transfiles.ru Open in urlscan Pro
157.90.215.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://transfiles.ru/
Effective URL:
https://transfiles.ru/
Submission: On January 26 via manual (January 26th 2024, 6:09:58 am UTC) from AZ — Scanned from DE

Summary HTTP 111 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 17 domains to perform 111 HTTP transactions. The main IP is 157.90.215.152, located in Munich, Germany and belongs to HETZNER-AS, DE. The main domain is transfiles.ru.
TLS certificate: Issued by R3 on December 11th 2023. Valid for: 3 months.

This is the only time transfiles.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	157.90.215.152 157.90.215.152	24940 (HETZNER-AS) (HETZNER-AS)
21	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.18.204.174 52.18.204.174	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:223... 2600:9000:223f:5800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f18:1ac... 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986	14618 (AMAZON-AES) (AMAZON-AES)
111	23

12 157.90.215.152 (Munich, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.152.215.90.157.clients.your-server.de

transfiles.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.204.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-204-174.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:5800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	498 KB
18	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	159 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	106 KB
12	transfiles.ru 1 redirects transfiles.ru	69 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	114 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	gstatic.com www.gstatic.com	17 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	72 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 727	573 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	82 KB
111	17

	Domain	Requested by
21	pagead2.googlesyndication.com	transfiles.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com transfiles.ru
12	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net transfiles.ru
12	transfiles.ru	1 redirects transfiles.ru
11	s0.2mdn.net	transfiles.ru s0.2mdn.net googleads.g.doubleclick.net
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
7	mc.yandex.com	3 redirects transfiles.ru mc.yandex.ru
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net transfiles.ru
3	mc.yandex.ru	1 redirects transfiles.ru
2	googleads4.g.doubleclick.net	transfiles.ru
2	fw.adsafeprotected.com	1 redirects transfiles.ru
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.googleadservices.com	transfiles.ru
2	www.google-analytics.com	transfiles.ru www.google-analytics.com
1	tags.bluekai.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
111	23

This site contains links to these domains. Also see Links.

Domain
vk.com

Subject Issuer	Validity	Valid
transfiles.ru R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://transfiles.ru/
Frame ID: 8CDFAF11F314D418F83BD57E41D635BB
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: D7AA1F291BC299E7704C099A5EF7B73C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=2897876991&adk=2362541866&adf=441738196&pi=t.ma~as.2897876991&w=970&lmt=1706249394&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706249393811&bpp=3&bdt=194&idt=240&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&correlator=8363418485769&frm=20&pv=2&ga_vid=411331926.1706249394&ga_sid=1706249394&ga_hid=811718109&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C44798934%2C31080643%2C95321627%2C95322164&oid=2&pvsid=354015820281090&tmod=344924490&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251
Frame ID: BB543C6D26DA723001091F72242538D5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&adk=1812271804&adf=3025194257&lmt=1706249394&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftransfiles.ru%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706249393826&bpp=3&bdt=208&idt=245&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x100&nras=1&correlator=8363418485769&frm=20&pv=1&ga_vid=411331926.1706249394&ga_sid=1706249394&ga_hid=811718109&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C44798934%2C31080643%2C95321627%2C95322164&oid=2&pvsid=354015820281090&tmod=344924490&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252
Frame ID: E336BDAFBA212619D0E1B23B93D520FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 14DBA0FC40491F398BB9DC89F9CEA148
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: CC36A3A4BC6ED390BDFD4EFF9579B092
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB32070381AEC3E1BF16DCF06C74D77E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E6F23E3F0F7A9EE6D39652FEC2F1B6F8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 84AD611B4A309D917DB0E1B7902C98A4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FFEAEFA40B8A48783D302DBBF9260796
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOLKvIMCMAE&v=APEucNU-eAHGRqWH0t0oxHdGe2nIoLWcbhlMI8ZuiJbZgSqrmZFj7WYBUig6nzP6a-ZeT8Afh2GcbTRch1fZ3OZ-8QWjDaNgrpuSOD6Ez3UNw3N8klpqtX0ji3_uE0VzCscJaMvrFc0l9JXha2gSKlnkrQGbKYcMJ2Vp42NoeCuvHB9wWeM3qos
Frame ID: 7D4689A75D9E82805161E2556EB986A6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 721B8BB05ECF1FA2B6A921230B3DBD8A
Requests: 28 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 990E06D74D837E907BB01FEFB72032E5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E2E42D19466B5648BBD6280F25ACA5F8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3C376489D2370B8734ED1E7F772EB7FB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: F9C138BB9D01FE68CDD02E6287BE5E5D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250
Frame ID: D1A4224ADC8ADAEC62EF52C87BAA6D35
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 411A92324B148398B3B4166BCF91F85D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TransFiles - бесплатный файлообменник без регистрации

