType=2
Frame ID: 92A8EE97B2964307E3C63081D67BD2B5
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E64C52CA54BBC80D97CAD2E6064368AC
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j0hb343gept537ye31bktn5vxj8esvafxwr88wxaf9nb3kpnyfasyxkrr4qqg0kp87cm55f438qjqdgg851gakcg1d3yppw242bxkd99srhm93yqxhzhsensnfgsgq1jsemez72n32zphrabw37k2z6g5j3ht81xjh7vcsjdrgtcvqfmn2y3jk2wkxp094qbjcqckc61wtvzdmwrm5x54qzpdzdwynthz4j6vx5am3ecyz0rdj9sk931hwaqhe1wx13g910x7mfd3vterrezcjbqxd6bdav60kxe8dseyqhffs9dpkqag5keb6a41myf8t9b55thcr2b9bhx39vgbceycafsqgqd7077mnx94g2axqez4c4r2tgn111yh23p1121x1v6x9zhj13ygd1exepx9h1q8r689zyq3bzhc6jt7gf6e1m4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%26client%3Dca-pub-1995021269147151%26adurl%3D
Frame ID: EEF442501507D5B76C1FE141D684A78D
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 99C1EC3D2CD8DB2154CDEB6DC5211F01
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 63AE917BF888D24F7D275020C1956B9C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Frame ID: 1BE959435E838FF74D5339CFDD3C1401
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: 7CC3404C4319624110E024376A722A70
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4B09FA35C421A6C09EC9A71F60E43E92
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6826FAC9274CF2E0DECD99036A7F5619
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67D6563E0541A7DE74D417E20EB78190
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25B50D9AA674CF15F76F9CE8FB6E74F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Do You Have Visibility in Your Organization? | DOWNFILE

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

241
Requests

90 %
HTTPS

35 %
IPv6

45
Domains

67
Subdomains

45
IPs

8
Countries

3227 kB
Transfer

8326 kB
Size

61
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Do+You+Have+Visibility+in+Your+Organization%3F&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&via=DOWNFILE
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&media=https://downfile.site/wp-content/uploads/2021/08/race-condition-vulnerabilities.jpg&description=Do+You+Have+Visibility+in+Your+Organization%3F
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Do+You+Have+Visibility+in+Your+Organization%3F%20%0A%0A%20https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3961825/i/57516550/0/pp/1/1?h=8RhL-fR2ZHWIGYZc3smNpvqsq5gMRs3nUl8uWLYNfE_ROXtHpPHooU_mGb-l5P61&rid=fd1f80d1-6723-11ec-8bcf-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805528/i/57516550/0/pp/2/1?h=8RhL-fR2ZHWIGYZc3smNpsjajS2e9FbVjXJPyyd25fZ-y6KSnAJgCcKPjqnOBZSg&rid=fd1f80d1-6723-11ec-8bcf-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=downfile.site&utm_medium=referral&utm_campaign=widgets&utm_content=1183354

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west

Request Chain 117

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=d18b9604-2b6b-44b1-9639-91275c784dbb&ttl=1643208481

Request Chain 118

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbr0PfaMhdM6 HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6431200676867946660&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJyMFBmYU1oZE02&muidn=lbr0PfaMhdM6 HTTP 302
https://cm.mgid.com/google?muidn=lbr0PfaMhdM6&google_ula={guid},5&google_gid=CAESEEaRmtZ-W_Byz8HRsGoOjCY&google_cver=1

Request Chain 121

https://x.bidswitch.net/sync?dsp_id=303&user_id=lbr0PfaMhdM6 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lbr0PfaMhdM6 HTTP 302
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=63b0f668-a358-4ad5-875b-b2e394363f1e

Request Chain 123

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=1851fdcf-640d-4210-9562-c6aa71e62714

Request Chain 124

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=63b0f668-a358-4ad5-875b-b2e394363f1e&ssp=mgid&gdpr=&gdpr_consent=

Request Chain 125

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=14440ff1-3d15-4d0c-bbdd-850940f20ea5

Request Chain 126

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=8e3uc82Ioeo5P4otZgiT&pi=mgid&tc=1

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa6ekv7xUX4fongmQ2lI5E&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa6ekv7xUX4fongmQ2lI5E&google_cver=1&C=1

Request Chain 152

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YcnSIQsWreLegaPxaMlVCgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa6ekv7xUX4fongmQ2lI5E&google_cver=1

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDkZ3yiF5OkjNr6WcWghYV8&google_cver=1

Request Chain 154

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzEzODI3ODYyNDA3MzY1OTc4

Request Chain 199

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLvl_KgmanZaLxBpaC_DEoEmILqd_RjWInbl7E5D94Aci2-6e-tZ8q9TCBzgGjR61cP7yT3aJfyA_a5kfF6CxASIvNOXjnMqhWF09Yvmzr4cIwXpkcmJJhzt5KxSTnw212I0LOJfVVkViylVMo-qC8&google_gid=CAESEMsCiid1zqgVIMS2xO2bK7g&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKKkp44GEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVlnNXFQTHZsX0tnbWFuWmFMeEJwYUNfREVvRW1JTHFkX1JqV0luYmw3RTVEOTRBY2kyLTZlLXRaOHE5VENCemdHalI2MWNQN3lUM2FKZnlBX2E1a2ZGNkN4QVNJdk5PWGpuTXFoV0YwOVl2bXpyNGNJd1hwa2NtSkpoenQ1S3hTVG53MjEySTBMT0pmVlZrVml5bFZNby1xQzg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweENRMzFjNE5hYmttUE1HcWc2emRFOUpkaDNDdFMzWFByVzBsazUya05DOA==&google_push

Request Chain 201

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEO_hFf2Lk0rRg64RCC5IB8&google_cver=1&google_push=AYg5qPKpF-S8JrzbrVs4CsLRmnSOStA5PCmGEwo5qEam3WancWgRXgYR-pmVKLaUjURknsg-a6xOK7Fadw0biCVOzr8WhLXwkwgcrEWYXYdDWj6TPQ0wjwE97nnVL8JSat5XOmXt5SjIWTMKjoHEeUn-AgI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEO_hFf2Lk0rRg64RCC5IB8&google_cver=1&google_push=AYg5qPKpF-S8JrzbrVs4CsLRmnSOStA5PCmGEwo5qEam3WancWgRXgYR-pmVKLaUjURknsg-a6xOK7Fadw0biCVOzr8WhLXwkwgcrEWYXYdDWj6TPQ0wjwE97nnVL8JSat5XOmXt5SjIWTMKjoHEeUn-AgI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6czlgEpFRImXbAerGEL4sw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKpF-S8JrzbrVs4CsLRmnSOStA5PCmGEwo5qEam3WancWgRXgYR-pmVKLaUjURknsg-a6xOK7Fadw0biCVOzr8WhLXwkwgcrEWYXYdDWj6TPQ0wjwE97nnVL8JSat5XOmXt5SjIWTMKjoHEeUn-AgI

Request Chain 202

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGgwSPbrIUlsE86gtNPB-NA&google_cver=1&google_push=AYg5qPKRWiiskdlQqNluMcoEJHK3ylaOBqxzDqEB1EyGYrzQNpk-APVss3J0CGb875W3iLNah5QN3gbxHgtyAyqyDXlqKFyKMwDsoKhgZtBIrapkcSfXxZb29lpGxiy8W5RpERLMwGp2bXjPxv8u5J0VVqg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPU09aUEotNy1JQU5V&google_push=AYg5qPKRWiiskdlQqNluMcoEJHK3ylaOBqxzDqEB1EyGYrzQNpk-APVss3J0CGb875W3iLNah5QN3gbxHgtyAyqyDXlqKFyKMwDsoKhgZtBIrapkcSfXxZb29lpGxiy8W5RpERLMwGp2bXjPxv8u5J0VVqg

Request Chain 203

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_cver=1&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1

Request Chain 219

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122715480260914928131X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021122715480260914928131X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679 HTTP 302
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122715480260914928131X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24

Request Chain 222

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021122715480260914928125X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth HTTP 302
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122715480260914928125X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663

241 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/ 318 KB
62 KB 1442ms
1414ms Document
text/html 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

ef980cb9168df3d9032cfd86b004bda8a6c8cf5f8d75d93c8cdc8137afb6af15

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-pingback: https://downfile.site/xmlrpc.php
link: <https://downfile.site/wp-json/>; rel="https://api.w.org/" <https://downfile.site/wp-json/wp/v2/posts/740>; rel="alternate"; type="application/json" <https://downfile.site/?p=740>; rel=shortlink
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
server: fbs
x-hw: 1640616478.cds147.fr8.hn,1640616478.cds142.fr8.sc,1640616479.cdn2-wafbe04-fra1.stackpath.systems.-.wx,1640616479.cds142.fr8.p
access-control-allow-origin: *

GET
H2 200 style.min.css
downfile.site/wp-includes/css/dist/block-library/ 79 KB
13 KB 14ms
13ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-13abe"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds160.fr8.c
content-type: text/css
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 13106
x-content-type-options: "nosniff" always

GET
H2 200 wp-automatic.css
downfile.site/wp-content/plugins/wp-automatic/css/ 3 KB
826 B 14ms
13ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-a99"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds015.fr8.c
content-type: text/css
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 712
x-content-type-options: "nosniff" always

GET
H2 200 style.css
downfile.site/wp-content/plugins/td-newsletter/ 6 KB
2 KB 18ms
17ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/plugins/td-newsletter/style.css?ver=11

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

4f9568d3aef0133feef6736a0be7a2bad332429d685a584e1c5b85e5a7fd60c9

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-16c7"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds266.fr8.c
content-type: text/css
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 1598
x-content-type-options: "nosniff" always

GET
H2 200 style.css
downfile.site/wp-content/plugins/td-composer/td-multi-purpose/ 36 KB
6 KB 18ms
17ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=978887166a39c57c36d5cf4a5ec10289

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-91a4"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds216.fr8.c
content-type: text/css
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 5923
x-content-type-options: "nosniff" always

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 48ms
23ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%7CVolkhov%3A400%7CQuicksand%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

507b5e8c1ee30ef07a6698159daad9a170b5f9ae5e1643ce7103559c6ab2dbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 14:47:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Dec 2021 14:47:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Dec 2021 14:47:59 GMT

GET
H2 200 style.css
downfile.site/wp-content/themes/Newspaper/ 146 KB
30 KB 20ms
18ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/themes/Newspaper/style.css?ver=11

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

312460f32193ff9910d720cc337941abd9c749e9f3c7c0e3bf707d90a51ca897

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-24641"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds041.fr8.c
content-type: text/css
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 30672
x-content-type-options: "nosniff" always

GET
H2 200 js_composer.min.css
downfile.site/wp-content/plugins/js_composer/assets/css/ 474 KB
55 KB 24ms
23ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-76828"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds252.fr8.c
content-type: text/css
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 55807
x-content-type-options: "nosniff" always

GET
H2 200 td_legacy_main.css
downfile.site/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 155 KB
29 KB 29ms
28ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

b689f2267305a97c30f5bda1a0e18993c4bed294007df78eafd6829a4408cb1e

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-26c08"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds159.fr8.c
content-type: text/css
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 29165
x-content-type-options: "nosniff" always

GET
H2 200 demo_style.css
downfile.site/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/pandemic_pro/ 553 B
403 B 30ms
30ms Stylesheet
text/css 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/pandemic_pro/demo_style.css?ver=11

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

50c82513b1b0c1281db136871f95a6126326f784cb9fee62410e98b102e9b4cc

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-229"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds055.fr8.c
content-type: text/css
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 279
x-content-type-options: "nosniff" always

GET
H2 200 jquery.min.js Show response
downfile.site/wp-includes/js/jquery/ 87 KB
34 KB 31ms
31ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-15db1"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds157.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 34784
x-content-type-options: "nosniff" always

GET
H2 200 jquery-migrate.min.js Show response
downfile.site/wp-includes/js/jquery/ 11 KB
4 KB 33ms
33ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-2bd8"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds098.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 4453
x-content-type-options: "nosniff" always

GET
H2 200 main-front.js Show response
downfile.site/wp-content/plugins/wp-automatic/js/ 1017 B
508 B 34ms
33ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/plugins/wp-automatic/js/main-front.js?ver=5.8.2

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-3f9"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds164.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 393
x-content-type-options: "nosniff" always

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 66ms
28ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1083 / 531 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Dec 2021 14:47:59 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 172ms
123ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab8cd457647497481819c97769165da290fa345fc3485f53c984119b27b3b8f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id: 01FMWDZHWEPPMWGNQNZKESSP67
date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 1109
cf-polished: origSize=3935
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"59de6717fa079a1bdca61971e7fc88e1-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 6c4358e61dac5a07-MXP
link: <https://live.demand.supply/impl.v14.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-0-0/ZG93bmZpbGUuc2l0ZS8yMDIxLzA4LzE3L2RvLXlvdS1oYXZlLXZpc2liaWxpdHktaW4teW91ci1vcmdhbml6YXRpb24v>; rel=preload; as=script

GET
H2 200 wp-emoji-release.min.js Show response
downfile.site/wp-includes/js/ 18 KB
5 KB 15ms
15ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-4705"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds216.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 5526
x-content-type-options: "nosniff" always

GET
H2 200 v2wyzCAcKjRmxtVMnataKimYPM35TsgPadfzCS_A-JiYYEp-9prcEkAd5cXLn6Xbp Show response
expansioneggnog.com/ 89 KB
27 KB 66ms
22ms Script
text/javascript 35.201.103.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://expansioneggnog.com/v2wyzCAcKjRmxtVMnataKimYPM35TsgPadfzCS_A-JiYYEp-9prcEkAd5cXLn6Xbp

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

212.103.201.35.bc.googleusercontent.com

Software

Resource Hash

129c94ecb4fe46b010f192ea09edc0a3139309fc1e6e71ede818731e77ab1bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "958a0d608bdc4f80668a2bfeb967baa08322f7274601e5ad7bfe1e56246373ae"
vary: Accept-Encoding, Accept-Language
x-hostname: e00eae1c
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 27 Dec 2021 14:47:59 GMT
timing-allow-origin: *

GET
H2 200 / Show response
downfile.site/sbbi/ Frame C50C 25 KB
11 KB 18ms
18ms Document
text/html 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT&sbbgs=h406d017394d54f1556df0b737ad60f58612&ddl=2
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: da552b5912d84464b1e8ceb10ec0884209a598f7f23b4fff3c1a4163b29b9ac8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds122.fr8.sc,1640616479.cdn2-wafbe01-fra1.stackpath.systems.-.i,1640616479.cds122.fr8.p
access-control-allow-origin: *

GET
H2 200 /
downfile.site/sbbi/ 43 B
177 B 29ms
28ms Image
image/gif 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://downfile.site/sbbi/?sbbpg=utMedia&vii=7ha44046bd606127f359b48db5645f7165e586ddff909b1713c7eafd16205fb5v8y6n1p2
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
x-accel-expires: 0
date: Mon, 27 Dec 2021 14:47:59 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
server: fbs
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds122.fr8.sc,1640616479.cdn2-wafbe03-fra1.stackpath.systems.-.i,1640616479.cds122.fr8.p
content-type: image/gif

GET
H2 200 bg.jpg
downfile.site/wp-content/uploads/2021/08/ 294 KB
295 KB 12ms
12ms Image
image/jpeg 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downfile.site/wp-content/uploads/2021/08/bg.jpg

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

eeed73e883c0aafea06f862a1f1a789f0be71df372d83ff2f4dddeeed2ece55c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: "6118e125-4989e"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds220.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 301214
x-content-type-options: "nosniff" always

GET
H2 200 newspaper.woff
downfile.site/wp-content/themes/Newspaper/images/icons/ 24 KB
24 KB 22ms
22ms Font
font/woff 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/themes/Newspaper/images/icons/newspaper.woff?19

Requested by

Host: downfile.site
URL: https://downfile.site/wp-content/themes/Newspaper/style.css?ver=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Referer: https://downfile.site/wp-content/themes/Newspaper/style.css?ver=11
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: "6118e125-6120"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds146.fr8.c
content-type: font/woff
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 24864
x-content-type-options: "nosniff" always

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 35ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%7CVolkhov%3A400%7CQuicksand%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 420700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 263291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 13:39:48 GMT

GET
H2 200 downfile-logo-white.png
downfile.site/wp-content/uploads/2021/08/ 6 KB
7 KB 12ms
11ms Image
image/png 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downfile.site/wp-content/uploads/2021/08/downfile-logo-white.png

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

180d29d1e3282dd52cb768e1e8a434c1787742340311c56139d4c6a15627121c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Aug 2021 06:48:41 GMT
server: fbs
etag: "611a0a49-19f5"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds126.fr8.c
content-type: image/png
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 6645
x-content-type-options: "nosniff" always

GET
H2 200 logo-sticky.png
downfile.site/wp-content/uploads/2021/08/ 2 KB
2 KB 13ms
12ms Image
image/png 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downfile.site/wp-content/uploads/2021/08/logo-sticky.png

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

4179e9ec503001fb4f2c9d0a5bc64683dbe0f1f3b4476b42cb765b7e7d4131ac

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: "6118e125-684"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds234.fr8.c
content-type: image/png
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 1668
x-content-type-options: "nosniff" always

GET
H2 200 downfile-logo.png
downfile.site/wp-content/uploads/2021/08/ 6 KB
7 KB 14ms
14ms Image
image/png 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downfile.site/wp-content/uploads/2021/08/downfile-logo.png

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

7e295a138dd7ca8250c3394f0fafe978f64c88121ee372d2354fd86a12840455

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Aug 2021 06:46:36 GMT
server: fbs
etag: "611a09cc-19a1"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds245.fr8.c
content-type: image/png
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 6561
x-content-type-options: "nosniff" always

GET
H2 200 race-condition-vulnerabilities-696x464.jpg
downfile.site/wp-content/uploads/2021/08/ 35 KB
36 KB 14ms
14ms Image
image/jpeg 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downfile.site/wp-content/uploads/2021/08/race-condition-vulnerabilities-696x464.jpg

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

9d921f690cf785f3705ae94b04ef36165d64ad4d321b59186a15d65af8505a23

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: "6118e125-8db1"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds208.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 36273
x-content-type-options: "nosniff" always

GET
H2 200 m.megaurl.in.1183354.js Show response
jsc.mgid.com/m/m/ 2 KB
1 KB 75ms
28ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/m/m/m.megaurl.in.1183354.js
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebbf6a3722bd782c5c145faf0f8d3e57e7bc56f3af28b8886d3f9076dd01da4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 488
last-modified: Thu, 02 Dec 2021 16:11:51 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 4APJR4GXSRKK2ZV3
x-amz-id-2: bTkAiXMwPnYESP3bDTpdVD7sAzrn48NQttFYOBuF1pXjxcVzkfI5iRj4ngHpV4tazTKFKD9jqCo=
cf-bgj: minify
server: cloudflare
etag: W/"73f9be10fac4a58210187f73ba57a9df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6c4358e6be863bc2-CDG
expires: Mon, 27 Dec 2021 17:47:59 GMT

GET
H/1.1 200
OK xxx_top_xxx-scaled.jpg
azsoft.org/wp-content/uploads/2021/08/ 145 KB
146 KB 867ms
414ms Image
image/jpeg 103.150.124.185
INDRA-RELOAD-AS-V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://azsoft.org/wp-content/uploads/2021/08/xxx_top_xxx-scaled.jpg
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.150.124.185 , Viet Nam, ASN135987 (INDRA-RELOAD-AS-VN Reload Company Limited, VN),
Reverse DNS
Software: nginx /
Resource Hash: 6fd1cce9a9f392586e1db6789372e4d4e0bc85cec18c0008063cb10c53efc813

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 14:48:00 GMT
Last-Modified: Sun, 15 Aug 2021 09:58:48 GMT
Server: nginx
ETag: "6118e558-2455f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 148831
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 14:28:31 GMT
x-content-type-options: nosniff
age: 173968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 25 Dec 2022 14:28:31 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 38ms
22ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Dec 2021 14:47:59 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 92 B
108 B 34ms
18ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=downfile.site

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

132caf8dfb2483b77299a28d8d901e9d6a81396d3e1ed3ff0ec20ed62a5deeca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
expires: Mon, 27 Dec 2021 14:47:59 GMT

GET
H2 200 underscore.min.js Show response
downfile.site/wp-includes/js/ 19 KB
8 KB 17ms
15ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-includes/js/underscore.min.js?ver=1.13.1

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-4a84"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds012.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 7919
x-content-type-options: "nosniff" always

GET
H2 200 js_posts_autoload.min.js Show response
downfile.site/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 17ms
15ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-1428"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds168.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 2082
x-content-type-options: "nosniff" always

GET
H2 200 tagdiv_theme.min.js Show response
downfile.site/wp-content/plugins/td-composer/legacy/Newspaper/js/ 257 KB
69 KB 19ms
17ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-4029c"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds259.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 70550
x-content-type-options: "nosniff" always

GET
H2 200 comment-reply.min.js Show response
downfile.site/wp-includes/js/ 3 KB
1 KB 17ms
15ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-includes/js/comment-reply.min.js?ver=5.8.2

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-ba8"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds005.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 1383
x-content-type-options: "nosniff" always

GET
H2 200 js_files_for_front.min.js Show response
downfile.site/wp-content/plugins/td-cloud-library/assets/js/ 36 KB
9 KB 23ms
22ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

15c510fe49c3ec5fd57ac7ead341655699156a63fe10195347dfeae1dc53f909

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-9176"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds055.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 9602
x-content-type-options: "nosniff" always

GET
H2 200 wp-embed.min.js Show response
downfile.site/wp-includes/js/ 1 KB
900 B 23ms
22ms Script
application/javascript 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://downfile.site/wp-includes/js/wp-embed.min.js?ver=5.8.2

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 15 Aug 2021 09:40:53 GMT
server: fbs
etag: W/"6118e125-592"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-hw: 1640616479.cds147.fr8.hn,1640616479.cds106.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 778
x-content-type-options: "nosniff" always

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 262557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 13:52:02 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 7C5F 46 KB
16 KB 174ms
155ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b7cc476ee3d22ba23ea68cccdff1e6bd21570f29ed139f687af0c6f7f5899d9

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: DR4VSqZN6nzuMHG6yb/MXluZ3ZnbbHyVOjxg4InxxD6WjlhMpX3Z1ou8RU0XT3QVyXdu0qkO9XAOd8bjUU7iPQ==
date: Mon, 27 Dec 2021 14:48:00 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H/1.1 200
OK bg.jpg
azsoft.org/wp-content/uploads/2021/08/ 294 KB
294 KB 817ms
398ms Image
image/jpeg 103.150.124.185
INDRA-RELOAD-AS-V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://azsoft.org/wp-content/uploads/2021/08/bg.jpg
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.150.124.185 , Viet Nam, ASN135987 (INDRA-RELOAD-AS-VN Reload Company Limited, VN),
Reverse DNS
Software: nginx /
Resource Hash: eeed73e883c0aafea06f862a1f1a789f0be71df372d83ff2f4dddeeed2ece55c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 14:48:00 GMT
Last-Modified: Sun, 15 Aug 2021 09:58:48 GMT
Server: nginx
ETag: "6118e558-4989e"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 301214
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 SlGQmQieoJcKemNecTUEhQ.woff2
fonts.gstatic.com/s/volkhov/v12/ 27 KB
27 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/volkhov/v12/SlGQmQieoJcKemNecTUEhQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f724571e38824b223e78877580db05a003ff922d337ba36de56a980d194b6869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:19:59 GMT
x-content-type-options: nosniff
age: 592080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27496
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:49:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 20 Dec 2022 18:19:59 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 14:02:00 GMT
x-content-type-options: nosniff
age: 521159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 14:02:00 GMT

GET
H3 200 impl.v14.0.0.js Show response
live.demand.supply/ 78 KB
25 KB 61ms
39ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v14.0.0.js
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id: 01FKEFKNZGD9ZVC0KK5CB35266
date: Mon, 27 Dec 2021 14:47:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 2229544
cf-polished: origSize=79681
cf-ray: 6c4358e7daa73745-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H3 200 ZG93bmZpbGUuc2l0ZS8yMDIxLzA4LzE3L2RvLXlvdS1oYXZlLXZpc2liaWxpdHktaW4teW91ci1vcmdhbml6YXRpb24v Show response
live.demand.supply/p4/v14-0-0/ 946 B
754 B 144ms
122ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-0-0/ZG93bmZpbGUuc2l0ZS8yMDIxLzA4LzE3L2RvLXlvdS1oYXZlLXZpc2liaWxpdHktaW4teW91ci1vcmdhbml6YXRpb24v
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a1857f8d5a0a39a4bc5f3b2f5f6b2c2ded7e7061d1931d67b3632132937e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 6c4358e7daa43745-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 61ms
42ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=222&cs=c&dsReferer=aHR0cHM6Ly9kb3duZmlsZS5zaXRlLzIwMjEvMDgvMTcvZG8teW91LWhhdmUtdmlzaWJpbGl0eS1pbi15b3VyLW9yZ2FuaXphdGlvbi8=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id: 01FN097NGTAHD91JD411VXYVS5
date: Mon, 27 Dec 2021 14:48:00 GMT
cf-cache-status: HIT
age: 448075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6c4358e8eaf45a19-MXP

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 58ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4067a0c89afdafadbf496c9d5b91d1594dbcf270aaf867b490821c292028bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51837
x-xss-protection: 0
server: cafe
etag: 4385169697417030774
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:48:00 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
509 B 70ms
51ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id: 01FN2VXDK61GBWZAWPM6TQ05D4
date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 448075
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6c4358e8eaea5a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
438 B 56ms
38ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=aHR0cHM6Ly9kb3duZmlsZS5zaXRlLzIwMjEvMDgvMTcvZG8teW91LWhhdmUtdmlzaWJpbGl0eS1pbi15b3VyLW9yZ2FuaXphdGlvbi8=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id: 01FN097NH0PKVMTMFFS0YKB0Z8
date: Mon, 27 Dec 2021 14:48:00 GMT
cf-cache-status: HIT
age: 448075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6c4358e8eaf25a19-MXP

GET
H3 200 m.megaurl.in.1183354.es6.js Show response
jsc.mgid.com/m/m/ 229 KB
68 KB 42ms
27ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/m/m/m.megaurl.in.1183354.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/m/m.megaurl.in.1183354.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbdd26c35b6cbb1a65181254cc2c14b376bc1d417beb8d7dcde68508dd6ef5aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 1231
last-modified: Thu, 02 Dec 2021 16:11:51 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 7B2847ZFP5E3RS2R
x-amz-id-2: zohVOhXS64BmuGTnPPXhg5MZmOpChAxxFQyI8NMIH/+cK7qGEECpajYDKscI2Jgf2U6BYcRr+NE=
cf-bgj: minify
server: cloudflare
etag: W/"24f5b0bac0ef05c61c701c9141089c37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6c4358e8dacb5b38-FRA
expires: Mon, 27 Dec 2021 17:48:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 58ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=downfile.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=downfile.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 359 KB
67 KB 1264ms
1264ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3522553104172230&correlator=1948596704154185&output=ldjh&impl=fifs&eid=31061815%2C31063708%2C44742767&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=22546396171%2CDownfile-300x250%2CDownfile-300x250-1%2CDownfile-336x280-1%2CDownfile-300x600-1%2CDownfile-970x250-1%2CDownfile-728x90-1%2CDownfile-728x90-2%2CWeb_Interstitials_Code&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F8&prev_iu_szs=300x250%2C300x250%2C336x280%2C300x600%2C970x250%2C728x90%2C728x90%2C1x1%2C300x250%7C320x480%7C336x280%7C480x320&ists=2&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0&cookie_enabled=1&bc=31&abxe=1&lmt=1640616480&dt=1640616480150&dlt=1640616479572&idt=557&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C666%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C80%2C-9%2C-9%2C-9&adks=3963320156%2C1373975743%2C1556580811%2C2755071693%2C953638841%2C2142630623%2C2171657377%2C1996038355%2C3258253402&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C730x90%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C730x90%7C0x-1%7C0x-1%7C0x-1&ga_vid=122848312.1640616480&ga_sid=1640616480&ga_hid=135029394&ga_fc=false&fws=2%2C2%2C2%2C2%2C2%2C4%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C1600%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef2174d3aca542271ccc75de25b3181d2bad57445310466aec224603af667591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68771
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,5816993958,5816993958
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,-1,138368488473,138368436812
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://downfile.site
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C70 6 KB
4 KB 73ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Dec 2021 14:48:00 GMT
expires: Tue, 27 Dec 2022 14:48:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 15ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Dec 2021 14:48:00 GMT

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 77ms
65ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: dp9hgjRFQmzlwQkgghcdNnSxzGDT28Pnr28qaK8yod8Lz9uhvmfmuIetkM/YnLICXqEKSVbJnlHrMbMo9AEHnw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 73ms
63ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: JW0Ht2Dz1bSF0fkXYYHlknt0VSiHE4fVPoPPpxcBHn0f5oxO+U3FPIrEciIJCfqz3tbCuUKdHxjOtcNtkzviVA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 82ms
72ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: BXjjr4ggP17v9q+4uOXzPkUOgRVGsy4p7J6bybU9II8jp+GUdYwfivx/r9CZNoddd29DcQrS6Pik7tag1n6WHg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 70ms
61ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: SpW1E6FKZBb4q0HtjPiQemzOB1KLuryexauqhCk7AR8yTZlRLb9FSGZQ+aaeYYKT3s3MPNbRCpAZaflbYXfUhw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 74ms
65ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: OLKtWgszNCt86pcafalCcvZP2AdACkQC7DLtde3G7EqSniR+UvcHoUbJQ+CKVu9GRDZdPhH2zueJ+vdcC2UgRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 77ms
69ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: Va6KuxwwmpublCr4h58JZyb2I7G21/CuZraPWkgWVEGKaNnkCfnQbrgrjnzy6rLVABtjnhzMQ1F7keF4JIDicA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 67ms
59ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: VXv1l59ef/bGZ4m9fi8gzyl9CzhPDIL/iC1BEEnJ6bbTw7g30t5pBruXw5OqcI6p0d2x4vjK66es7AuLR66G9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
41 B 39ms
33ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: LAKtAmAOB7Fz58b/loNPsd0kNeRbS/MOm/P/9XWFpwezc5TlKef6WJKz6bd0Dh273xF5fskX1mvt7p/6bgM12g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 79ms
74ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: IRD+bblnzl/UWtLBcl1A2Lt+FrmXLvK5I0HoopOl6Wgyrtjpxsud9iHflwAVPe/W3mUcgldHQVuUQFGbCLJG+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 63ms
59ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: WVWaJL5KrpLJgtxeWcvQsTc23o/HF34MyoPCgGY5dt2Pk+lBCvRoO5QDSNsXZrIClLYDWNsHGxquH3JuLb2ceQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 66ms
61ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: enXrIPKA/p9PHM/lfRNc4xbE0pzeXTatERNcLEp9yoqGybJ+KGtXfiRO2ywETUL0PysUhpx4d4OpBUZCOhy7Pg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 38ms
34ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: l1YmGRp9rWYfFdOAIhRLiA45ai1K68H6xSyO0j80OHXB6BUcxP2zJSaqQvSzSQ6HPsGSCeTEifrkYsnOn3ezLA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 67ms
63ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: a5PyOM/9VTRegZSQUM10qx1tfP+PR3DW4GPBZe0NC6jr2shZIQgVEZ6PYQig4Aoz+JGwJjNscp4uLtbu5AlkqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 72ms
70ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: t03L7jlJj2mKOqfluzDfjSdEMH7uEtwenJg+0LjP581RUwGNSPXA8d7t2BEDZg3VTJ8gm6vBRyljAAgbM/5+Mg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 69ms
68ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: bSTrSTWK4ux7L1RKwV0admMCTVc3I6hc1l2okNEhYyeV7b8WISBI94qqMf/XNDmrp548/P2cUvJ0zStpyHC4IQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 67ms
64ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: i4Whwiy3s4V2wWSkyhyrNnnbW2KlHbeTFTzlgXFlIkfSNpoO0TSpEORPayqjpd2kdZ5CeWXscUTJqEJNaDX5tw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 65ms
63ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 4VEgjNFBxmC3w7WP7WhXfGO+GBY3iYTwxf6JcZPbICZB/Ozb4lemYfvmFEvrHXKWrq0RKhwL/12FneeD20Bf3w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 61ms
59ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: wpu8ZalK+LkfnG7ERrAPHjnY60le5YzjGaWGl4vLgt6PDfdPIIvOpxWRpag9YoAezR66TVk5pFsAu8zPnS99vQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 63ms
61ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 9ceVyKwAESFRReWrfUHt/M2Bo41I2eW0ZLOmBFZrLQvN87a1NMcJMvuWVjykNQ/FHfe0a3By12lYZvHAODO4JQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 55ms
53ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: I0QVz6LwtxgwM9x1VS5dxD8UaZgTRg6DRjm7+dX3/U/TbqfWSsA5JWQKZBJUAAbqC6gkvNagKqQjqBW/vBNvIQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 7C5F 0
30 B 65ms
64ms Other
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: gobTCBOfUWQAG2jl0i2hnsZM+5lo9N24ljveLz7/JlWIBp2H55ZIqA/ONKxj2xPtxfuDPpERHXFUonB6o8Uk3g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 27 Dec 2021 14:48:00 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
484 B 58ms
7ms Image
image/gif 2600:9000:2156:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
age: 12350006
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: wLRUHVXvPuTGUkx2zGZUIoFnzvSfJTOZpNOAm4Atik7MQ3AilCUz-A==

GET
H3 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 7C5F 400 B
451 B 8ms
7ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 03:31:37 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 400
x-fb-rlafr: 0
x-fb-debug: Xpp5Q3dAht3Bylv1S7p/Zk/14k0Rllw8xMGr2dHe7yLrtQ+Zg3YlbJPHW8TsMn3WTeoCygdBfZ+gPUEGUt4GDQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 15 Dec 2022 03:31:37 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
402 B 27ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9kb3duZmlsZS5zaXRlLzIwMjEvMDgvMTcvZG8teW91LWhhdmUtdmlzaWJpbGl0eS1pbi15b3VyLW9yZ2FuaXphdGlvbi8=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id: 01FN097NH0PKVMTMFFS0YKB0Z8
date: Mon, 27 Dec 2021 14:48:00 GMT
cf-cache-status: HIT
age: 448075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6c4358ea4fbd5a19-MXP

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 35ms
34ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id: 01FN0J18J3PBRSCV8HHF6ZFMWF
date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 932964
etag: W/"9bafda7cf8dec16f272df141e953a55a-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 6c4358ea5a043745-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 downfile.site_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 27 B
293 B 243ms
242ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/downfile.site_auto_728x90_sticky_display_bottom?mlos=wi&mlbr=ch&mlla=en&mlbs=72&dsReferer=aHR0cHM6Ly9kb3duZmlsZS5zaXRlLzIwMjEvMDgvMTcvZG8teW91LWhhdmUtdmlzaWJpbGl0eS1pbi15b3VyLW9yZ2FuaXphdGlvbi8=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e927eba1718dd1894cb2bcbd8443d0e4ca5dbc66fe7892baa31d83133da7fd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 6c4358ea5fcb5a19-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H3 200 lBbx1VbWyUs.js Show response
www.facebook.com/rsrc.php/v3iAxA4/yH/l/de_DE/ Frame 7C5F 518 KB
135 KB 8ms
7ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iAxA4/yH/l/de_DE/lBbx1VbWyUs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c81662d71453bc078adec38c4082df0c6f2e6e995cf5c9562f6b85bf721cb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/plugins/like.php?href=https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/&layout=button_count&show_faces=false&width=105&action=like&colorscheme=light&height=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 04:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QM1JO7D0ukZEEuTfH8k9iA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.whatsapp.com whatsapp.com whatsapp.net;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;worker-src blob: *.facebook.com data: *.whatsapp.com whatsapp.com *.whatsapp.net whatsapp.net;report-uri https://www.facebook.com/csp/reporting/?m=t&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 138631
x-fb-rlafr: 0
x-fb-debug: nrdsOhUmnDQv3PbqFtnruB/OJu7pzI656nRB4p/WkOjn4PeT/DTl9VfFv+hq3oiHr2lmDBALvvP/A4BZlhlemQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 17 Dec 2022 04:35:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 7805 11 KB
5 KB 32ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 26 Dec 2021 18:36:45 GMT
expires: Sun, 09 Jan 2022 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 72675
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 / Show response
downfile.site/sbbi/ Frame C50C 516 B
478 B 23ms
23ms Document
text/html 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT&sbbgs=h406d017394d54f1556df0b737ad60f58612&ddl=2
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://downfile.site
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT&sbbgs=h406d017394d54f1556df0b737ad60f58612&ddl=2

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1640616480.cds147.fr8.hn,1640616480.cds125.fr8.sc,1640616480.cdn2-wafbe03-fra1.stackpath.systems.-.i,1640616480.cds125.fr8.p
access-control-allow-origin: *

GET
H2 200 / Show response
downfile.site/sbbi/ Frame C50C 25 KB
11 KB 20ms
20ms Document
text/html 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: eb5dea621a1746133e9b528592bd517d13464da442c36a4102549ee9baf46ee2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT&sbbgs=h406d017394d54f1556df0b737ad60f58612&ddl=2

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1640616480.cds147.fr8.hn,1640616480.cds122.fr8.sc,1640616480.cdn2-wafbe01-fra1.stackpath.systems.-.i,1640616480.cds122.fr8.p
access-control-allow-origin: *

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 32ms
31ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=downfile.site_auto_728x90_sticky_display_bottom&pdc=-0.6100271701812745&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly9kb3duZmlsZS5zaXRlLzIwMjEvMDgvMTcvZG8teW91LWhhdmUtdmlzaWJpbGl0eS1pbi15b3VyLW9yZ2FuaXphdGlvbi8=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id: 01FN097NGTAHD91JD411VXYVS5
date: Mon, 27 Dec 2021 14:48:00 GMT
cf-cache-status: HIT
age: 448075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6c4358ebdc715a19-MXP

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
402 B 30ms
30ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=downfile.site_auto_728x90_sticky_display_bottom&dsReferer=aHR0cHM6Ly9kb3duZmlsZS5zaXRlLzIwMjEvMDgvMTcvZG8teW91LWhhdmUtdmlzaWJpbGl0eS1pbi15b3VyLW9yZ2FuaXphdGlvbi8=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id: 01FN097NH0PKVMTMFFS0YKB0Z8
date: Mon, 27 Dec 2021 14:48:00 GMT
cf-cache-status: HIT
age: 448075
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6c4358ebdc775a19-MXP