Page URL History Show full URLs

http://transfiles.ru/ HTTP 301
https://transfiles.ru/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

93 %
HTTPS

64 %
IPv6

17
Domains

23
Subdomains

23
IPs

4
Countries

1338 kB
Transfer

3865 kB
Size

39
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/club151954536
Title: ВК

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://transfiles.ru/ HTTP 301
https://transfiles.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10260.EZz-weoX1DLUCdx4FTi1GC9-ZIP8FGTMk0RukfqZNFLqULKxbQE7Q1R99seb-9ad.D_zNK_oan1LMtrj9MDJlKfyDzcw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10260.P66tJJUMesNndPzDkAeVihflWlRaBpGUOT6FIXWjizXONeqtSsAaCdQOkzm8U-P7DIFx-FNPXq8KEQZKeH8eFGDkwodaD19hg-CDaLSBpEBvhJThMxtwQ_szvBvlCX07Z9UxSx5LVXUJsnIFd3ILIHTLuwjgldIjmF4_KWQAsQPw0DPJtPLewiLXHgUXsc7yaGjZzVQjAEoVzCYegCadV9Z_uDX0YxUXyhAtffzjXew%2C.23WK-BHN0HShXYo5RNu6yZ7jm2E%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10260.Hpin-JOCBEZ9j0sVcGdsJc4nGTa7KiXTgFHzsWKR15XIiMCTI6DEJ24Ysw_ypHXNzYWfW4WPUCzoOMVE4I9bWcAz2awIcc6m54Q6FdtFQV5X5sNh4y5idPkIBZo6b8W0mEy4zOjL0nxyLN2G8oCoP-qP_zjCBqDbT_0sNlp1osTW8LWsvKZcpD06vF_dpC-CNQqyYtJUIo2_uHsCX76txg%2C%2C.ZRJwFzl6sxNyPf85Hlkg_Ry2ink%2C

Request Chain 23

https://mc.yandex.com/watch/33590114?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1077869988454%3Ahid%3A575842020%3Az%3A60%3Ai%3A20240126070953%3Aet%3A1706249394%3Ac%3A1%3Arn%3A53371609%3Arqn%3A1%3Au%3A1706249394553777939%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C22%2C22%2C1%2C83%2C0%2C%2C67%2C3%2C%2C%2C%2C196%3Aco%3A0%3Acpf%3A1%3Ans%3A1706249393488%3Agi%3AR0ExLjIuNDExMzMxOTI2LjE3MDYyNDkzOTQ%3D%3Afp%3A215%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706249394%3At%3ATransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/33590114/1?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1077869988454%3Ahid%3A575842020%3Az%3A60%3Ai%3A20240126070953%3Aet%3A1706249394%3Ac%3A1%3Arn%3A53371609%3Arqn%3A1%3Au%3A1706249394553777939%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C22%2C22%2C1%2C83%2C0%2C%2C67%2C3%2C%2C%2C%2C196%3Aco%3A0%3Acpf%3A1%3Ans%3A1706249393488%3Agi%3AR0ExLjIuNDExMzMxOTI2LjE3MDYyNDkzOTQ%3D%3Afp%3A215%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706249394%3At%3ATransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 31

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 33

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm6GnskyzZcOPBbPg1PIP4_WziA_m0-n6coqAkdf8EcCNtwEQASC0yrsjYJXikIKgB6AB9-KbtCjIAQKoAwHIA8mEgIAEqgTeAU_Q-NsaFkTPS5mcyIEgIie6pbtJtFoAGkyDWuszdNWufR0ukBka2HdM3KQP760ikiabfg6cuW39yLssXmzGAT-F5N7CkB63hpcIGQ4Z-FapegtMUCy6cf-gabrChSyXhi6H6ZpD3KMlaE-kDzR7Y7CjRpJYGoSlIBHCAPv7IvhyRxXo1JmhbVRuTs8MQnhQxmmwXUF7YQeQBIYEa3qYRUeomuGUPMcsBz2oshWvseWoFG4nBYA7rrYzvwvi3QgP3BezK1QFWV98Cy-ys2TUTcoybTqvU6vwmAiSYjM7O8AE4qjwiscEiAW794DDTJIFBAgEGAGSBQQIBRgEoAYCgAf3muyTA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEP-vHdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY842hqLL6gwOaCTpodHRwczovL2ZyZWUud2ViY29tcGFuaW9uLmNvbS9taW5pbWUvP2NhbXBhaWduPTIwNTQxNjE5MTMxgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTk2NzgzMzU4ODcwNTU5MjUYAA&sigh=6Tnwk5U5DoM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_Lsa0CfQTpcTlZR1I2zyRdw6tqFDeKvDQaJbSq_E1dyNTPNn5b_GVDgFtHdNjtOXlAahIcET_GQBf9qzFgL7DPFd7kpbmZHaMsBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216742580227713372721%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210413967218459081249%22}&andc=true