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=downfile.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=downfile.site

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
13 KB 537ms
537ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3522553104172230&correlator=1529433771850702&output=ldjh&impl=fifs&eid=31061815%2C31063708%2C44742767&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211227&iu_parts=44890869%3A22641625333%2Cca-pub-3831894559014614-tag%2Ccc33e6a4-e22c-4184-b5d9-23c3754fa367&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=ti%3Dc2cfcbe4-8492-4361-8b8c-d27ca36d1b7a%26bid-p%3Dgoogle%26bsc%3D72&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1640616480&dt=1640616480617&dlt=1640616479572&idt=557&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1110&adks=1590362373&ucis=a&ifi=10&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=122848312.1640616480&ga_sid=1640616480&ga_hid=135029394&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

cc812ea3367e13eca5445f75bcf881b82633de0c34a91b0bc2aa32fb4a820f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://downfile.site
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
downfile.site/sbbi/ Frame C50C 516 B
463 B 26ms
26ms Document
text/html 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://downfile.site
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1640616480.cds147.fr8.hn,1640616480.cds254.fr8.sc,1640616480.cdn2-wafbe03-fra1.stackpath.systems.-.i,1640616480.cds254.fr8.p
access-control-allow-origin: *

POST
H2 200 v2zewyPSyYLOxnKiDfvUl6KXLcxs6vZFyafrUThxkNUDS1AVd-8rkb4ki3cpH8yFU1hOimlAZ8PSZlmwPcQ Show response
expansioneggnog.com/ 227 B
621 B 44ms
17ms Fetch
application/json 35.201.103.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://expansioneggnog.com/v2zewyPSyYLOxnKiDfvUl6KXLcxs6vZFyafrUThxkNUDS1AVd-8rkb4ki3cpH8yFU1hOimlAZ8PSZlmwPcQ

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

212.103.201.35.bc.googleusercontent.com

Software

Resource Hash

4b26181929d1399cd660721e8a56efba6d5d0f824bb0a66f9a080e100ed18bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 27 Dec 2021 14:48:00 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://downfile.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: e00eae1c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 227
expires: Mon, 27 Dec 2021 14:47:59 GMT

GET
H2 200 / Show response
downfile.site/sbbi/ Frame C50C 7 KB
3 KB 21ms
21ms Document
text/html 151.139.128.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map3.hwcdn.net
Software: fbs /
Resource Hash: d59a26ed9f5da5dde363336c62960d6616da55cbe51f58250e78313a0d622dc9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1640616480.cds147.fr8.hn,1640616480.cds122.fr8.sc,1640616480.cdn2-wafbe03-fra1.stackpath.systems.-.i,1640616480.cds122.fr8.p
access-control-allow-origin: *

POST
H2 200 v2mfrk5UL0s_bQ0z7OtoaT3UUc8Sit25ydXNzIBXkD1wd-2kKXKZEeepyUBqeLnd0pBPHxa9orMiJUY8NLg Show response
expansioneggnog.com/ 3 B
36 B 33ms
33ms Fetch
application/json 35.201.103.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://expansioneggnog.com/v2mfrk5UL0s_bQ0z7OtoaT3UUc8Sit25ydXNzIBXkD1wd-2kKXKZEeepyUBqeLnd0pBPHxa9orMiJUY8NLg

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

212.103.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 27 Dec 2021 14:48:00 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://downfile.site
access-control-allow-credentials: true
x-hostname: e00eae1c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H2 200 / Show response
c.mgid.com/pv/ 0
280 B 66ms
52ms Script
text/plain 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1640616480872873927411&uniqId=12b2d&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&lu=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&sessionId=61c9d221-12dae&pageView=1&pvid=17dfc5cd069ba91a2f7&site=414490&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/m/m.megaurl.in.1183354.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6c4358ed9f513bc2-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 34ms
26ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 7012
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6c4358edaf773bc2-CDG
expires: Tue, 28 Dec 2021 14:48:00 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 35ms
27ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 7013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6c4358edaf723bc2-CDG
expires: Tue, 28 Dec 2021 14:48:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1183354/ 2 KB
1 KB 56ms
46ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1183354/1?pv=5&cbuster=164061648094799024076&uniqId=12b2d&niet=4g&nisd=false&jsv=es6&w=696&h=90&cols=2&ref=&cxurl=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&lu=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&sessionId=61c9d221-12dae&pageView=1&pvid=17dfc5cd069ba91a2f7&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/m/m.megaurl.in.1183354.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcdd7c740976480bd534b110c22f9e53438fa87df69f8d071ccfdeced8bb38f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6c4358ee086e3bc2-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhlOTk5ZTQxOWMzODI5NGI0ODg3MmM1MjQwNWZiNjNiLmpwZWc.webp
s-img.mgid.com/g/3961825/492x328/0x0x806x537/ 15 KB
16 KB 175ms
148ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3961825/492x328/0x0x806x537/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhlOTk5ZTQxOWMzODI5NGI0ODg3MmM1MjQwNWZiNjNiLmpwZWc.webp?v=1640616480-pqiaoilFqrEEZJ9v9osNnRO3JHdDHyOi2dSa88wQuX0
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ec9e8c8d66e76847de2d5aa844218fa909c3fe31231865f6aa1d767202ab20

Request headers

Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Nov 2021 15:44:21 GMT
x-mg-request-uuid: d004f059-f023-4427-b065-da4bda62aad3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4358ee9fcf1e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15622
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzQ1YTczYzA1OWExZmMwMGM5ZWU3ZTNhNTAzOTM4ZTZmLmpwZz90PTE0OTE5OTE2NzgwMDI.webp
s-img.mgid.com/g/3805528/492x328/0x0x492x328/ 7 KB
7 KB 64ms
36ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805528/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzQ1YTczYzA1OWExZmMwMGM5ZWU3ZTNhNTAzOTM4ZTZmLmpwZz90PTE0OTE5OTE2NzgwMDI.webp?v=1640616480-p1fMKdbP_rS-uW9C5sOmicKlSa3o3MGGXB0l1tebNCs
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082acab6074d30aeca7a1850b34f2bfc06fbd08cccad58096a6f8109c444f39f

Request headers

Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:47:08 GMT
x-mg-request-uuid: 9b1db503-e0d1-4930-a38b-536513dd90cb
age: 4436
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6c4358ee9fd11e47-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6734
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
931 B 123ms
115ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1640616481052690856376
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/m/m.megaurl.in.1183354.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a81d546804b6820cef56975c8f4aeb75fa7aa7724c4709ea8a967df229edb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6c4358eeaa3a3bc2-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame B05A 19 B
209 B 104ms
104ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1640616481070369726058
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/m/m/m.megaurl.in.1183354.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6c4358eeba753bc2-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame F63A 189 KB
55 KB 63ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Sat, 25 Dec 2021 09:57:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 25 Dec 2022 09:57:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F63A 13 KB
5 KB 74ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Sat, 25 Dec 2021 09:57:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 25 Dec 2022 09:57:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F63A 89 KB
28 KB 75ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Sat, 25 Dec 2021 09:57:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 25 Dec 2022 09:57:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F63A 5 KB
2 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Sat, 25 Dec 2021 09:57:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 25 Dec 2022 09:57:12 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F63A 40 KB
13 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 190249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Sat, 25 Dec 2021 09:57:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 25 Dec 2022 09:57:12 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F63A 3 KB
579 B 33ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 14:11:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Dec 2021 14:48:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F63A 2 KB
3 KB 31ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Dec 2021 20:16:06 GMT
x-content-type-options: nosniff
server: cafe
age: 66715
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Mon, 27 Dec 2021 20:16:06 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F63A 295 B
757 B 30ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 32667
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 28 Dec 2021 05:43:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F63A 0
0 41ms
16ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFqDzrrkmb6ylG-rDjIFdGpTtRE3BkXqcUNKWANLmZKfZuj2qi6DER1lW1X4dzZQyjC5QbsPIMd7mX2Hy6r5VqNvF8Sg
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F63A 0
0 47ms
47ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBUM6INLJYdiqKbSorASuoa_QAcDR15JnyLGouooOw-Tz_QgQASCVm8ohYJXikIKgB6ABpqqmmgPIAQHgAgCoAwGqBKACT9AIpKIqj9EDDCchyQM37-QXswjr2--q0D3Ev0OdUz_OPSfUm57HzAkJ_ZpxFSjtcLRNEtK4V2jE1Dbhxc-T6RAH6BAIfq3-w--Ii33e1cMHkunI17hi_EM0GMVigrbN23s1veaxT8frWPEomEGpR9WhDooG3gYOZ0kWocYrouSQiUsEVoyNev422EjM-BwAZ_2LyIAmEWom-_blwf9DnUzALuXMJtPsnEKZzv1J01W87elIW5QAVM6qeQshIwMVd4zQcc21k-ORdFr8WCkWGFfNA6yP4Af3rGGMq6O2JknWGB0lFcWDbVG9KhrKjyUSKNqb2fldPGRho-Dm-kBn6oMBpatG967nlJo7NBuhbojqQqPWhtnFBw9FcgAUnxECwASDzdiY7APgBAGAB8LV2WWoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC7917SCAkIiOGAEBABGB2ACgPICwHYEwOIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=bz7yVNnoYwo&uach_m=[UACH]&template_id=5001&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
402 B 32ms
32ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0&b=3&r=downfile.site_auto_728x90_sticky_display_bottom&sy=81cf9b24-89d8-429b-b98e-32ee2c95913f&ts=72&cd=2&pud=222&pus=c&pue=1687&pid=82&pis=c&pie=1900&ppd=146&pps=a&ppe=1964&pad=70&pas=c&pae=2066&pcl=2142&ttc=2233&tti=3051&ttif=0&lca=1964&lcak=ppe&lct=2066&lctk=pae&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=downfile.site&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=c2cfcbe4-8492-4361-8b8c-d27ca36d1b7a&e=lm&dsReferer=aHR0cHM6Ly9kb3duZmlsZS5zaXRlLzIwMjEvMDgvMTcvZG8teW91LWhhdmUtdmlzaWJpbGl0eS1pbi15b3VyLW9yZ2FuaXphdGlvbi8=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nf-request-id: 01FN097NGTAHD91JD411VXYVS5
date: Mon, 27 Dec 2021 14:48:01 GMT
cf-cache-status: HIT
age: 448076
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 6c4358ef6ead5a19-MXP

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 2CB0 1 KB
881 B 704ms
259ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1640616481052690856376
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

Server: VertaMedia 1.0
Date: Mon, 27 Dec 2021 14:48:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://downfile.site
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C6A4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west

281 B
554 B

46ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1640616481052690856376
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Dec 2021 14:48:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Date: Mon, 27 Dec 2021 14:48:01 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
412 B 131ms
79ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=lbr0PfaMhdM6
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4358efcf9aee54-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=d18b9604-2b6b-44b1-9639-91275c784dbb&ttl=1643208481

43 B
560 B

145ms
145ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=d18b9604-2b6b-44b1-9639-91275c784dbb&ttl=1643208481
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6c4358f0695d5b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=d18b9604-2b6b-44b1-9639-91275c784dbb&ttl=1643208481
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbr0PfaMhdM6
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6431200676867946660&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

0
239 B

36ms
11ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 14:48:01 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 mw
mwzeom.zeotap.com/ 95 B
453 B 58ms
24ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=lbr0PfaMhdM6&zpartnerid=1532&zdid=1532
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://downfile.site
access-control-allow-credentials: true
cf-ray: 6c4358efbd031f19-FRA
access-control-allow-headers: *
content-length: 95

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJyMFBmYU1oZE02&muidn=lbr0PfaMhdM6
https://cm.mgid.com/google?muidn=lbr0PfaMhdM6&google_ula={guid},5&google_gid=CAESEEaRmtZ-W_Byz8HRsGoOjCY&google_cver=1

0
376 B

151ms
151ms

Image
text/plain

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=lbr0PfaMhdM6&google_ula={guid},5&google_gid=CAESEEaRmtZ-W_Byz8HRsGoOjCY&google_cver=1
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6c4358f008845b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=lbr0PfaMhdM6&google_ula={guid},5&google_gid=CAESEEaRmtZ-W_Byz8HRsGoOjCY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

Bidswitch
s.seedtag.com/cs/cookiesync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=lbr0PfaMhdM6
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lbr0PfaMhdM6
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=63b0f668-a358-4ad5-875b-b2e394363f1e

0
507 B

50ms
21ms

Image
text/plain

34.149.60.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=63b0f668-a358-4ad5-875b-b2e394363f1e
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Server: 34.149.60.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.60.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
via: 1.1 google
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: clear
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location: //s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=63b0f668-a358-4ad5-875b-b2e394363f1e
Date: Mon, 27 Dec 2021 14:48:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
495 B 109ms
79ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=lbr0PfaMhdM6
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c4358f008355c8c-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=1851fdcf-640d-4210-9562-c6aa71e62714

43 B
576 B

125ms
125ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=1851fdcf-640d-4210-9562-c6aa71e62714
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6c4358f429445b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=1851fdcf-640d-4210-9562-c6aa71e62714
date: Mon, 27 Dec 2021 14:48:01 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=63b0f668-a358-4ad5-875b-b2e394363f1e&ssp=mgid&gdpr=&gdpr_consent=

43 B
324 B

37ms
18ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=63b0f668-a358-4ad5-875b-b2e394363f1e&ssp=mgid&gdpr=&gdpr_consent=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=63b0f668-a358-4ad5-875b-b2e394363f1e&ssp=mgid&gdpr=&gdpr_consent=
Date: Mon, 27 Dec 2021 14:48:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=14440ff1-3d15-4d0c-bbdd-850940f20ea5

43 B
560 B

133ms
133ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=14440ff1-3d15-4d0c-bbdd-850940f20ea5
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6c4358f0da295b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=14440ff1-3d15-4d0c-bbdd-850940f20ea5
date: Mon, 27 Dec 2021 14:48:01 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=8e3uc82Ioeo5P4otZgiT&pi=mgid&tc=1

43 B
560 B

120ms
120ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=8e3uc82Ioeo5P4otZgiT&pi=mgid&tc=1
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6c4358f0a9ec5b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=8e3uc82Ioeo5P4otZgiT&pi=mgid&tc=1
pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT, Mon, 27 Dec 2021 14:48:01 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9247744908123449158/ Frame F63A 2 KB
2 KB 26ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9247744908123449158/downsize_200k_v1?w=100&h=100

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a469911a1743109010e5ec2f9aee6034375be604c3559c552a715f1ecdbfd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 06:39:25 GMT
x-content-type-options: nosniff
age: 288516
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2269
x-xss-protection: 0
last-modified: Wed, 31 Mar 2021 18:22:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Dec 2022 06:39:25 GMT

GET
DATA 200
OK truncated
/ Frame F63A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8476d65c2000531dbc73d1134de65a57797388a6c42d93b1d2242e3b8f76e13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame F63A 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 591995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 20 Dec 2022 18:21:26 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame F63A 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:17:51 GMT
x-content-type-options: nosniff
age: 264610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 13:17:51 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F63A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

142ms
126ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Mon, 27 Dec 2021 14:48:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C6A4 32 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 310ec08f78aca9b36c34a878dc933c8258bcb914800038508419033c2c69e25e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 14:48:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12973
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Mon, 27 Dec 2021 18:24:14 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C6A4 284 B
536 B 33ms
9ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1 204
No Content sync.php
pixel-us-west.rubiconproject.com/exchange/ Frame C6A4 0
239 B 641ms
158ms Image
image/gif 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Content-Type: image/gif

GET
H3 200 container.html Show response
45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 169D 6 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Dec 2021 14:48:00 GMT
expires: Tue, 27 Dec 2022 14:48:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 4B93 4 KB
634 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Dec 2021 14:07:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 27 Dec 2021 14:48:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 4B93 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:02:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 18C4 0
0 44ms
44ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkRgvLQ8iUvNRYd3_J1TfPvnGQL-sDADUt0-xGrFzbXrqeM-ErHNl2yOZGF2qlG9qG-ga3cV78TXDKztIA2fLYWFaFD4Q7nbhbGSj3lw-JurFNjogzUmOs-EBAF9ekU0O9tbVBluDpNUpL1uXh3yS_EXCBlJWNadP2s3NMYtP6zwNUIZHyKxpUpQbe3Rij31XTNn2hrj3B6fdBNeSDvLMp5hfAAOEyygEHYFOF67I0A9Be8J-uvDBy_jK-JvYhmw-7XfPJphn2ikwHX6GjbfZ0rIYzowyURqJ3oZ4VHcyUsN2EhobLAPo79sJra4RloN85DZw&sai=AMfl-YS0UpoqcW9LH-IZPxg1OB-W7zQ2G1DVIUAq2EcBcwJLeZ6LmSFNsDN7Vu4xjzdsmVy49Onn_GWXI6akHjNN6cXX-xZYwBCyiw6609L29G45mh_RnhPtR3ewhDmYFAZA&sig=Cg0ArKJSzGGaYfwjZPLPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 18C4 145 KB
51 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1995021269147151

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61af2048793ffcc84b3669d9c509c5d381562549e71226e7b1cd3fd3bb3b3745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51802
x-xss-protection: 0
server: cafe
etag: 11878117119964287800
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18C4 119 KB
37 KB 67ms
43ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D2F1 145 KB
51 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1995021269147151

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f8082deefd65885133b1aca286d0c20f79d599d509b7dc69bc2f253bd9ba1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Origin: https://downfile.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51802
x-xss-protection: 0
server: cafe
etag: 1668975057340460659
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2F1 119 KB
37 KB 64ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 338B 624 B
299 B 18ms
18ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYgvvvvAEwAQ&v=APEucNUCkOzrRO_oVuwS7yQivmxLjMFxk4kK5rddziHDVqqDYHMUxzSPpiRUNCIwPi-Ow1qIXPS2MIMOIqq_NyO9nCic_FV9NiRGObFnwm3lL5SqyLhVS4oYm5ubVinJAlkIMJbnierblTdk8WzEqvcdfDW60j2CCMrW4NCPxAvDnkEsLH4OE7U

Requested by

Host: 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com
URL: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 27 Dec 2021 14:48:01 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 169D 70 KB
29 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DW9mNrPm_MKBuURhnw-9vmwqAweH4km9EghCwtixEXobDYz6z34jW2meZlKBVSmqZQOpOxEfqSfDkin0A-mTblSi7BMmzAaGSdJXBr-W98CXoYdWTOe9bTkG2lEz7YAvgGodqyBH-rDfakBWT-4xUZhVP-Jw&dbm_d=AKAmf-ClExYazgS0TYQHUjt2oGc4F44N3qccsQj7LWR0UOYFyAumzCcY-5SkyMt2UnfB86VLlfQRQYdrvYmnG9gLGDiFIhZg0X12h0agCtjUgyC2rgDuPa8OfFztUeFd2S7-nICXpTFD5FZqpXAstCTXHFD2z2diMR7nBn81kZ1ghb9Bz8gZdgVAVoqKOErwF-RpE6NQGWrIGRo_V7r6A2swdvvx1ZQrusYFqswon9LxHPfbDtvGyBs22xJ7W2_ICa7ak6UCPaYtHZOPM3Gkhi3BMTYji55310natUcfRIdGASMDyaTBGoszdf4ghMcC3I54wVJzRzlCuiIPMsnbCP3y6XhNF0FXWnFTtlATWTO2kNSYJfPh6JBBVcEvvmoAvEe2ru-2_t9L4uhlHo4PBLj67RWHrihoV4Acxq2X5xjP_INT3QqE-SslNjdpqqTHW_mPnfgbZPFwzkMgutl21cd1UKYQxjWFNoen02836yYnfqi--st369X4WxFy5BnRM584aNV9etBODRcwOGzkWKd4oQ13indOhCZtqwHMJ07icMhblvQhfUXFcA4Sn8I-GQD1Rd7prvf1K0wUjUyn_qwF5Ud2Yr3KrM9Wlg08AVllwXSs_yKYIm7CX63RTStX6IVS2k_sza622UHL2HhHtxsP4iBj2uvawasmcuFVNmOeKimTKzhsu8ryvSrKipReeMuzpTbZ_ChOmB4_p8LmVqHUo_OiiSHi-hbrZvWGIhWKM_gPTsndfoCdT-I2OvGS9L0dy9zNOVVpaj7HEe3_MBbLbps5bqHZTS_Ai4JCh0GIWtgjvBVMgMMfcaS1EPgCSj0EVQgDT1k0Xf2MzfASblniavuPYfAhiHPCHi1HIh20eKWH5JLw3GYn05bH5thV6Lt3WvpuYx7lqeo8szs0qxVoqLal2uXuPSOsoPfoKuBy9oCbS5o_HySPjMuJA5gzOIdsGYFUobQw176dvEvNomV_1gdzoEUgEQSfywDDzkkH2SZkEXDlLU2BVdejAv-RToBjfeyjl-OPesdhNjVsSLIHUvdYl4ZKTYxvskcrjx2GCm4-r9wQb58pKmjfr7x1xQLPQ65H4iVH6KEeawOvuDDhcY4YApp0YsNRWXMJ2kH2QdhrKwD9YbBBaHZFiWnNVvVA6-Armp5w25g2cJIml7Da_h17QzFNgXs8N611M276NkgP8XBxeZkU-Tz3i2ZeyYV0ZzKYQT3g1OcekdG7kMjp_gfCFbYp_n0rX-5U6MMow1PgwZ59djruCEZAUHQ8Qy6fSpSwz1pZRZA_ACICQKvObgfcKVldIZGR_XnxM7AZqJUbhKx_VhX1awdmB-rj8Ff3Dhi78EGny3CaYu_IziQ8wjpdAlJsO_aT1WSgcZQd_FbdNiWV_raGhyp3sCfc05k_GI_47bE1yxF6VctQkS2h58crVZEgV4fBWxYO_FekY7Vsryv-hq1eyAQaJkqTyiZRHlbDOG3roYGW_zohSNOLhqsH0O9L4HLsYg6aS4CmfVQi0CvhE7FyHzwCsqwGBsjNH2OijHPKZTDh0niAW-D0WszyBpIcmPmqa0bNvzlltlh_AsW-3pH6HoiGhlyGWki90-A-kqBlnQuSfyKTCKpIL7BwME66ec3aXUqsjf88keNabHLqiWDJZ1vQIEXF9Df9shvmzz1ADHBV3y2KpIzpOgqJBlJ5tmvbCX2mFJNyL2LjrbY6G4MPoNnHC94vLPVlknTn9jCATQZeqVqPTS5LombGXlamr80BnHXg-XOe_RIsqv_KpfJurtJpPUA2ama9cL_kEt1MDHOY-HMdBCC5oFvq2FIcl7jaM3QhCN9oBzyny5NMsQx-vCM-wHzthWsvQYB7nB4uQpKOjKpGiaLTRxTwolA1bJb0XpBdfJDvVrSLzyCWD47qs1eiPh0uzEA5PuuTOxdzlYT4fDc866Eyo4Xq-9bhuNb8m3ID1-D_7WV93NIrjyPDTei2rzx2M3w8ZzKl5Dj5zC5iRhStfUTMn3gNy81YTm2neOaE2Y13Sn_kVKWyG0FX4FEtc6F-57OW94BdvePK5KT3LEwDHpDhyGc-KzjjQMUKyIyPiJEWDWIbfxxcK62gwJf6SfF_z4i2A4mfzqu2Q9uRfFCmCLGrK-vp8L6Q7x_gBfAbU9E9Em-wTRe5VD2Tyi_Z34PQ2aUSUWKzamfgm2QJNdhn72rEjWTGpM_Qtphpx7gBZUW7VLbYBaakD8ebhfG592PGX3oW40_AySIY5k_hW-S9GEP_p-nZaG7ttI0RZPIp84zVY4r7mngmnjEJbBfjn48KUKxgvR4oGgzkrkDhONUMy2To6uMPmqkFVAh68od-ZDeXqBjWjVLfhyIaS_7V2KlRlFSQw_u8vKsF_Jhn72dxZIGiZX_aIGxn8tcjLDs0vOS9Pa_mWRz3GDaLKpjQvu2yCreMoxptSPAB5XOIJ6Z3OIkqqEOiIAKS1RSQ4SovGjWu_EFs5J1tDmMkDxkWCfWBZ3nYNBwJYTvj3_jsfS_NzWnci8ub0h8cJmNDCqUM4Yr4gPmUBRG9lx3OV5Zfu5_q6Zf_2SMlXjA8SPvJpNVHy9v4cNJx6BO0Fwo2KtbODHrN8W_F77-yPq_qqV4tFykpM6_S4axtViLSz1bKlw67X1Z2Sp4jIacSCHrON1ZCAGO4a_DXGXRGggcgRhDIIx85miJEW0gaVSECgo730XewwhWB-l_EvNCRzAsLXZZEjdhqmyAGOfA_MYd9R_2kaQ8x92tDF3vXTIow8kWHrgIV02Uo2KbkhWuL6DUqhdQhlPCrqRuHpM6ZIeJFEkZUEe8TMBFRIIA4FLnp5SMlTMxWcp2Psr4-k4CmHyjEUZ3VkWaeP26OgP0nA3_bRMMH4wMmsv3nW6d88aPEBaMC4aGOLOXixR61jKJCBwiripwFD4T784OmVaglR_5Pyn4HFHd83y0gbYqD52kQJhbgMHIj3HI69R4-0s8cO14WVYTdGqeJq57c9oU9dKTCkfgsMxiwIhrD2YSYlxnuZg0svfcrQi7cEbT8PL8PdgabT7RqwCyWCC9p8lNiQ1QrU1YdJ9ja9hcsls9v5NEq_ezPS4fy6SnSmuaKcvdC0Hyxpk68ryDUjvXVa6_pYLwW8-dHIPUSIJnsvEZKe4aV_QJf39t6-m02A2KIlCReIYtKyX1T0f6Jrb_k1RSFqaNKflKto4cgPyebOYRyhfO-8s9hQUhG056TKTf2bAsq_Q&cid=CAASFeRog_mGmGbUmsUKFa9RwnPLDrOWAQ&rfl=1%2Chttps%253A%252F%252Fdownfile.site%252F2021%252F08%252F17%252Fdo-you-have-visibility-in-your-organization%252F%240

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af15c596a7b0112e6887472cce697c9882863d816e73d10c61c36d5ad70f340f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 169D 42 B
63 B 56ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQFYrD6tff5OhdIfdICEzLfPWkIOEg9j4G5qYxtIyRtY9zZ-CJmVe-B3wzPPdB9H591AymDo39I-Ypg78elCNCV7CwUvGp3cwV3TEy-AieAIK6Vp0

Requested by

Host: 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com
URL: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 169D 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com
URL: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:41:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 169D 119 KB
37 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com
URL: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 169D 15 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com
URL: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:44:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 169D 0
0 15ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQe5z3DU9f796807OTGodPm1zggVUsZBUT0Um8zy2FYBD7-6immM5x51xy_FkpcxvZqeulIDJG_2ou3S0zVwk8pNNQHFw
Requested by: Host: 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com
URL: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ Frame 18C4 276 KB
99 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1995021269147151&plah=downfile.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1995021269147151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 338B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa6ekv7xUX4fongmQ2lI5E&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa6ekv7xUX4fongmQ2lI5E&google_cver=1&C=1

43 B
894 B

46ms
46ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa6ekv7xUX4fongmQ2lI5E&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYgvvvvAEwAQ&v=APEucNUCkOzrRO_oVuwS7yQivmxLjMFxk4kK5rddziHDVqqDYHMUxzSPpiRUNCIwPi-Ow1qIXPS2MIMOIqq_NyO9nCic_FV9NiRGObFnwm3lL5SqyLhVS4oYm5ubVinJAlkIMJbnierblTdk8WzEqvcdfDW60j2CCMrW4NCPxAvDnkEsLH4OE7U
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 14:48:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 14:48:01 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 14:48:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa6ekv7xUX4fongmQ2lI5E&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 338B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YcnSIQsWreLegaPxaMlVCgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa6ekv7xUX4fongmQ2lI5E&google_cver=1

43 B
894 B

28ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa6ekv7xUX4fongmQ2lI5E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYgvvvvAEwAQ&v=APEucNUCkOzrRO_oVuwS7yQivmxLjMFxk4kK5rddziHDVqqDYHMUxzSPpiRUNCIwPi-Ow1qIXPS2MIMOIqq_NyO9nCic_FV9NiRGObFnwm3lL5SqyLhVS4oYm5ubVinJAlkIMJbnierblTdk8WzEqvcdfDW60j2CCMrW4NCPxAvDnkEsLH4OE7U
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 14:48:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 27 Dec 2021 14:48:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKa6ekv7xUX4fongmQ2lI5E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 338B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDkZ3yiF5OkjNr6WcWghYV8&google_cver=1

43 B
1005 B

18ms
17ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDkZ3yiF5OkjNr6WcWghYV8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIYgvvvvAEwAQ&v=APEucNUCkOzrRO_oVuwS7yQivmxLjMFxk4kK5rddziHDVqqDYHMUxzSPpiRUNCIwPi-Ow1qIXPS2MIMOIqq_NyO9nCic_FV9NiRGObFnwm3lL5SqyLhVS4oYm5ubVinJAlkIMJbnierblTdk8WzEqvcdfDW60j2CCMrW4NCPxAvDnkEsLH4OE7U

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 14:48:01 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: da342bac-4e3b-460b-ae5d-56de4ecc64ac
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDkZ3yiF5OkjNr6WcWghYV8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 338B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzEzODI3ODYyNDA3MzY1OTc4

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzEzODI3ODYyNDA3MzY1OTc4

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 14:48:01 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: be643f2a-9e4d-4529-9e56-452ff88dd497
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzEzODI3ODYyNDA3MzY1OTc4
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ Frame D2F1 276 KB
99 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1995021269147151&plah=downfile.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1995021269147151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 14:48:01 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 169D 169 KB
59 KB 76ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
Origin: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 10:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Dec 2021 10:49:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 169D 8 KB
3 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DW9mNrPm_MKBuURhnw-9vmwqAweH4km9EghCwtixEXobDYz6z34jW2meZlKBVSmqZQOpOxEfqSfDkin0A-mTblSi7BMmzAaGSdJXBr-W98CXoYdWTOe9bTkG2lEz7YAvgGodqyBH-rDfakBWT-4xUZhVP-Jw&dbm_d=AKAmf-ClExYazgS0TYQHUjt2oGc4F44N3qccsQj7LWR0UOYFyAumzCcY-5SkyMt2UnfB86VLlfQRQYdrvYmnG9gLGDiFIhZg0X12h0agCtjUgyC2rgDuPa8OfFztUeFd2S7-nICXpTFD5FZqpXAstCTXHFD2z2diMR7nBn81kZ1ghb9Bz8gZdgVAVoqKOErwF-RpE6NQGWrIGRo_V7r6A2swdvvx1ZQrusYFqswon9LxHPfbDtvGyBs22xJ7W2_ICa7ak6UCPaYtHZOPM3Gkhi3BMTYji55310natUcfRIdGASMDyaTBGoszdf4ghMcC3I54wVJzRzlCuiIPMsnbCP3y6XhNF0FXWnFTtlATWTO2kNSYJfPh6JBBVcEvvmoAvEe2ru-2_t9L4uhlHo4PBLj67RWHrihoV4Acxq2X5xjP_INT3QqE-SslNjdpqqTHW_mPnfgbZPFwzkMgutl21cd1UKYQxjWFNoen02836yYnfqi--st369X4WxFy5BnRM584aNV9etBODRcwOGzkWKd4oQ13indOhCZtqwHMJ07icMhblvQhfUXFcA4Sn8I-GQD1Rd7prvf1K0wUjUyn_qwF5Ud2Yr3KrM9Wlg08AVllwXSs_yKYIm7CX63RTStX6IVS2k_sza622UHL2HhHtxsP4iBj2uvawasmcuFVNmOeKimTKzhsu8ryvSrKipReeMuzpTbZ_ChOmB4_p8LmVqHUo_OiiSHi-hbrZvWGIhWKM_gPTsndfoCdT-I2OvGS9L0dy9zNOVVpaj7HEe3_MBbLbps5bqHZTS_Ai4JCh0GIWtgjvBVMgMMfcaS1EPgCSj0EVQgDT1k0Xf2MzfASblniavuPYfAhiHPCHi1HIh20eKWH5JLw3GYn05bH5thV6Lt3WvpuYx7lqeo8szs0qxVoqLal2uXuPSOsoPfoKuBy9oCbS5o_HySPjMuJA5gzOIdsGYFUobQw176dvEvNomV_1gdzoEUgEQSfywDDzkkH2SZkEXDlLU2BVdejAv-RToBjfeyjl-OPesdhNjVsSLIHUvdYl4ZKTYxvskcrjx2GCm4-r9wQb58pKmjfr7x1xQLPQ65H4iVH6KEeawOvuDDhcY4YApp0YsNRWXMJ2kH2QdhrKwD9YbBBaHZFiWnNVvVA6-Armp5w25g2cJIml7Da_h17QzFNgXs8N611M276NkgP8XBxeZkU-Tz3i2ZeyYV0ZzKYQT3g1OcekdG7kMjp_gfCFbYp_n0rX-5U6MMow1PgwZ59djruCEZAUHQ8Qy6fSpSwz1pZRZA_ACICQKvObgfcKVldIZGR_XnxM7AZqJUbhKx_VhX1awdmB-rj8Ff3Dhi78EGny3CaYu_IziQ8wjpdAlJsO_aT1WSgcZQd_FbdNiWV_raGhyp3sCfc05k_GI_47bE1yxF6VctQkS2h58crVZEgV4fBWxYO_FekY7Vsryv-hq1eyAQaJkqTyiZRHlbDOG3roYGW_zohSNOLhqsH0O9L4HLsYg6aS4CmfVQi0CvhE7FyHzwCsqwGBsjNH2OijHPKZTDh0niAW-D0WszyBpIcmPmqa0bNvzlltlh_AsW-3pH6HoiGhlyGWki90-A-kqBlnQuSfyKTCKpIL7BwME66ec3aXUqsjf88keNabHLqiWDJZ1vQIEXF9Df9shvmzz1ADHBV3y2KpIzpOgqJBlJ5tmvbCX2mFJNyL2LjrbY6G4MPoNnHC94vLPVlknTn9jCATQZeqVqPTS5LombGXlamr80BnHXg-XOe_RIsqv_KpfJurtJpPUA2ama9cL_kEt1MDHOY-HMdBCC5oFvq2FIcl7jaM3QhCN9oBzyny5NMsQx-vCM-wHzthWsvQYB7nB4uQpKOjKpGiaLTRxTwolA1bJb0XpBdfJDvVrSLzyCWD47qs1eiPh0uzEA5PuuTOxdzlYT4fDc866Eyo4Xq-9bhuNb8m3ID1-D_7WV93NIrjyPDTei2rzx2M3w8ZzKl5Dj5zC5iRhStfUTMn3gNy81YTm2neOaE2Y13Sn_kVKWyG0FX4FEtc6F-57OW94BdvePK5KT3LEwDHpDhyGc-KzjjQMUKyIyPiJEWDWIbfxxcK62gwJf6SfF_z4i2A4mfzqu2Q9uRfFCmCLGrK-vp8L6Q7x_gBfAbU9E9Em-wTRe5VD2Tyi_Z34PQ2aUSUWKzamfgm2QJNdhn72rEjWTGpM_Qtphpx7gBZUW7VLbYBaakD8ebhfG592PGX3oW40_AySIY5k_hW-S9GEP_p-nZaG7ttI0RZPIp84zVY4r7mngmnjEJbBfjn48KUKxgvR4oGgzkrkDhONUMy2To6uMPmqkFVAh68od-ZDeXqBjWjVLfhyIaS_7V2KlRlFSQw_u8vKsF_Jhn72dxZIGiZX_aIGxn8tcjLDs0vOS9Pa_mWRz3GDaLKpjQvu2yCreMoxptSPAB5XOIJ6Z3OIkqqEOiIAKS1RSQ4SovGjWu_EFs5J1tDmMkDxkWCfWBZ3nYNBwJYTvj3_jsfS_NzWnci8ub0h8cJmNDCqUM4Yr4gPmUBRG9lx3OV5Zfu5_q6Zf_2SMlXjA8SPvJpNVHy9v4cNJx6BO0Fwo2KtbODHrN8W_F77-yPq_qqV4tFykpM6_S4axtViLSz1bKlw67X1Z2Sp4jIacSCHrON1ZCAGO4a_DXGXRGggcgRhDIIx85miJEW0gaVSECgo730XewwhWB-l_EvNCRzAsLXZZEjdhqmyAGOfA_MYd9R_2kaQ8x92tDF3vXTIow8kWHrgIV02Uo2KbkhWuL6DUqhdQhlPCrqRuHpM6ZIeJFEkZUEe8TMBFRIIA4FLnp5SMlTMxWcp2Psr4-k4CmHyjEUZ3VkWaeP26OgP0nA3_bRMMH4wMmsv3nW6d88aPEBaMC4aGOLOXixR61jKJCBwiripwFD4T784OmVaglR_5Pyn4HFHd83y0gbYqD52kQJhbgMHIj3HI69R4-0s8cO14WVYTdGqeJq57c9oU9dKTCkfgsMxiwIhrD2YSYlxnuZg0svfcrQi7cEbT8PL8PdgabT7RqwCyWCC9p8lNiQ1QrU1YdJ9ja9hcsls9v5NEq_ezPS4fy6SnSmuaKcvdC0Hyxpk68ryDUjvXVa6_pYLwW8-dHIPUSIJnsvEZKe4aV_QJf39t6-m02A2KIlCReIYtKyX1T0f6Jrb_k1RSFqaNKflKto4cgPyebOYRyhfO-8s9hQUhG056TKTf2bAsq_Q&cid=CAASFeRog_mGmGbUmsUKFa9RwnPLDrOWAQ&rfl=1%2Chttps%253A%252F%252Fdownfile.site%252F2021%252F08%252F17%252Fdo-you-have-visibility-in-your-organization%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:44:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 169D 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:46:56 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 18C4 12 B
278 B 17ms
14ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=downfile.site&callback=_gfp_s_&client=ca-pub-1995021269147151&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1995021269147151&plah=downfile.site

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 18C4 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=downfile.site

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 18C4 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=downfile.site