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8SqkFWVQfq_D8vXuCNQRI&google_cver=1

Request Chain 58

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbNMs8mktTgWqwpCuOrXwgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8SqkFWVQfq_D8vXuCNQRI&google_cver=1

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGSmf3CXcjnf8fLrFwP0UeM&google_cver=1

Request Chain 60

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNjgyNDA2ODUwOTQ4OTA5Mw%3D%3D

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 97

https://fw.adsafeprotected.com/rfw/st/1925915/77841633/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015411622&ias_pubId=pub-9678335887055925&ias_chanId=1&ias_placementId=20939250460&bidurl=https://transfiles.ru/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iLpOByKwmzIKqt3_NzQr2I&adsafe_url=https%3A%2F%2Ftransfiles.ru&adsafe_type=g&adsafe_url=https%3A%2F%2Ftransfiles.ru%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-9678335887055925%26fa%3D1%26ifi%3D4%26uci%3Da!4&adsafe_type=be&adsafe_jsinfo=,id:1c0b052d-4269-0d74-805c-5d0cc07d4e78,c:2nVngO,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74b57f8799-mspdw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:97,mot:0,app:0,maw:0,fm:u2rKzVj+11%7C121%7C122%7C13%7C14%7C15%7C1611%7C1612%7C171*.1925915-77841633%7C1711%7C1712%7C1713,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:105,oid:869b892f-bc11-11ee-be45-e2bf4957fe52,v:19.8.476,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

111 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
transfiles.ru/
Redirect Chain

http://transfiles.ru/
https://transfiles.ru/

14 KB
5 KB

45ms
22ms

Document
text/html

157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://transfiles.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 067c1d043faf9261ebe169bf4fd40e5b9fb2eea90bb7255d3ef4d627fbb306db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4645
Content-Type: text/html; charset=UTF-8
Date: Fri, 26 Jan 2024 06:09:53 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=10, max=100
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 309
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 26 Jan 2024 06:09:53 GMT
Keep-Alive: timeout=10, max=100
Location: https://transfiles.ru/
Server: Apache/2.4.41 (Ubuntu)

GET
H/1.1 200
OK common.css
transfiles.ru/css/ 44 KB
8 KB 12ms
12ms Stylesheet
text/css 157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://transfiles.ru/css/common.css?rnd=5
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ed23d77f6f9b412693cc70e8a3c3244919b82829198c8a07750fa3c10d6de7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:09:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 17:24:25 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "af66-5c07ed5934d67-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 8167

GET
H/1.1 200
OK common_m.css
transfiles.ru/css/ 13 KB
3 KB 24ms
11ms Stylesheet
text/css 157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://transfiles.ru/css/common_m.css?rnd=5
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 73d3d28d5dc18dedd5748b4b506e44cafbfa836ed3a04117e6be7e72b7f2e1a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:09:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 17:24:24 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "35b2-5c07ed58e2cf2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=98
Content-Length: 2795

GET
H/1.1 200
OK jquery.min.js Show response
transfiles.ru/assets/504097ca/ 91 KB
33 KB 37ms
16ms Script
application/javascript 157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://transfiles.ru/assets/504097ca/jquery.min.js
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:09:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 18:54:34 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "16dc4-5c08017fc8490-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 33430

GET
H/1.1 200
OK ru.png
transfiles.ru/images/ 224 B
509 B 32ms
10ms Image
image/png 157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transfiles.ru/images/ru.png
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 670bc999df02739e39c67ab53dd9e9d4c7be5049c14c29613fd96b2907a798a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:09:53 GMT
Last-Modified: Wed, 21 Apr 2021 17:27:31 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "e0-5c07ee0b1c31c"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 224

GET
H/1.1 200
OK en.png
transfiles.ru/images/ 758 B
1 KB 32ms
11ms Image
image/png 157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transfiles.ru/images/en.png
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9a87f8ade1743dc729fd6066a644c763d997b3415cdd7d27d38b0bbb4dd4b172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:09:53 GMT
Last-Modified: Wed, 21 Apr 2021 17:27:25 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "2f6-5c07ee0525e13"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 758