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18C4 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&tn=DIV&cls=demand-supply__sd%20demand-supply__sd--bottom%20demand-supply__sd--active&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D9F5 0
16 B 126ms
125ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&adk=1812271804&adf=2751417941&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481537&bpp=2&bdt=69&idt=105&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&nras=1&correlator=6025612048166&frm=23&ife=4&pv=2&ga_vid=573611523.1640616482&ga_sid=1640616482&ga_hid=659228861&ga_fc=0&nhd=1&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3696954092&scr_x=0&scr_y=0&eid=31062422%2C31063246&oid=2&pvsid=389013987179716&pem=274&tmod=847&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.el7wd0tqx2oh&fsb=1&dtd=124

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 27 Dec 2021 14:48:01 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 169D 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com
URL: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 09:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18952
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Dec 2022 09:32:09 GMT

GET
DATA 200
OK truncated
/ Frame 169D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32f9fcb0c30b9bce04daa897555a7d598e4b0de4e36e561868f0df040460a45f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C92 26 KB
12 KB 751ms
751ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&h=250&slotname=5605423233&adk=3391074604&adf=776186313&pi=t.ma~as.5605423233&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481539&bpp=1&bdt=71&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&prev_fmts=0x0&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=573611523.1640616482&ga_sid=1640616482&ga_hid=659228861&ga_fc=0&nhd=1&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3696954092&scr_x=0&scr_y=0&eid=31062422%2C31063246&oid=2&pvsid=389013987179716&pem=274&tmod=847&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.uuu7g8z4v49c&fsb=1&dtd=160

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb4b4f9c6283a66aadd13b7242fdcbc2b3c91e78d59ba7501a1c5d179f62ac03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Dec 2021 14:48:02 GMT
server: cafe
content-length: 11893
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D2F1 12 B
53 B 16ms
16ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2F1 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame D2F1 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=downfile.site

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D2F1 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=downfile.site

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 79A1 0
16 B 115ms
113ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&adk=1812271804&adf=3407277755&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481564&bpp=2&bdt=102&idt=142&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=993416566.1640616482&ga_sid=1640616482&ga_hid=793451948&ga_fc=0&nhd=2&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2296956567&scr_x=0&scr_y=0&oid=2&pvsid=4041987728523401&pem=274&tmod=794&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.t59c376f2z1u&fsb=1&dtd=149

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 27 Dec 2021 14:48:01 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7F86 430 B
224 B 434ms
434ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&h=480&slotname=6253108731&adk=3465567970&adf=4198862046&pi=t.ma~as.6253108731&w=320&psa=0&format=320x480&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481566&bpp=1&bdt=104&idt=160&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&prev_fmts=0x0&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=993416566.1640616482&ga_sid=1640616482&ga_hid=793451948&ga_fc=0&nhd=2&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=2296956567&scr_x=0&scr_y=0&oid=2&pvsid=4041987728523401&pem=274&tmod=794&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.voj5i5a0j0sm&fsb=1&dtd=163

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e648a6d934f89ec6a5eab6f5cff28c5bba2cce545a2c91f6dd24b4779f955a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Dec 2021 14:48:02 GMT
server: cafe
content-length: 204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15967189577522001263/ Frame 92A8 121 KB
25 KB 35ms
16ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15967189577522001263/index.html?e=69&leftOffset=0&topOffset=0&c=uglTz90crQ&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e18db69aeb7c741b8388cdbdf71723200417098baddcaaffbcfc5e098c2685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:01 GMT
expires: Tue, 27 Dec 2022 14:48:01 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 25 Nov 2021 11:46:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 169D 0
571 B 100ms
52ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuwiBliCzooN2A_fTiCB2U1ljsffTJlSbGYPcJMzVNPe8ESvrGCUevsI21HuHqCF3WVTxHBaq9FG1Zo-0QAjZK-lIlneBvr8j1mslpCi-_5sxOIloQYliUbYIIyh--YKdeG17Rxp0y_aZUiPjSUMeUfPxa3sLWOTeX1-Wr_Bqg43UzUX_9bfKRDh7KwIlVeeq0RbQoZAmOB_NGrpjDC2Qyqa7kDj8rYt9ukieFtrxD7COKtXPaJ1X7B5NhDdUoukfhDZHzd8p1nCu2Q87hGS_8BaGrtQy7OGXrAWD-a0zWyvTvSDdsSa6SwrtIzRT50ffqWyYoQEJLqLl7mQ9q49lxsL0bOc5qevixxNVRdEIlSYbRaA73mc0p_cd3q7gmQl2e9HW_D3HK1uaOFven0I00zlonoFyx3hCexm3uqeiLpESlKyU8FwX2ontPLRyyRPiseQKSy5_HlD5TJp6dtvWEJwDCPZw0dIChG-84JwDbEepIc9nLJ0RZVeuX4moiDUUviadOj_KQsITrGHOCtECyl35H1ehoTjKQY6owd1DGUDcGVguDaKQl3FUq-GsQHRYjK0imbFDvfzevoVDPZI1aqCQKDbbEZwGThdbgIRwnXX-S7U0YcJBECP7F0faLqgufEBfyJN9Btdcfxfrh7atJIbYMNwPPiK1657GCdbeqePi8qcVpupL1NeH3HC9TdaCNZ5Ul94AiVNqucHIDubTy0DlZn3TrDUsK2Eva8uIoMPHzBiChsS16GP1_TwKVOpnvDgbMlryp_lhE_3n1p6hyLnfApKzRimj0909o-Ky5-l88xhQ96PNW5HbrxGlGDa2A6C1NTaHAr_qkjgs_E4bMSqX_dWrs3P9QfE0_Hl-EE3vHdd1rae1EWQt7kAhAB7ucrzaxEIFn7-boRLoUcOlyTjBxrkJkqVgntucowFMn2K-mDVyg0gCtHsoLSNr2uuX5uBXM2spbVjlBbVB4tM_JIBjtSc0xIvp9iS6xDSvxfEqTs2wvmxKNzg_GWZxxqgJUylT6aDavZnG_haIJwEndSO2E6_XpZIx-BhxWx69p5N-6ipKDr85uxzfW5SnKJRuTH3CV9yAKKwCN9fKUREIgBlUv2xxQQQjVSary3e9pmaKb2vzwFnSnoAr5Qz41TmZLB8lM&sai=AMfl-YSrufjDJCle0yb-qkgYZrSUO1rHj_2oZmRdEPpBuJmo8WuW6Spia0sTAZh0auE1xxOU-HvrrEs-ZtL_CuqnGLh493PVMJMqHEAOX7gw9ZmO7vpL_IQYmJRrr9H-LvmcMpFFtb4mAjDBczFMWCiDTlRe97LujKUsg7CD1og&sig=Cg0ArKJSzL95qFHXD9nVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=174&cbvp=1&cstd=168&cisv=r20211207.11864&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 27 Dec 2021 14:48:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E64C 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 27 Dec 2021 09:32:15 GMT
expires: Tue, 27 Dec 2022 09:32:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame E64C 35 KB
13 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 12:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 12:57:24 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 92A8 118 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15967189577522001263/index.html?e=69&leftOffset=0&topOffset=0&c=uglTz90crQ&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15967189577522001263/index.html?e=69&leftOffset=0&topOffset=0&c=uglTz90crQ&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 12:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Dec 2021 12:54:57 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 169D 0
23 B 59ms
44ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuwiBliCzooN2A_fTiCB2U1ljsffTJlSbGYPcJMzVNPe8ESvrGCUevsI21HuHqCF3WVTxHBaq9FG1Zo-0QAjZK-lIlneBvr8j1mslpCi-_5sxOIloQYliUbYIIyh--YKdeG17Rxp0y_aZUiPjSUMeUfPxa3sLWOTeX1-Wr_Bqg43UzUX_9bfKRDh7KwIlVeeq0RbQoZAmOB_NGrpjDC2Qyqa7kDj8rYt9ukieFtrxD7COKtXPaJ1X7B5NhDdUoukfhDZHzd8p1nCu2Q87hGS_8BaGrtQy7OGXrAWD-a0zWyvTvSDdsSa6SwrtIzRT50ffqWyYoQEJLqLl7mQ9q49lxsL0bOc5qevixxNVRdEIlSYbRaA73mc0p_cd3q7gmQl2e9HW_D3HK1uaOFven0I00zlonoFyx3hCexm3uqeiLpESlKyU8FwX2ontPLRyyRPiseQKSy5_HlD5TJp6dtvWEJwDCPZw0dIChG-84JwDbEepIc9nLJ0RZVeuX4moiDUUviadOj_KQsITrGHOCtECyl35H1ehoTjKQY6owd1DGUDcGVguDaKQl3FUq-GsQHRYjK0imbFDvfzevoVDPZI1aqCQKDbbEZwGThdbgIRwnXX-S7U0YcJBECP7F0faLqgufEBfyJN9Btdcfxfrh7atJIbYMNwPPiK1657GCdbeqePi8qcVpupL1NeH3HC9TdaCNZ5Ul94AiVNqucHIDubTy0DlZn3TrDUsK2Eva8uIoMPHzBiChsS16GP1_TwKVOpnvDgbMlryp_lhE_3n1p6hyLnfApKzRimj0909o-Ky5-l88xhQ96PNW5HbrxGlGDa2A6C1NTaHAr_qkjgs_E4bMSqX_dWrs3P9QfE0_Hl-EE3vHdd1rae1EWQt7kAhAB7ucrzaxEIFn7-boRLoUcOlyTjBxrkJkqVgntucowFMn2K-mDVyg0gCtHsoLSNr2uuX5uBXM2spbVjlBbVB4tM_JIBjtSc0xIvp9iS6xDSvxfEqTs2wvmxKNzg_GWZxxqgJUylT6aDavZnG_haIJwEndSO2E6_XpZIx-BhxWx69p5N-6ipKDr85uxzfW5SnKJRuTH3CV9yAKKwCN9fKUREIgBlUv2xxQQQjVSary3e9pmaKb2vzwFnSnoAr5Qz41TmZLB8lM&sai=AMfl-YSrufjDJCle0yb-qkgYZrSUO1rHj_2oZmRdEPpBuJmo8WuW6Spia0sTAZh0auE1xxOU-HvrrEs-ZtL_CuqnGLh493PVMJMqHEAOX7gw9ZmO7vpL_IQYmJRrr9H-LvmcMpFFtb4mAjDBczFMWCiDTlRe97LujKUsg7CD1og&sig=Cg0ArKJSzL95qFHXD9nVEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=283&vt=11&dtpt=109&dett=3&cstd=168&cisv=r20211207.11864&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 92A8 6 KB
4 KB 20ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc6fbbbca9f31b84d699a2692ea8131876fa0c4e949c80a0561f9b504b24a76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4504
x-xss-protection: 0

GET
H3 200 neues_background_cropped.png
s0.2mdn.net/sadbundle/15967189577522001263/ Frame 92A8 23 KB
23 KB 15ms
15ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15967189577522001263/neues_background_cropped.png

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3fb7d583c677fa4e1040e09fd5bfdb5759664a8100ff09d870f3755c459db8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15967189577522001263/index.html?e=69&leftOffset=0&topOffset=0&c=uglTz90crQ&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 23:00:28 GMT
x-content-type-options: nosniff
age: 488853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23222
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 11:46:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 23:00:28 GMT

GET
H3 200 subline.svg
s0.2mdn.net/sadbundle/15967189577522001263/ Frame 92A8 6 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15967189577522001263/subline.svg

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9470f2ed76f9fc5e6ddc0a4a7d680602ad2dbdf70bbab55e1a313421aed02d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15967189577522001263/index.html?e=69&leftOffset=0&topOffset=0&c=uglTz90crQ&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 23:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1990
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 11:46:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 23:00:28 GMT

GET
H3 200 neues_background.jpg
s0.2mdn.net/sadbundle/15967189577522001263/ Frame 92A8 30 KB
30 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15967189577522001263/neues_background.jpg

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

645f76429616020738dc9ac2eaceddeb4092520bab8969d26f78f50308f4d8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15967189577522001263/index.html?e=69&leftOffset=0&topOffset=0&c=uglTz90crQ&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 23:00:28 GMT
x-content-type-options: nosniff
age: 488853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 11:46:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Dec 2022 23:00:28 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 92A8 17 KB
6 KB 2453ms
2453ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 27 Dec 2021 14:48:04 GMT

GET csync
sync.adtelligent.com/ Frame 2CB0 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E64C 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=By55uIdLJYYTkH6Ke7_UPsJaC6A0AAAAAOAHgBAI&bg=!REelRwPNAAZKWFskSlg7ACkAdvg8WrxxpdnPlnsjKShlk29suASXWpINmYODL1Jw_oTlTFGC3cHV7QIAAACCUgAAAApoAQcKACl5o4zRgfb7Ue3W7O2Dg8asBsIJOb21hggEA9RxyXfPauQBEDLpaalTt5kDAgDu2m_6m_WDgH1IMoGWuxt-q8h1CdtIld64V1Pot8jZf49yzpAYI4KdFwApDc6vkBi3KnUilts1k_Fgl3gFRJxLZr2QbL4I0--Z8AR385FYDIptmj2VAV1-VSQX9lhbDLo29c3Jx2K-_tzT4B-VHwEsFc2U1xQAuyaY5PCWTFc4Y4QS1LE1_GcCW0Dmgm2ZXsnMJ_vcwo4Hieeg0L5x9nWH87VGqhXduUdx0mdwSTMPYVqrqMN-O03bfB3aWJJb5f5jbM7ebhv2rj5EqAWlFiQcRQ7LAy9DC9uMPlcNLajnyQp_-Xa563q39PESzvSbqzmMbn-25zpgs-gLz9NidvnE2TmmeyW9sG8vMV84AZPI5i4EQbcauiy7qSoNZ8r2DxKmEnfa8ouvqpbxwPz6RpYXBsGssKH1dhK6AJNDcx1GRzQEl3lih2FlvpMs_eO8M7AS9XPrFwlDIJHv4IQPDc8WNge18sAv0SUo6axDzvw9UixNrz-WYWMxUXLZ84W8pi_3fArO-7NGE7LEXTHOZeNNP03vdsyfpHnpysUfnAt4VyVCEIpPypE9QX5qB4T2n3ykIYYkCKi7GOWDTGkELImlC1Co0tNVhcxAnbkdn-fPedRg98knZPiNFDwig5o3B-n5AzxxksFVDjJPuXmzhCBs0skOWeTBlqV52p18fOwGY0CZpBGOi-OySBMNGDwPMLDlf6FHJrhYQkyoSEM6nlkz_6uiQpPuRPwvg6o3mYR4LwknVJPygLGzD6XXWoIqxW8YSa2PCxiKt3wj0esRUUJGmKYL7FEstWVdCb43GcRyDoevJryA6h04RmtSMYSVfsrD2248hGalfclrPOX-yHNcsb5rMgEwm8L2-U-J6mmY6WyHqtHsBhU2rV0CtDSZDUynsD52VE2bmgxfObSoHozMYS4qaF_gYcq1gSNgPGp1G_aQZtF4u9ujVHsz5S_ciCKdwADuvywKYtGUY6gv6n6kP1opiEagxZvJS-AAGzRCWL5e-90W7KdBYlBX0xdVGUgf

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D2F1 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc61baacc86d7c19c57847df7c36a27c4d3a61deaaa531d550af0269acc80685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8570
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D2F1 17 KB
6 KB 2157ms
2157ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 27 Dec 2021 14:48:04 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F63A 0
0 44ms
43ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBUM6INLJYdiqKbSorASuoa_QAcDR15JnyLGouooOw-Tz_QgQASCVm8ohYJXikIKgB6ABpqqmmgPIAQHgAgCoAwGqBKACT9AIpKIqj9EDDCchyQM37-QXswjr2--q0D3Ev0OdUz_OPSfUm57HzAkJ_ZpxFSjtcLRNEtK4V2jE1Dbhxc-T6RAH6BAIfq3-w--Ii33e1cMHkunI17hi_EM0GMVigrbN23s1veaxT8frWPEomEGpR9WhDooG3gYOZ0kWocYrouSQiUsEVoyNev422EjM-BwAZ_2LyIAmEWom-_blwf9DnUzALuXMJtPsnEKZzv1J01W87elIW5QAVM6qeQshIwMVd4zQcc21k-ORdFr8WCkWGFfNA6yP4Af3rGGMq6O2JknWGB0lFcWDbVG9KhrKjyUSKNqb2fldPGRho-Dm-kBn6oMBpatG967nlJo7NBuhbojqQqPWhtnFBw9FcgAUnxECwASDzdiY7APgBAGAB8LV2WWoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC7917SCAkIiOGAEBABGB2ACgPICwHYEwOIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=bz7yVNnoYwo&vt=1&template_id=5001&uach_m=[]
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F63A 42 B
64 B 46ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumJLeKzNB5cXKICVRGe1KSg8HNw6w6JN0SnR_SY7OMfxOgXf56eL0mHBJl6LVHDRsVaCkD6lFUT_Zx2Ae3FZb6A0VKtGsvj3jAU68lR5gEuqrQhY-gfpFWuLaxFYW1dUc_E3YlsIZagFTr&sai=AMfl-YToahVbXguVZ3TUWWrwhUNoLeOMq3ThxgeRdfM0d70xlTFIldUDUig5v6jReAMR7h8J_0bWS2k8dCeVFIyKxF0Obuc-5_ksSs3gz-dPcfSs2vliykUKnS0slYgVfbVo&sig=Cg0ArKJSzGFFOXWB9PCpEAE&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=70&tls=1070&g=100&h=100&tt=1071&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1590362373

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 7C92 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&h=250&slotname=5605423233&adk=3391074604&adf=776186313&pi=t.ma~as.5605423233&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481539&bpp=1&bdt=71&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&prev_fmts=0x0&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=573611523.1640616482&ga_sid=1640616482&ga_hid=659228861&ga_fc=0&nhd=1&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3696954092&scr_x=0&scr_y=0&eid=31062422%2C31063246&oid=2&pvsid=389013987179716&pem=274&tmod=847&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.uuu7g8z4v49c&fsb=1&dtd=160