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 120ms
100ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e68e846652715c14c2970581cfcd91b6a0404d1a2db14123c73eb1df1b8f9781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51231
x-xss-protection: 0
server: cafe
etag: 10232114639859585143
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 26 Jan 2024 06:09:53 GMT

GET
H/1.1 200
OK functions.js Show response
transfiles.ru/js/ 12 KB
4 KB 11ms
11ms Script
application/javascript 157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://transfiles.ru/js/functions.js?rnd=5
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 1ba0d75f0de5b0569bf17b0d9fc0ba65f6859f6f775943e7894531e097cc0412

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:09:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jan 2022 00:02:37 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "31fa-5d5432bbec140-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 3612

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 208ms
109ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 24 Jan 2024 18:45:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65b15ab8-11838"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71736
expires: Fri, 26 Jan 2024 07:09:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 05:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1304
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 26 Jan 2024 07:48:09 GMT

GET
H/1.1 200
OK logo.png
transfiles.ru/images/ 6 KB
6 KB 11ms
10ms Image
image/png 157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transfiles.ru/images/logo.png
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 65d1456be6662023da53e43fe6969523b439f1c1bbe4c50d83a03140e2f4df34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/css/common.css?rnd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:09:53 GMT
Last-Modified: Wed, 21 Apr 2021 17:27:24 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "16c3-5c07ee041185a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 5827

GET
H/1.1 200
OK bg.jpg
transfiles.ru/images/ 5 KB
5 KB 12ms
11ms Image
image/jpeg 157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transfiles.ru/images/bg.jpg
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ce5c6a664266f7bd7c91b7962ac9d5145c026724d2b811af7bb6fc24c25abadd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/css/common.css?rnd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:09:53 GMT
Last-Modified: Wed, 21 Apr 2021 17:27:29 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1430-5c07ee0893c77"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=98
Content-Length: 5168

GET
H/1.1 200
OK donate.png
transfiles.ru/images/ 831 B
1 KB 12ms
12ms Image
image/png 157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transfiles.ru/images/donate.png
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6f1565d977b8533ec77b0d646270aa11b36039129680ae21fe9f78e28ce172fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/css/common.css?rnd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:09:53 GMT
Last-Modified: Wed, 21 Apr 2021 17:27:28 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "33f-5c07ee087c57b"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 831

GET
H/1.1 200
OK logo_footer.png
transfiles.ru/images/ 1 KB
1 KB 13ms
13ms Image
image/png 157.90.215.152
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://transfiles.ru/images/logo_footer.png
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.152.215.90.157.clients.your-server.de
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: f9c1dd4271998324523173e25f1f7ad65863c378087e71d3e819af7cdd650344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/css/common.css?rnd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 26 Jan 2024 06:09:53 GMT
Last-Modified: Wed, 21 Apr 2021 17:27:24 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "418-5c07ee0483c6a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=97
Content-Length: 1048

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=811718109&t=pageview&_s=1&dl=https%3A%2F%2Ftransfiles.ru%2F&ul=en-us&de=UTF-8&dt=TransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1156861053&gjid=454792671&cid=411331926.1706249394&tid=UA-72075365-1&_gid=1181078495.1706249394&_r=1&_slc=1&z=1478278118

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ea6dc38062bfb51a2d5dd76a3726e933579f741da5acee5afba1b2681010ec02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://transfiles.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://transfiles.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
82 KB 63ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FG4BQLH20C&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a81266c22353d2b69bda2939a46c4e493bee4ec380148419cebcf28804b16248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84076
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 06:09:53 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/ 403 KB
137 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9678335887055925&plah=transfiles.ru&bust=31080643

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77044084c68c4add69f41684901500e51f762d3399263a9d62c039e288f3a33d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139798
x-xss-protection: 0
server: cafe
etag: 17140296391366801185
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:09:53 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame D7AA 9 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://transfiles.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 14:56:01 GMT
etag: 3890843268177463596
expires: Thu, 08 Feb 2024 14:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FG4BQLH20C&gtm=45je41o0v9135322126&_p=1706249393730&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=411331926.1706249394&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftransfiles.ru%2F&dt=TransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&sid=1706249393&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=372
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FG4BQLH20C&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://transfiles.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10260.EZz-weoX1DLUCdx4FTi1GC9-ZIP8FGTMk0RukfqZNFLqULKxbQE7Q1R99seb-9ad.D_zNK_oan1LMtrj9MDJlKfyDzcw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10260.P66tJJUMesNndPzDkAeVihflWlRaBpGUOT6FIXWjizXONeqtSsAaCdQOkzm8U-P7DIFx-FNPXq8KEQZKeH8eFGDkwodaD19hg-CDaLSBpEBvhJThMxtwQ_szvBvlCX07Z9UxSx5LVX...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10260.Hpin-JOCBEZ9j0sVcGdsJc4nGTa7KiXTgFHzsWKR15XIiMCTI6DEJ24Ysw_ypHXNzYWfW4WPUCzoOMVE4I9bWcAz2awIcc6m54Q6FdtFQV5X5...