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:41:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C92 119 KB
36 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Dec 2021 14:48:02 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 7C92 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:44:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7C92 0
0 26ms
26ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIsdhYxvXCJz-zYvsoRS39E2trdbq0EjG1EAM_u8Hntu2YJoAOF43QBv9H_msvvWtN_ZAN7RmjvPTVMl98PDzrJsjRnw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&h=250&slotname=5605423233&adk=3391074604&adf=776186313&pi=t.ma~as.5605423233&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481539&bpp=1&bdt=71&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&prev_fmts=0x0&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=573611523.1640616482&ga_sid=1640616482&ga_hid=659228861&ga_fc=0&nhd=1&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3696954092&scr_x=0&scr_y=0&eid=31062422%2C31063246&oid=2&pvsid=389013987179716&pem=274&tmod=847&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.uuu7g8z4v49c&fsb=1&dtd=160
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7C92 0
0 48ms
47ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEZmEIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE-QFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTCx-vb87B5yoH8zOFxajj6wD6gDRh1hkAiBra7QHECddO5IPgYYcSABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTE5OTUwMjEyNjkxNDcxNTEYAA&sigh=hpWbQQ30iZY&uach_m=[UACH]&cid=CAQSPACNIrLMsjvv2kzZ8bz-6uWvqsvGu-3aeBJOw8N7X24ZBHyCp-sBXu2_vIFJ3XTdTANkq7gZydA8Ni7ExxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&h=250&slotname=5605423233&adk=3391074604&adf=776186313&pi=t.ma~as.5605423233&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481539&bpp=1&bdt=71&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&prev_fmts=0x0&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=573611523.1640616482&ga_sid=1640616482&ga_hid=659228861&ga_fc=0&nhd=1&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3696954092&scr_x=0&scr_y=0&eid=31062422%2C31063246&oid=2&pvsid=389013987179716&pem=274&tmod=847&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.uuu7g8z4v49c&fsb=1&dtd=160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 27 Dec 2021 14:48:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 7C92 0
0 64ms
22ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gvctk3mpd5xjkhtttmmecnqzx5gs9sv3dd280c8dk4qgc4vgmw3fh1hc3bc7z96wkb2pmedp35tvx7c965dnjy9t0rcwjbrbf1x18nyghc1y4vn40pf706tzpradmw4y6xdn2819megd2sf8apwmwy70dwvazwr26jv1nqjybrh64yhrrk3grbqtw2ktmt4pmf1sqm9gdmq0dmdbbmsrrfd0m4w5w8k0qwg0zv8dambzh1gjn1dzwgjgdf45zjx1f6vadc2rm395rx6p6g7vxehfg1ydjxxh1v4ye7fsrhwmzq05g67k64dy4dpxk2t11x5z4ws9g4m5n6vbtjcyt7esdqesb35ty33ms9e0tr9t955q927rz2ezzea2g8jz0mzfvpxryf9t9yvx33jv41h9sfdg&b=YcnSIQAMHF0Kp48XAAzr4jeLNXXBfequiyfPlg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&h=250&slotname=5605423233&adk=3391074604&adf=776186313&pi=t.ma~as.5605423233&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481539&bpp=1&bdt=71&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&prev_fmts=0x0&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=573611523.1640616482&ga_sid=1640616482&ga_hid=659228861&ga_fc=0&nhd=1&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3696954092&scr_x=0&scr_y=0&eid=31062422%2C31063246&oid=2&pvsid=389013987179716&pem=274&tmod=847&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.uuu7g8z4v49c&fsb=1&dtd=160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Dec 2021 14:48:02 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame EEF4 2 KB
3 KB 81ms
42ms Document
text/html 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j0hb343gept537ye31bktn5vxj8esvafxwr88wxaf9nb3kpnyfasyxkrr4qqg0kp87cm55f438qjqdgg851gakcg1d3yppw242bxkd99srhm93yqxhzhsensnfgsgq1jsemez72n32zphrabw37k2z6g5j3ht81xjh7vcsjdrgtcvqfmn2y3jk2wkxp094qbjcqckc61wtvzdmwrm5x54qzpdzdwynthz4j6vx5am3ecyz0rdj9sk931hwaqhe1wx13g910x7mfd3vterrezcjbqxd6bdav60kxe8dseyqhffs9dpkqag5keb6a41myf8t9b55thcr2b9bhx39vgbceycafsqgqd7077mnx94g2axqez4c4r2tgn111yh23p1121x1v6x9zhj13ygd1exepx9h1q8r689zyq3bzhc6jt7gf6e1m4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%26client%3Dca-pub-1995021269147151%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af6ac1a5ef66737261c6cab08b1e17afffe9430dc8ba7820e97c1abe5c7d22a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 27 Dec 2021 14:48:02 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4358f7ab101f11-FRA
content-encoding: br

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 99C1 1 KB
749 B 18ms
17ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Dec 2021 13:26:12 GMT
expires: Tue, 28 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 4910
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 99C1 35 B
463 B 43ms
9ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBRnfsIRMjBvlYJVr_MPf_Y&google_cver=1&google_push=AYg5qPLQKLCjtE7czexB8PtDpp09pAFdSlPqK2SUP-37M3Ra_e80ikbSVQHBm5Xq82mVMqDwb3TGzjcMQ4fKQeGXoVIAIAJpVBvFEmQd_cqa-f3aocUYBCn35wC3y4QRiaNzlH-j7VN4Pj7ugVTq4MbPjXM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99C1
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLvl_KgmanZaLxBpaC_DEoEmILqd_RjWInbl7E5D94Aci2-6e-tZ8q9TCBzgGjR61cP7yT3aJfyA_a5kfF6CxASIvNOXjnMqhWF09Yvmzr4cIwXpkcmJJhzt5KxSTnw212I0LOJfVV...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKKkp44GEgUI6AcQAEIASqcBZ29vZ2xlX3B1c2g9QVlnNXFQTHZsX0tnbWFuWmFMeEJwYUNfREVvRW1JTHFkX1JqV0luYmw3RTVEOTRBY2kyLTZlLXRaOHE5VENCemdHalI2MWNQN3lUM2FKZnlBX2E1a2...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweENRMzFjNE5hYmttUE1HcWc2emRFOUpkaDNDdFMzWFByVzBsazUya05DOA==&google_push

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweENRMzFjNE5hYmttUE1HcWc2emRFOUpkaDNDdFMzWFByVzBsazUya05DOA==&google_push

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Dec 2021 14:48:02 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcweENRMzFjNE5hYmttUE1HcWc2emRFOUpkaDNDdFMzWFByVzBsazUya05DOA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 99C1 43 B
106 B 18ms
16ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEM03bQ-TLffuAG-uw9l_ugo&google_push=AYg5qPLJ4to-wKRAfdnG4znoHSbtaXEqV28DBJOn75fPjz2MMS85MAizSPJ4_V8W5e2QiukWmOjP_G_8DMgHw2cgUtHvqW1iGKeAVZgdbSwKBKuCpvOZYRbrl13RsIygmKfjdmOoEhWOSUZQeJU9EWCoDoM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&h=250&slotname=5605423233&adk=3391074604&adf=776186313&pi=t.ma~as.5605423233&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481539&bpp=1&bdt=71&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&prev_fmts=0x0&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=573611523.1640616482&ga_sid=1640616482&ga_hid=659228861&ga_fc=0&nhd=1&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3696954092&scr_x=0&scr_y=0&eid=31062422%2C31063246&oid=2&pvsid=389013987179716&pem=274&tmod=847&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.uuu7g8z4v49c&fsb=1&dtd=160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:02 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99C1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6czlgEpFRImXbAerGEL4sw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6czlgEpFRImXbAerGEL4sw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKpF-S8JrzbrVs4CsLRmnSOStA5PCmGEwo5qEam3WancWgRXgYR-pmVKLaUjURknsg-a6xOK7Fadw0biCVOzr8WhLXwkwgcrEWYXYdDWj6TPQ0wjwE97nnVL8JSat5XOmXt5SjIWTMKjoHEeUn-AgI

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6czlgEpFRImXbAerGEL4sw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKpF-S8JrzbrVs4CsLRmnSOStA5PCmGEwo5qEam3WancWgRXgYR-pmVKLaUjURknsg-a6xOK7Fadw0biCVOzr8WhLXwkwgcrEWYXYdDWj6TPQ0wjwE97nnVL8JSat5XOmXt5SjIWTMKjoHEeUn-AgI
date: Mon, 27 Dec 2021 14:48:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99C1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGgwSPbrIUlsE86gtNPB-NA&google_cver=1&google_push=AYg5qPKRWiiskdlQqNluMcoEJHK3ylaOBqxzDqEB1EyGYrzQNpk-APVss3J0CGb875W3iLNah5Q...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPU09aUEotNy1JQU5V&google_push=AYg5qPKRWiiskdlQqNluMcoEJHK3ylaOBqxzDqEB1EyGYrzQNpk-APVss3J0CGb875W3iLNah5QN3gbxHgtyAyqyDXlqKFyKMwDsoKhgZ...

170 B
188 B

21ms
20ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPU09aUEotNy1JQU5V&google_push=AYg5qPKRWiiskdlQqNluMcoEJHK3ylaOBqxzDqEB1EyGYrzQNpk-APVss3J0CGb875W3iLNah5QN3gbxHgtyAyqyDXlqKFyKMwDsoKhgZtBIrapkcSfXxZb29lpGxiy8W5RpERLMwGp2bXjPxv8u5J0VVqg

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hPU09aUEotNy1JQU5V&google_push=AYg5qPKRWiiskdlQqNluMcoEJHK3ylaOBqxzDqEB1EyGYrzQNpk-APVss3J0CGb875W3iLNah5QN3gbxHgtyAyqyDXlqKFyKMwDsoKhgZtBIrapkcSfXxZb29lpGxiy8W5RpERLMwGp2bXjPxv8u5J0VVqg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 99C1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUw...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 99C1 43 B
296 B 114ms
22ms Image
image/gif 2a05:d01c:1d8:8102:c759:eaa3:7bf2:5466
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIZ7-fzMgbyUaMDGhSNBft4&google_cver=1&google_push=AYg5qPJDAagC6mQS9kRVqdyzoGiD29glqHXOpivglBkduA4LQa0GtuIKY7ak1AgVpMVYdLd668xTFqjDDGHaaofe-Zd1klV97os12CYRVVxiI2W3-mQ4ssWtf7niL5Ue8NKh3kYBlVlDthRt4OuC1FGgcK8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1995021269147151&output=html&h=250&slotname=5605423233&adk=3391074604&adf=776186313&pi=t.ma~as.5605423233&w=300&psa=0&format=300x250&url=https%3A%2F%2Fdownfile.site%2F2021%2F08%2F17%2Fdo-you-have-visibility-in-your-organization%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640616481539&bpp=1&bdt=71&idt=153&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&cookie=ID%3D9747c7af0f93a0d5-22a86c6610cd001e%3AT%3D1640616480%3AS%3DALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA&prev_fmts=0x0&nras=1&correlator=6025612048166&frm=23&ife=4&pv=1&ga_vid=573611523.1640616482&ga_sid=1640616482&ga_hid=659228861&ga_fc=0&nhd=1&u_tz=0&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3696954092&scr_x=0&scr_y=0&eid=31062422%2C31063246&oid=2&pvsid=389013987179716&pem=274&tmod=847&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=32772&bc=31&ifi=2&uci=2.uuu7g8z4v49c&fsb=1&dtd=160
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:c759:eaa3:7bf2:5466 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:02 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 99C1 0
12 B 14ms
14ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LVI8evWF7fKOHxtedDZESD8bGfdsL1POmbmU335oC827VXnhJyOpqbq0tRl97Vd7UhqnWv

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame EEF4 81 KB
11 KB 62ms
39ms Stylesheet
text/css 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j0hb343gept537ye31bktn5vxj8esvafxwr88wxaf9nb3kpnyfasyxkrr4qqg0kp87cm55f438qjqdgg851gakcg1d3yppw242bxkd99srhm93yqxhzhsensnfgsgq1jsemez72n32zphrabw37k2z6g5j3ht81xjh7vcsjdrgtcvqfmn2y3jk2wkxp094qbjcqckc61wtvzdmwrm5x54qzpdzdwynthz4j6vx5am3ecyz0rdj9sk931hwaqhe1wx13g910x7mfd3vterrezcjbqxd6bdav60kxe8dseyqhffs9dpkqag5keb6a41myf8t9b55thcr2b9bhx39vgbceycafsqgqd7077mnx94g2axqez4c4r2tgn111yh23p1121x1v6x9zhj13ygd1exepx9h1q8r689zyq3bzhc6jt7gf6e1m4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%26client%3Dca-pub-1995021269147151%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j0hb343gept537ye31bktn5vxj8esvafxwr88wxaf9nb3kpnyfasyxkrr4qqg0kp87cm55f438qjqdgg851gakcg1d3yppw242bxkd99srhm93yqxhzhsensnfgsgq1jsemez72n32zphrabw37k2z6g5j3ht81xjh7vcsjdrgtcvqfmn2y3jk2wkxp094qbjcqckc61wtvzdmwrm5x54qzpdzdwynthz4j6vx5am3ecyz0rdj9sk931hwaqhe1wx13g910x7mfd3vterrezcjbqxd6bdav60kxe8dseyqhffs9dpkqag5keb6a41myf8t9b55thcr2b9bhx39vgbceycafsqgqd7077mnx94g2axqez4c4r2tgn111yh23p1121x1v6x9zhj13ygd1exepx9h1q8r689zyq3bzhc6jt7gf6e1m4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%26client%3Dca-pub-1995021269147151%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:02 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1030979
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c4358f83e283743-MXP
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame EEF4 36 KB
13 KB 33ms
24ms Script
application/javascript 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j0hb343gept537ye31bktn5vxj8esvafxwr88wxaf9nb3kpnyfasyxkrr4qqg0kp87cm55f438qjqdgg851gakcg1d3yppw242bxkd99srhm93yqxhzhsensnfgsgq1jsemez72n32zphrabw37k2z6g5j3ht81xjh7vcsjdrgtcvqfmn2y3jk2wkxp094qbjcqckc61wtvzdmwrm5x54qzpdzdwynthz4j6vx5am3ecyz0rdj9sk931hwaqhe1wx13g910x7mfd3vterrezcjbqxd6bdav60kxe8dseyqhffs9dpkqag5keb6a41myf8t9b55thcr2b9bhx39vgbceycafsqgqd7077mnx94g2axqez4c4r2tgn111yh23p1121x1v6x9zhj13ygd1exepx9h1q8r689zyq3bzhc6jt7gf6e1m4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%26client%3Dca-pub-1995021269147151%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Mon, 27 Dec 2021 14:48:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62393
x-guploader-uploadid: ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Og3cVzJgxKH7Z8%2BSlBOCHC8cSOkGcXZJuJoz%2B2R8y9HKXnt%2BNHdZ89a%2BIhGiHGT0dhrvGg7%2F%2FDDB66glms%2BzcIbL%2FVFZjtDzmUvVPO6mFQtf%2B%2Buj9gKHi2yUklenr8tjEnkwOZI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
expires: Sun, 26 Dec 2021 21:28:09 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6c4358f81b911f11-FRA
cf-bgj: minify

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 18C4 0
0 42ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuj1zrMJYCJjTJUyjA50M2dUCP6TeUEjkNoHJlYXLLsSH76e_qZrVeOQq5N0JcGrVoM_Kw5t4LaF0sdGoVA_Hoy5Qo3yAw5wRUT78mYRUvszrjm1LFP0hF4iphErdKDBEN4rUumte-GF8DnDC35yJ8T8j7Dre88HPdNTuATyNd1HovZfDLykIa53coAWg6Odk6hCRpI0R27GvkdSOUqa7aZ2mkukyYxe-9J8AnTJMEYm7nDPqwvufrKbqGvYvuRiH0hPG22gwI_wKjh68fvV6amUsMOS3TDcclyfDw1J8ph3AoUh3NUdCZrI6RoIzHTK5VlHuvABw&sai=AMfl-YSapc_konD6JymX7rGRFnFJyCOtZYjpkpvuk7IhdYmvPNwgMRxAnDNnEIH69b0FkIOTvyaYYO2wYUaUkKyOvwIlsbYtSeezs4k9xdX9pirSlUuJaZ88fiPuzfeNrnBM&sig=Cg0ArKJSzKEtxy_fYNZFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 27 Dec 2021 14:48:02 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 18C4 11 KB
8 KB 21ms
21ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2157e42a2a54e5aacc5e3e40c5d766407f37dd9332f17471dd65e7a19bbfbac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Dec 2021 14:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8632
x-xss-protection: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame 63AE 2 KB
2 KB 38ms
37ms Document
text/html 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 27 Dec 2021 14:48:02 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ADPycdunJgVlrvJk1i4V6EeqzatPhaSnLm6oIWOTelRdPaqnkcFkkR_BCVkP3mYoCL4WPcEUy1UhJuTUv7ryZUo5tpCgVZe-wQ
expires: Mon, 27 Dec 2021 15:48:02 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 2119297
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sen56cAv5Hg3Hzy3uH6TLbkjYWDpT%2BZ%2FJ9S11KUI23SxRqqMX%2FygCHCkP%2Bk4ZJ%2BXvPNcqeqhkuR5QnvoIpm23QLUaAdC5xUI3TWQOu3oP8QSoHEvsmGwdxieYU2xqqXZCodkWGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c4358f89ef03743-MXP
content-encoding: br

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 18C4 17 KB
6 KB 1705ms
1704ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 27 Dec 2021 14:48:04 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 169D 42 B
64 B 44ms
41ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVyjzmPj4kMGVWK_nG6Hm5P3HBkbL5KHdyxeG9DtiaMy5sow8g68WbL4ZdbmZ2avr_Zd8LX2pcGAhrdG5QXsHVez61rmd3RyWyLqcq&sai=AMfl-YS9Mlgdvj_2cq-Xu-F-s7agOeAEkVrm6yqgSBPCqmtvsy7_gmm2s3rdEfiOBB6Y3gzOi_1UlLHCfYgcTHyKfZvoPGZSZ3D3hjaGUYo-9Zok53B_RjLUiEAvfWc1DEmV&sig=Cg0ArKJSzHXbDWeUCiiEEAE&cid=CAASFeRog_mGmGbUmsUKFa9RwnPLDrOWAQ&id=lidar2&mcvt=1000&p=80,667,170,1395&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2142630623&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640616481457&rpt=220&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame EEF4 2 KB
2 KB 41ms
40ms XHR
text/plain 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 306617f3658681914938e931fe348756f25177080f23a6c5f1b3fe0b93b4c621

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6c4358f94f6c4357-FRA
date: Mon, 27 Dec 2021 14:48:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgSu6QmefAvzzVULM9nE5%2BXM8PKDOccBX%2BtA82Akv2M0QnWkc3d%2B8XvwJS%2BNJwPoMmYDU9iuoCKQpUxbNBQgotK3uLQEizWqIXhMPBgGL0VCv%2Fd4NQ9uIK6fVeV6BqAawzcreOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-9z0n

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 46ms
32ms Preflight
text/plain 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 27 Dec 2021 14:48:02 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-9z0n
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uC1Jt2nJSVdgqD2ERDkDkmRgbwV74vYNUzq14UQlu%2Ft1mGyrTpaC47SZ5WPz2MQG%2BojG4WfLWCcfWH94EdDCwm6m5x6xRXR%2FANwi1jGTPK0GDSuzGV%2F6llwRc2vriK0ejLM2tc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c4358f91ee14357-FRA

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 1BE9 7 KB
4 KB 47ms
46ms Document
text/html 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7589a5244c3fc04b38e87786727ccea18bda8bd6dfc73eb21e0f855d2be903

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j0hb343gept537ye31bktn5vxj8esvafxwr88wxaf9nb3kpnyfasyxkrr4qqg0kp87cm55f438qjqdgg851gakcg1d3yppw242bxkd99srhm93yqxhzhsensnfgsgq1jsemez72n32zphrabw37k2z6g5j3ht81xjh7vcsjdrgtcvqfmn2y3jk2wkxp094qbjcqckc61wtvzdmwrm5x54qzpdzdwynthz4j6vx5am3ecyz0rdj9sk931hwaqhe1wx13g910x7mfd3vterrezcjbqxd6bdav60kxe8dseyqhffs9dpkqag5keb6a41myf8t9b55thcr2b9bhx39vgbceycafsqgqd7077mnx94g2axqez4c4r2tgn111yh23p1121x1v6x9zhj13ygd1exepx9h1q8r689zyq3bzhc6jt7gf6e1m4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%26client%3Dca-pub-1995021269147151%26adurl%3D

Response headers

date: Mon, 27 Dec 2021 14:48:02 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c4358f999723743-MXP
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 1BE9 81 KB
11 KB 47ms
47ms Stylesheet
text/css 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 14:48:02 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 1030979
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 15 Dec 2021 16:25:03 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6c4358f9faa83743-MXP
cf-bgj: minify

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 1BE9 53 KB
54 KB 49ms
39ms Image
image/webp 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date: Mon, 27 Dec 2021 14:48:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 567265
cf-polished: origFmt=png, origSize=115129
x-guploader-uploadid: ADPycdtIU2bd9HJ3PUUMwSg2Y6KTL-nAo_dJ-HZWAVTObKwbmf9DkLQXNAs_azrk7eJ4sEO2bowh1qRlJCPOVTiXH_8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54564
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTuniTZCDOkiQNaWAJwYiYYrQ0qbf8TMez376zu5ifOxoJqt1%2Fin9%2F2YC9Zcx0l6KAYbN6OOdVXG0BMgYcr18W23kTIYBOHy8JV1ZiF33pmnMuMYypEfYSP11L1eg6mUFY5C2iylR8gRfu9s"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883484779402
content-type: image/webp
expires: Tue, 28 Dec 2021 14:48:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 115129
accept-ranges: bytes
cf-ray: 6c4358f9fe7f1f11-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 C0E2E65BC4D69E2C5F9D514A5041B6B0AE0E5BB863260C3B30D59861DF186AFE1011A812913038724AE6F6D9126CEA97123592CC0CACE3B08B0DF96C2064CD70
assets.ad4m.at/ Frame 1BE9 18 KB
19 KB 37ms
29ms Image
image/webp 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C0E2E65BC4D69E2C5F9D514A5041B6B0AE0E5BB863260C3B30D59861DF186AFE1011A812913038724AE6F6D9126CEA97123592CC0CACE3B08B0DF96C2064CD70
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34be38d133fe32063b42903021ab00b51e6ba9190777a9a331a323295e8cc4b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=Pv/FNg==, md5=webz2VYvtsFrTnTrxC/AHQ==
date: Mon, 27 Dec 2021 14:48:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 567297
cf-polished: qual=85, origFmt=jpeg, origSize=44231
x-guploader-uploadid: ADPycdvEBKjTIAwJwuTCN_Za4N31gyeS3Z78sssnyUXOAxF_Jooyi_7zgpS7OZIylUKUH5lvePwmtHMuY1Av8RmAUZseZT7PEA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18262
last-modified: Wed, 05 Feb 2020 14:11:28 GMT
server: cloudflare
etag: "c1e6f3d9562fb6c16b4e74ebc42fc01d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vicKWoCYxcbEqCkEJtNOlt4hUI9EsKAEimLXiV1SeC%2BW%2BoGNukA4t4%2BUxYL0zKScdXUqplFCO%2BoScHolV5PQPLpAh5j7Autn5F%2FpZXDsG6ROSIAyb%2BpPd%2BtU9Dy4u2lqHDRUCntFXTNtl65W"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1580911888990293
content-type: image/webp
expires: Tue, 28 Dec 2021 14:48:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44231
accept-ranges: bytes
cf-ray: 6c4358f9fe811f11-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.o2online.de/nws/img/ Frame 1BE9
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021122715480260914928131X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqM...
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112271548026091492...

43 B
805 B

35ms
10ms

Image
image/gif

82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122715480260914928131X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 14:48:03 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Mon, 27 Dec 2021 14:48:03 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122715480260914928131X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 1BE9 9 KB
10 KB 30ms
22ms Image
image/webp 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date: Mon, 27 Dec 2021 14:48:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 567301
cf-polished: origFmt=png, origSize=24833
x-guploader-uploadid: ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9258
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NeaPzy%2BDhFGhGRUg%2BhQa5SNCUNkStE3j3NT30r24adtYqB6S54iY2mKgXUnqy1M23IMFnkCX8hnfCBwNFwRRpnhlV%2Fa2e9wYs%2FJ1hyNtlCxMEQiW%2FITJ4ddZxU%2BlI7lcspkjyVHd8DH91fn"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1612883517528266
content-type: image/webp
expires: Tue, 28 Dec 2021 14:48:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 24833
accept-ranges: bytes
cf-ray: 6c4358f9fe861f11-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
assets.ad4m.at/product_image/ Frame 1BE9 20 KB
21 KB 33ms
25ms Image
image/webp 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=HwscaQ==, md5=QEKMkuOfQyYKQIg2TmID3Q==
date: Mon, 27 Dec 2021 14:48:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 567267
cf-polished: qual=85, origFmt=jpeg, origSize=109711
x-guploader-uploadid: ADPycdvWh0v-ouOP7GcI4aIzCj3p6HaDpM83MBv9L86pOt0HZptREue0D83OTLjQUb3ZnMiD3nkhmE4xzG7Y9-OhJ3vs1Lz5cw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20822
last-modified: Thu, 21 Oct 2021 08:32:12 GMT
server: cloudflare
etag: "40428c92e39f43260a4088364e6203dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0euxS6noBAqbEuncexZi6wjKMDUXYAW5gWjkjEXW0lRjf%2Ffu1kRQsVvHe7WYEQniggRPb3CTWheqmhrMmH0LpZL9ter4p%2BV12jPNasCN2sUU6GPm4HwuSAaDWUwa8R8Z%2FvLS%2BvEJ1o5YtVg"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634805132458381
content-type: image/webp
expires: Tue, 28 Dec 2021 14:48:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 109711
accept-ranges: bytes
cf-ray: 6c4358f9fe821f11-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

postview.gif
portal.blau.de/nws/img/ Frame 1BE9
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021122715480260914928125X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMU...
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211227154802609149281...

43 B
788 B

36ms
11ms

Image
image/gif

82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122715480260914928125X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Server: 82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 14:48:03 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Date: Mon, 27 Dec 2021 14:48:03 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
RM-PrivacyPolicy: https://www.nonstoppartner.net/
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122715480260914928125X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=10

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 1BE9 12 KB
13 KB 53ms
46ms Image
image/webp 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Mon, 27 Dec 2021 14:48:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 567269
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ADPycdsBhB4SVbJUId60_2wHZUuWtHjLMoe6bTHlFfyjCEmZdEXkw_UjuYWIUZ_IKN87qb1Urx01sOoLtw5CjdqWHx0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12110
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fc7i3CsuN2d%2FDku0as7OHUZ1xtgHyOrohhO%2FEQ1SdZ7mOVqJVWLYWUl5ymv6HXhijILTVbgxWqnDxTWlXkZ8qiuld8ATIiP5gEg59k8vOMdq4LxvcwBs3LZqrD4a%2B77r0RD2mS0jXQjv0zJq"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Tue, 28 Dec 2021 14:48:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 6c4358f9fe831f11-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame 1BE9 72 KB
73 KB 38ms
31ms Image
image/webp 2606:4700:3039::6815:c098
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c098 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date: Mon, 27 Dec 2021 14:48:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 567270
cf-polished: origFmt=png, origSize=128410
x-guploader-uploadid: ADPycdu670Rk0ISPcs7txQwGYIL1NvXNwFkHaqljLnngC8hZQe9GoRcQBXOqPMxMUAPKD1P6hyAQ8mreDGPEoxRJxgs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73694
last-modified: Fri, 10 Dec 2021 12:01:51 GMT
server: cloudflare
etag: "7e1aecd95836c3b429413d2d2c8e951f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKR4AP8cL3kPHkJ1YXhihMcmHPTunptwfDWNKWMHZZaRbnaOIMFppYyIi9xc1yLPHFz6UGDWEaWLXOcfcTU0dGX%2Fb0KiBFsHu70%2FHV7KpCTQRDp%2F3nK2BpjC7o43E3q9dHxWjGNoKVpCwhzl"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1639137711863674
content-type: image/webp
expires: Tue, 28 Dec 2021 14:48:02 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 128410
accept-ranges: bytes
cf-ray: 6c4358f9fe871f11-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 1BE9 1 KB
2 KB 278ms
143ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: ff5400670d4355d22128649a56bba096dfa9b17713d5dccff86bb90bd80201ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 14:48:03 GMT
Last-Modified: Mon, 27 Dec 2021 14:48:03 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1473
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 1BE9 51 KB
51 KB 76ms
9ms Script
application/javascript 143.204.98.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-127.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 14276
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Mon, 27 Dec 2021 10:50:07 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: shX7cb6V_ydNeb5tNYAR91IPuXW7oT1pMIVVml3Z8T13Z9xhVdmsNw==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 1BE9 25 KB
26 KB 83ms
30ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidY8mhrf3fwBgTGC9HetQt1JWSkSWt4jKtroneid__asuiddVZkkg7y8hZU78YfR8-0Um5trLrOIbu0asuid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19483%2C161594%2C43784&b=3bgFpf14UB63a7HrHAtEt997f8TWTRead%2CpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UE%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=WrpSrfYdsYJWuYH5HjtDCXXGaPTET4QF2%2CJAYFzfk5t69XPTBH6H7tqCppVfXTgTrVSX%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=_3NMhqMUuvfas7FOh4gI4PNGke2gFF93&g=1621d9bb4884c314a5f0b25d2bb72d4b%2F9073164963275372818&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640616482792&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h4g39mf7234mj68m17b8k2npjw6vwx36gjmvabv7tzpkeb8s3pz9yskk2tvhjg3z6yqbqa7d339p4jpfxkdt3e887rg4c0hgp324hqbnkez7fwm3n9682pxh6n4adjtxrs5brvrh8d6j4vgffa9y6m5g960py9ejmt56svdf6wdh6gava55qhhbd864t9z0nyz5stqnmwzk1b8hweasj6mffn9xt6hwj36axmffh2mpyx3wqc2s3cg4g9a3cpbva43dm6wce8wg5kag6dw0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC7uiHIdLJYd24MJeengXi17PwCZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5OTUwMjEyNjkxNDcxNTGgAcKu6N0DyAEJqQIqmNUYdvmyPqgDAaoE_AFP0Pd798xE2w3q9ljqtU37qXo0y5mLHSHcspYgDTvvbApLCypGI6lXkrMX8tmxzG6hdH0RORAh7XE1rN4gjuzJKAO87fBftR8APcsQdKd2tYW4CZXCVzkm0Qyxl4DxhNVxB8Lu5sHxJDVeFq62_Eh1TMPoKCWX60PwpMPyVLpr0Ru7dN9xMm4svhXENbj3zGWiYqhESqc2GKAmNl7AlBjxNbLChJscSShoF4efikSPVUGB9GQdLR-M4Wo79nGrxl-tY4vDL1QoWKlHhEbYfXQdTZTChen6YWeATcE0S6nnsHFoMge0B7V_qFj_hnTy0omWa_-h9SSHIQwCiZiABry2mfOd_o_LMaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_17aR_kPemlgJJ6nmiHvKC6QAqb1g%252526client%25253Dca-pub-1995021269147151%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Dec 2021 14:48:03 GMT
Last-Modified: Mon, 27 Dec 2021 14:48:03 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK xxx_top_xxx-scaled.jpg
azsoft.org/wp-content/uploads/2021/08/ 145 KB
0 867ms
414ms Image
image/jpeg 103.150.124.185
INDRA-RELOAD-AS-V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://azsoft.org/wp-content/uploads/2021/08/xxx_top_xxx-scaled.jpg
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.150.124.185 , Viet Nam, ASN135987 (INDRA-RELOAD-AS-VN Reload Company Limited, VN),
Reverse DNS
Software: nginx /
Resource Hash: 6fd1cce9a9f392586e1db6789372e4d4e0bc85cec18c0008063cb10c53efc813

Request headers

Referer

Response headers

Date: Mon, 27 Dec 2021 14:48:00 GMT
Last-Modified: Sun, 15 Aug 2021 09:58:48 GMT
Server: nginx
ETag: "6118e558-2455f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 148831
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bg.jpg
azsoft.org/wp-content/uploads/2021/08/ 294 KB
0 817ms
398ms Image
image/jpeg 103.150.124.185
INDRA-RELOAD-AS-V...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://azsoft.org/wp-content/uploads/2021/08/bg.jpg
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.150.124.185 , Viet Nam, ASN135987 (INDRA-RELOAD-AS-VN Reload Company Limited, VN),
Reverse DNS
Software: nginx /
Resource Hash: eeed73e883c0aafea06f862a1f1a789f0be71df372d83ff2f4dddeeed2ece55c

Request headers

Referer

Response headers

Date: Mon, 27 Dec 2021 14:48:00 GMT
Last-Modified: Sun, 15 Aug 2021 09:58:48 GMT
Server: nginx
ETag: "6118e558-4989e"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 301214
Expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 1BE9 16 B
232 B 79ms
79ms Fetch
application/json 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-0-164.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Dec 2021 14:48:04 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 110ms
31ms Preflight 54.72.0.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.0.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-0-164.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 27 Dec 2021 14:48:04 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CC3 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 12:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 12:57:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4B09 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 27 Dec 2021 14:36:02 GMT
expires: Tue, 27 Dec 2022 14:36:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6826 783 B
536 B 18ms
18ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2576e145cb895b997d2f3d48e8c6790c068ae94181e291c352fc7600450dba20

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AMJXWZ01/6DdkIAZ/FOh1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 27 Dec 2021 14:48:04 GMT
date: Mon, 27 Dec 2021 14:48:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AMJXWZ01/6DdkIAZ/FOh1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 67D6 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 27 Dec 2021 14:36:02 GMT
expires: Tue, 27 Dec 2022 14:36:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 25B5 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

349a56110b44294b00a51edcee043600b74e48b821c2deac60040736c19e62ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D7w/VGtXwoQ6i4zVdMyCzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 27 Dec 2021 14:48:04 GMT
date: Mon, 27 Dec 2021 14:48:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-D7w/VGtXwoQ6i4zVdMyCzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6826 0
0 56ms
55ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=4041987728523401&rc=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 25B5 0
0 43ms
43ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=389013987179716&rc=
Requested by: Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B09 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 12:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 12:57:24 GMT

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 67D6 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 12:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Dec 2022 12:57:24 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2F1 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=4041987728523401&bg=!IyClIGTNAAZKWFskSlg7ACkAdvg8WrDz3kxqARwzy5vYckdDuPfe_BjeCsO14E3_YJoCPsqMd4N3GgIAAABvUgAAAAtoAQcKAH9xnEiUQBDEKUG7Fu4lfQ8b5kkrY_t8iNJ0Bjldb2084wXtRH6a67gyfpcduW52BtSMoahyMryLUBCdmCxU9h9gQxKso0rilwlVEkDx9hNyEdiDkjt4kogV-60IcyYs4kBoQvmaQfxhjNyaVOK1S9FmAlQiOOsRUz3S0CDDrRGAmQLjhe_iWTIWT_Hf0Lxczd81hbjSGldqZDNMpkZGfOSecM9w0onVNYLkSVFSlyRu-RARrYrroDrM0hLh07JGP35NAMNHd_Fj1p__Q_S2pNJc6p3vyEmM2ep2QqtzLHPRj5xI5t7Z4A1a4rNaB4v40pEV1-6Rjx7mA3ig4KXDrAoSbRtcTFF8q7tiBxlAkTbai6ZmZCwIj5wy2Lg2Lq7QIETD9dt1UtpaDrxiX0me5iek3bHofAu8envWPMcJiPrwqviFHMOC3RebuYsqmYM3YaJQboWQKccO29CvdPPro12feSbPaaVf-Xj4j-JvcAobPAeaDwW6yi2_n50pwgUwZWwvAsD7fISAIWXwpGlnhWZu_LnYgNp_A5OY2rCxXf2Dx_24RkkICt_7A8rI-SS258f4gQeFYbk_0nHSVow1WvhP4kNb21Y3cxQ84cA-isXuwRc9E187uW52E3FYHKO68avzzpiW5zFPkNliQ4jspNRKtlRhgiIBJmpW3kkfJJRJKVC90QP7MSD9wt3z5mIqJah0EDMLOLOLU5AgGqld-BxkkTV0u1c6nsZzqXVX-rhEKr6i6tgyppH7VXWkZceufFSO8XSBZWzR7UvNe4NY8j01NNsl45_529Uu3gFVl7m9zIFWFkwpHFKDxnOgyZa7kUeRWV51OCnSSKiwjmKJt5nuahAadUosxMfDIphJol_bz5-aEg-WRY_YpHwDQRQ4R148znWoazfaOan6IPoZWuEvyvBjhc0yTGYdM4hFa12kAG6TNOnLW7kCyJThjOPpLcXibzvwvsGkeGQQ-6MZWKq-9tm4VyW3ooic_VKshvZUXrkDCFnEIzkLPxVzAWjFhStWBY66KS7F-O9VfXmIoYu9uHADmp9X8HtKa4gmQLGzxwdpEG7zD66jvmbMmVTV6GOx-W0clmLf49wo30bl-kf4A6k7k9gLRoO7ClzE2WwAhikOVxPJC7CnR5yFa-zaBjHhkY6MUQ

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18C4 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=389013987179716&bg=!iomlic3NAAZKWFskSlg7ACkAdvg8WlqweSU_6Pg_CRy83yb61ziab0McpsNR_iBAlh-SGhMTBI8T9gIAAABqUgAAAAxoAQeZArupZ0mc2cS4WbyC2GnC1rb8krT1sPgVAihCIoY2IBniuJbc0ry5Oypz0TbYxTKYhPmUDUo3YSMRiiOjvF2Ywdi00YCgE9znN-olfx1ixO82uqBDmnoLzxTMVSesbxJvIO77FA5LOQQQiLLeOJ650YOlu4tzxa9MWQFkEtctD2TMKQlD4O_ZT4ofDnYMorLmB7IzhJYJVAD4QsJVQpwGgITeBc96wgffgv-N72XghYCvHE6GKU-B19I1qtspLSOJ1Pl-PYNX6M-M5tC4eCtlr04hR0Wfj0nGdgcJTvxSuI0DezJJjGtstTkTKUccrsydVGz7PjZY9dypOxcf4shSqEruSnxdBvsBaUuVONCv4rqAYvbFZJJvStJuSn7SCAVd3oWeewQk2TRM5USbchuMmKhN3x83NIFrbDthvhE6wsIQcInNmV7bW5FpsTJDUBtpfuDVU2fm2WYL3cJn7_HBH2CDeVXA8jZOLecasAi2P-Z67tlwkY4tnRR6k9rtRD3C0A3k4ayZRycPYM_yt4rH5B0dJUNnGaqHH-3yTI1uvZG1OCduKhKOKFrGfcJR6ZGN02eJzuLRW_8ocQ7saN1SOQg1VkziTyyLsvm6Wr7m5bxtDvCdHWCgCJFvHZd_G7tN13LUuMHQcC_G-NuIaIgsoX7GniG-EK7xbkjpxC1ixSjVwfVWphQ3R3pbqX1j6ojUT6tcAw8I-hl-NSSdJSuybMD2DniyeNrHXNYYBEh1TJsjVaaMmacGTvuL_R5lEocnFtNAGWwaN8Z5ZNCL9ir3aszBFxwMYpSztUufAfv-bNsAPvRlPy73iW8aLVcSVi-Uqi16DXLEfKfZy_kU7d1oy5Z8Hz9Aq4cr7tTzJ5wI5oIrxyyKgovJ7TDFutDyTz6PQesnA70K4nS-hIGWA6c0C3iYruW3BQDBkvSBHPk

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIxPjf1JyE9QIVIs-7CB0wiwDdEAAYACCd6alNQhMItumP1JyE9QIV7YCDBx2B5gEy;met=1;&timestamp=1640616491883;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 169D 42 B
494 B 80ms
42ms Image
image/gif 172.217.16.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxPjf1JyE9QIVIs-7CB0wiwDdEAAYACCd6alNQhMItumP1JyE9QIV7YCDBx2B5gEy;met=1;&timestamp=1640616491883;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: downfile.site
URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Dec 2021 14:48:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
downfile.site/	1969-12-31 23:59:59	Name: SPSI Value: 7a44b662f5b8b6576e8df9911cef125b
downfile.site/	1969-12-31 23:59:59	Name: SPSE Value: JjHIuTWPHydv2vqcpX5Tkv6Qi2gaZoLnKNIOV8CtmdphHpNIKnIBVznUA0yH1q6smSBFI0geugU9ljBQcFrePA==
downfile.site/	1970-01-19 23:43:43	Name: spcsrf Value: 95d90b3400abb543ec85c9ea3a6ed35d
downfile.site/	1969-12-31 23:59:59	Name: PHPSESSID Value: qj0874e50i1cc4jtp8kt73oo8q
downfile.site/	1970-01-19 23:43:36	Name: sp_lit Value: MLCbi3bHKQQULh3j2+5r4w==
downfile.site/	1969-12-31 23:59:59	Name: PRLST Value: PT
downfile.site/	1970-01-20 04:02:48	Name: UTGv2 Value: h406d017394d54f1556df0b737ad60f58612
downfile.site/	1969-12-31 23:59:59	Name: adOtr Value: b4a6724f6b5
live.demand.supply/	1970-01-20 17:14:48	Name: demandSupplyTi Value: c2cfcbe4-8492-4361-8b8c-d27ca36d1b7a
.mgid.com/	1970-01-19 23:43:38	Name: __cf_bm Value: PEuJSE8ezDABrqMQnojFs9o.iwzedYNP75yy1c5SGjA-1640616479-0-AXPgVtb8VGlEo5bQ60IMd1p5Zba7b8LjkBFzZb2/lSNaqeFTB+HtasgzJjXXXxOxaBc0tiAMFzVwZ1o7VhP7q4Y=
.downfile.site/	1970-01-21 02:00:24	Name: _awl Value: 2.1640616480.0.4-791cbd5e-0200251a153fd924e49634b1938123e6-6763652d6575726f70652d7765737431-61c9d220-0
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lbr0PfaMhdM6
servicer.mgid.com/	1970-01-19 23:43:37	Name: __mglb Value: ed02bb11b748a9279413c1eb8e47c448
downfile.site/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C1183354%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640616481017%7D%7D
.zeotap.com/	1970-01-20 08:29:12	Name: zc Value: 1a85557a-c27b-473d-6520-8d269a749561
.e-volution.ai/	1970-01-20 00:03:46	Name: v_usr Value: 0ee8892a-b81b-45c6-b034-8264ebf21423
.doubleclick.net/	1970-01-20 09:05:12	Name: IDE Value: AHWqTUmxLMFp4ZAWuz1dDTMEvpnHAdFqcWbev4dJzq6v4GcBl6RuFbP1o3q7w_hHlzQ
.adsrvr.org/	1970-01-20 08:29:12	Name: TDID Value: d18b9604-2b6b-44b1-9639-91275c784dbb
.idealmedia.io/	1970-01-25 20:31:23	Name: muidn Value: lbr0PfaMhdM6
.adsrvr.org/	1970-01-20 08:29:12	Name: TDCPM Value: CAEYBSABKAIyCwiMhNvJ09SkOhAFOAE.
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: lbr0PfaMhdM6
.creativecdn.com/	1970-01-20 08:29:12	Name: u Value: 8e3uc82Ioeo5P4otZgiT
.creativecdn.com/	1970-01-20 08:29:12	Name: ts Value: 1640616481
.smartadserver.com/	1970-01-20 09:13:50	Name: pid Value: 6431200676867946660
.360yield.com/	1970-01-20 01:53:12	Name: tuuid Value: 14440ff1-3d15-4d0c-bbdd-850940f20ea5
.360yield.com/	1970-01-20 01:53:12	Name: tuuid_lu Value: 1640616481
.downfile.site/	1970-01-20 09:05:12	Name: __gads Value: ID=9747c7af0f93a0d5-22a86c6610cd001e:T=1640616480:S=ALNI_MZaqUqJLcn9ZhLry1AUtGGiyDBdyA
.bidswitch.net/	1970-01-20 08:29:12	Name: c Value: 1640616481
.bidswitch.net/	1970-01-20 08:29:12	Name: tuuid_lu Value: 1640616481
.bidswitch.net/	1970-01-20 08:29:12	Name: tuuid Value: 63b0f668-a358-4ad5-875b-b2e394363f1e
.doubleclick.net/	1970-01-19 23:43:40	Name: DSID Value: NO_DATA
.seedtag.com/	1970-01-20 08:22:00	Name: st_cs Value: l+EQxuppf4rbMmxYXoBW545HpTSnpK+EBVPfyYTVsQWu4soh2iko9v6fpPPiV41rXBNKKFivzF54+/is2OqSbA==
.seedtag.com/	1970-01-20 08:22:00	Name: st_csd Value: 1640616481539:
.adnxs.com/	1970-01-20 01:53:12	Name: uuid2 Value: 713827862407365978
.adnxs.com/	1970-01-20 01:53:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?ee7:qo!]tbPl1M>e)ZlrFUfJ+tGXxo7K-Lz]ZSSU:K-_OyAf7y6L>HK7OyyTSgTXu?bpRzqF1`b_gC(Ds4
.casalemedia.com/	1970-01-20 01:53:12	Name: CMPS Value: 5203
.casalemedia.com/	1970-01-20 08:29:12	Name: CMID Value: YcnSIQsWreLegaPxaMlVCgAA
.casalemedia.com/	1970-01-20 01:53:12	Name: CMPRO Value: 1206
.mfadsrvr.com/	1970-01-20 17:14:48	Name: tuuid Value: 1851fdcf-640d-4210-9562-c6aa71e62714
.mfadsrvr.com/	1970-01-20 17:14:48	Name: c Value: 1640616481
.mfadsrvr.com/	1970-01-20 17:14:48	Name: tuuid_lu Value: 1640616481
.casalemedia.com/	1970-01-20 08:29:12	Name: CMRUM3 Value: 2d61c9d2212760CAESEKa6ekv7xUX4fongmQ2lI5E
.mfadsrvr.com/	1970-01-20 17:14:48	Name: ssh Value: !mgid,1640616481
cm.mgid.com/	1970-01-20 00:26:48	Name: mg_sync Value: {"265689":1640616481,"287839":1640616481,"341189":1640616481,"363887":1640616481,"433146":1640616481,"516418":1640616481,"549534":1640616481,"665953":1640616481}
.quantserve.com/	1970-01-20 01:53:12	Name: d Value: EDoBCQGHJYEA
.quantserve.com/	1970-01-20 09:13:50	Name: mc Value: 61c9d222-82e4f-a2ef5-6e8e1
.rlcdn.com/	1970-01-20 08:29:12	Name: rlas3 Value: wqhJ5t0v+s/W5SZnPgcZNCyxawiMoueybG86+jdoKM4=
.casalemedia.com/	1970-01-19 23:45:02	Name: CMST Value: YcnSIWHJ0iIA
.rlcdn.com/	1970-01-20 01:10:00	Name: pxrc Value: CKKkp44GEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-19 23:45:02	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:53:12	Name: KADUSERCOOKIE Value: E9CCE580-4A45-4489-976C-07AB1842F8B3
.innovid.com/	1970-01-20 01:53:12	Name: uuid Value: 9a2a2060-39e6-499e-a6af-cd041c30d8c1-20211227 09:48:02
.lead-alliance.net/	1970-01-19 23:53:41	Name: ppv1225 Value: 2021122715480260914928125X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth
www.lead-alliance.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: l0n0c7a8h66a88dnocu6hrmel3
.lead-alliance.net/	1970-01-19 23:53:41	Name: ppv1226 Value: 2021122715480260914928131X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth
.blau.de/	1970-01-19 23:53:41	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0MDYxNjQ4M3ZsZWExZGUyMDIxMTIyNzE1NDgwMjYwOTE0OTI4MTI1WDExNzY2M1YxMjI1MTMxMTA2TVNvbmVpZHBWRVUxZjhnZm1neDZha0g0SG10enRRUUtoZ1RSVDEyVUVvbmVpZF9fYXN1aWRfM05NaHFNVXV2ZmFzN0ZPaDRnSTRQTkdrZTJnRkY5M2FzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g0M19Ub3BSb3RhTW9udGgxMTc2NjM
.blau.de/	1970-01-19 23:53:41	Name: nscQ486 Value: V
.o2online.de/	1970-01-19 23:53:41	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0MDYxNjQ4M3ZsZWExZGUyMDIxMTIyNzE1NDgwMjYwOTE0OTI4MTMxWDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZDNiZ0ZwZjE0VUI2M2E3SHJIQXRFdDk5N2Y4VFdUUmVhZG9uZWlkX19hc3VpZF8zTk1ocU1VdXZmYXM3Rk9oNGdJNFBOR2tlMmdGRjkzYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY3OQ
.o2online.de/	1970-01-19 23:53:41	Name: nscQ485 Value: V
.blau.de/	1970-01-19 23:53:41	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122715480260914928125X117663V1225131106MSoneidpVEU1f8gfmgx6akH4HmtztQQKhgTRT12UEoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117663
.o2online.de/	1970-01-19 23:53:41	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122715480260914928131X117679V1226132702MSoneid3bgFpf14UB63a7HrHAtEt997f8TWTReadoneid__asuid_3NMhqMUuvfas7FOh4gI4PNGke2gFF93asuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117679&ratenzahlung=24

208 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://downfile.site/sbbi/?sbbpg=sbbShell&gprid=PT&sbbgs=h406d017394d54f1556df0b737ad60f58612&ddl=2 Message: Mixed Content: The page at 'https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/' was loaded over HTTPS, but requested an insecure element 'http://azsoft.org/wp-content/uploads/2021/08/xxx_top_xxx-scaled.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/ Message: Mixed Content: The page at 'https://downfile.site/2021/08/17/do-you-have-visibility-in-your-organization/' was loaded over HTTPS, but requested an insecure element 'http://azsoft.org/wp-content/uploads/2021/08/bg.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcnSIQsWreLegaPxaMlVCgAABLYAAAIB&google_gid=CAESEKox7RXiI-qSv53OUmdDlwE&google_push=AYg5qPLzw0WuDSSQRAegIOcbwrMoH0JZmZq1VTm2lIsCesldgUwTGW-UM4QNv-BVPtsmjpOiUO9Q8tfctIwwPfRfCEJAnTpRARmChfmTW_WT5B4dJwIlY1VbQQ__EyQicGyVxXnsW1HlCjukaj4aW6kVmTw&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

45f581a778d3e300fb06842880f26cc6.safeframe.googlesyndication.com
ad.360yield.com
ad4m.at
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
azsoft.org
c.mgid.com
cdn.ampproject.org
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.quantserve.com
creativecdn.com
downfile.site
dsum-sec.casalemedia.com
eus.rubiconproject.com
expansioneggnog.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
jsc.mgid.com
live.demand.supply
match.adsrvr.org
mwzeom.zeotap.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
portal.blau.de
portal.o2online.de
prod-rtb.ad4mat.net
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
s.seedtag.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
ssbsync.smartadserver.com
static.adsafeprotected.com
sync.adtelligent.com
sync.e-volution.ai
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
www.facebook.com
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
cm.g.doubleclick.net
sync.adtelligent.com
103.150.124.185
104.109.78.125
104.16.221.74
104.19.134.78
104.19.135.78
104.19.217.61
109.206.161.21
142.250.185.162
142.250.185.66
143.204.98.127
15.197.193.217
151.139.128.10
172.217.16.130
172.217.18.98
18.198.121.250
185.184.8.65
185.33.221.50
185.64.190.78
185.86.139.104
2.18.234.21
2.19.35.65
2600:1901:0:76b9::
2600:9000:2156:b200:8:48e:53c0:93a1
2606:4700:10::6816:1857
2606:4700:3039::6815:c098
2606:4700::6810:8616
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:802::2004
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8102:c759:eaa3:7bf2:5466
2a0c:5c81:5095:0:225:90ff:fefa:245d
34.149.60.21
34.254.166.91
34.98.67.61
35.201.103.212
35.212.212.222
35.244.174.68
46.236.13.147
46.4.62.19
54.72.0.164
69.173.144.138
69.173.144.165
78.46.85.162
8.39.36.141
82.113.101.132
82.113.101.236
84.200.5.215
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
082acab6074d30aeca7a1850b34f2bfc06fbd08cccad58096a6f8109c444f39f
0a81d546804b6820cef56975c8f4aeb75fa7aa7724c4709ea8a967df229edb13
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129c94ecb4fe46b010f192ea09edc0a3139309fc1e6e71ede818731e77ab1bf2
132caf8dfb2483b77299a28d8d901e9d6a81396d3e1ed3ff0ec20ed62a5deeca
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
15c510fe49c3ec5fd57ac7ead341655699156a63fe10195347dfeae1dc53f909
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
180d29d1e3282dd52cb768e1e8a434c1787742340311c56139d4c6a15627121c
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1a469911a1743109010e5ec2f9aee6034375be604c3559c552a715f1ecdbfd03
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
2576e145cb895b997d2f3d48e8c6790c068ae94181e291c352fc7600450dba20
2af6ac1a5ef66737261c6cab08b1e17afffe9430dc8ba7820e97c1abe5c7d22a
2b3fb7d583c677fa4e1040e09fd5bfdb5759664a8100ff09d870f3755c459db8
2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
306617f3658681914938e931fe348756f25177080f23a6c5f1b3fe0b93b4c621
310ec08f78aca9b36c34a878dc933c8258bcb914800038508419033c2c69e25e
312460f32193ff9910d720cc337941abd9c749e9f3c7c0e3bf707d90a51ca897
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
32f9fcb0c30b9bce04daa897555a7d598e4b0de4e36e561868f0df040460a45f
349a56110b44294b00a51edcee043600b74e48b821c2deac60040736c19e62ab
34be38d133fe32063b42903021ab00b51e6ba9190777a9a331a323295e8cc4b9
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3b7cc476ee3d22ba23ea68cccdff1e6bd21570f29ed139f687af0c6f7f5899d9
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d
4179e9ec503001fb4f2c9d0a5bc64683dbe0f1f3b4476b42cb765b7e7d4131ac
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43e18db69aeb7c741b8388cdbdf71723200417098baddcaaffbcfc5e098c2685
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b26181929d1399cd660721e8a56efba6d5d0f824bb0a66f9a080e100ed18bf0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e927eba1718dd1894cb2bcbd8443d0e4ca5dbc66fe7892baa31d83133da7fd4
4f9568d3aef0133feef6736a0be7a2bad332429d685a584e1c5b85e5a7fd60c9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507b5e8c1ee30ef07a6698159daad9a170b5f9ae5e1643ce7103559c6ab2dbfe
50c82513b1b0c1281db136871f95a6126326f784cb9fee62410e98b102e9b4cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5ebbf6a3722bd782c5c145faf0f8d3e57e7bc56f3af28b8886d3f9076dd01da4
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61af2048793ffcc84b3669d9c509c5d381562549e71226e7b1cd3fd3bb3b3745
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ec9e8c8d66e76847de2d5aa844218fa909c3fe31231865f6aa1d767202ab20
6438deeda87c2438473fc3c887e708b7f23b9c27dbf7df19e2e525f3b299abd9
645f76429616020738dc9ac2eaceddeb4092520bab8969d26f78f50308f4d8fd
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6c81662d71453bc078adec38c4082df0c6f2e6e995cf5c9562f6b85bf721cb10
6fd1cce9a9f392586e1db6789372e4d4e0bc85cec18c0008063cb10c53efc813
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b7589a5244c3fc04b38e87786727ccea18bda8bd6dfc73eb21e0f855d2be903
7e295a138dd7ca8250c3394f0fafe978f64c88121ee372d2354fd86a12840455
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9470f2ed76f9fc5e6ddc0a4a7d680602ad2dbdf70bbab55e1a313421aed02d30
97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9d921f690cf785f3705ae94b04ef36165d64ad4d321b59186a15d65af8505a23
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9f8082deefd65885133b1aca286d0c20f79d599d509b7dc69bc2f253bd9ba1a8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a2157e42a2a54e5aacc5e3e40c5d766407f37dd9332f17471dd65e7a19bbfbac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8476d65c2000531dbc73d1134de65a57797388a6c42d93b1d2242e3b8f76e13
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ab8cd457647497481819c97769165da290fa345fc3485f53c984119b27b3b8f6
af15c596a7b0112e6887472cce697c9882863d816e73d10c61c36d5ad70f340f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b689f2267305a97c30f5bda1a0e18993c4bed294007df78eafd6829a4408cb1e
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb4b4f9c6283a66aadd13b7242fdcbc2b3c91e78d59ba7501a1c5d179f62ac03
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc61baacc86d7c19c57847df7c36a27c4d3a61deaaa531d550af0269acc80685
cc812ea3367e13eca5445f75bcf881b82633de0c34a91b0bc2aa32fb4a820f43
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d155160aea288964eebe06a362795ab879ed657ca75f7ca60d5a1c8e9fe05d7b
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322
d3a1857f8d5a0a39a4bc5f3b2f5f6b2c2ded7e7061d1931d67b3632132937e52
d4067a0c89afdafadbf496c9d5b91d1594dbcf270aaf867b490821c292028bee
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d59a26ed9f5da5dde363336c62960d6616da55cbe51f58250e78313a0d622dc9
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
da552b5912d84464b1e8ceb10ec0884209a598f7f23b4fff3c1a4163b29b9ac8
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbdd26c35b6cbb1a65181254cc2c14b376bc1d417beb8d7dcde68508dd6ef5aa
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e648a6d934f89ec6a5eab6f5cff28c5bba2cce545a2c91f6dd24b4779f955a34
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449
eb5dea621a1746133e9b528592bd517d13464da442c36a4102549ee9baf46ee2
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
eeed73e883c0aafea06f862a1f1a789f0be71df372d83ff2f4dddeeed2ece55c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2174d3aca542271ccc75de25b3181d2bad57445310466aec224603af667591
ef980cb9168df3d9032cfd86b004bda8a6c8cf5f8d75d93c8cdc8137afb6af15
f724571e38824b223e78877580db05a003ff922d337ba36de56a980d194b6869
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fc6fbbbca9f31b84d699a2692ea8131876fa0c4e949c80a0561f9b504b24a76a
fcdd7c740976480bd534b110c22f9e53438fa87df69f8d071ccfdeced8bb38f8
ff5400670d4355d22128649a56bba096dfa9b17713d5dccff86bb90bd80201ee
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

downfile.site Open in urlscan Pro 151.139.128.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

241 Requests

90 %HTTPS

35 %IPv6

45 Domains

67 Subdomains

45 IPs

8 Countries

3227 kBTransfer

8326 kBSize

61 Cookies

9 Outgoing links

Redirected requests

241 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

downfile.site Open in urlscan Pro
151.139.128.10 Public Scan

Screenshot
Live screenshot

Full Image

241
Requests

90 %
HTTPS

35 %
IPv6

45
Domains

67
Subdomains

45
IPs

8
Countries

3227 kB
Transfer

8326 kB
Size

61
Cookies

241 HTTP transactions
4 data transactions