43 B
584 B

59ms
59ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10260.Hpin-JOCBEZ9j0sVcGdsJc4nGTa7KiXTgFHzsWKR15XIiMCTI6DEJ24Ysw_ypHXNzYWfW4WPUCzoOMVE4I9bWcAz2awIcc6m54Q6FdtFQV5X5sNh4y5idPkIBZo6b8W0mEy4zOjL0nxyLN2G8oCoP-qP_zjCBqDbT_0sNlp1osTW8LWsvKZcpD06vF_dpC-CNQqyYtJUIo2_uHsCX76txg%2C%2C.ZRJwFzl6sxNyPf85Hlkg_Ry2ink%2C

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:54 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10260.Hpin-JOCBEZ9j0sVcGdsJc4nGTa7KiXTgFHzsWKR15XIiMCTI6DEJ24Ysw_ypHXNzYWfW4WPUCzoOMVE4I9bWcAz2awIcc6m54Q6FdtFQV5X5sNh4y5idPkIBZo6b8W0mEy4zOjL0nxyLN2G8oCoP-qP_zjCBqDbT_0sNlp1osTW8LWsvKZcpD06vF_dpC-CNQqyYtJUIo2_uHsCX76txg%2C%2C.ZRJwFzl6sxNyPf85Hlkg_Ry2ink%2C
date: Fri, 26 Jan 2024 06:09:54 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
479 B 68ms
64ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:53 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 24 Jan 2024 18:45:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65b15ab8-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 26 Jan 2024 07:09:53 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB54 107 KB
40 KB 468ms
468ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=2897876991&adk=2362541866&adf=441738196&pi=t.ma~as.2897876991&w=970&lmt=1706249394&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706249393811&bpp=3&bdt=194&idt=240&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&correlator=8363418485769&frm=20&pv=2&ga_vid=411331926.1706249394&ga_sid=1706249394&ga_hid=811718109&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C44798934%2C31080643%2C95321627%2C95322164&oid=2&pvsid=354015820281090&tmod=344924490&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9678335887055925&plah=transfiles.ru&bust=31080643

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1b0b9353645cf6fc328b9d0ebb6022c13e81b840eb5ce7a257398af6b519796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://transfiles.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40560
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 06:09:54 GMT
expires: Fri, 26 Jan 2024 06:09:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E336 240 KB
63 KB 880ms
879ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&adk=1812271804&adf=3025194257&lmt=1706249394&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftransfiles.ru%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706249393826&bpp=3&bdt=208&idt=245&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x100&nras=1&correlator=8363418485769&frm=20&pv=1&ga_vid=411331926.1706249394&ga_sid=1706249394&ga_hid=811718109&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C44798934%2C31080643%2C95321627%2C95322164&oid=2&pvsid=354015820281090&tmod=344924490&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb21fd4370a43d94578522fba8664bc1e14db666aa48e2f2a1e0ddfa3b923de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://transfiles.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 64220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 06:09:54 GMT
expires: Fri, 26 Jan 2024 06:09:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 37ms
37ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu_main&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/33590114/
Redirect Chain

https://mc.yandex.com/watch/33590114?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
https://mc.yandex.com/watch/33590114/1?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...

459 B
578 B

53ms
53ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/33590114/1?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1077869988454%3Ahid%3A575842020%3Az%3A60%3Ai%3A20240126070953%3Aet%3A1706249394%3Ac%3A1%3Arn%3A53371609%3Arqn%3A1%3Au%3A1706249394553777939%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C22%2C22%2C1%2C83%2C0%2C%2C67%2C3%2C%2C%2C%2C196%3Aco%3A0%3Acpf%3A1%3Ans%3A1706249393488%3Agi%3AR0ExLjIuNDExMzMxOTI2LjE3MDYyNDkzOTQ%3D%3Afp%3A215%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706249394%3At%3ATransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

811cc06168f4b0cc938bba79419c8e061e0ef46ce84beb436ab6280ece3bb1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 26-Jan-2024 06:09:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://transfiles.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 459
x-xss-protection: 1; mode=block
expires: Fri, 26-Jan-2024 06:09:54 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:54 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 26-Jan-2024 06:09:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/33590114/1?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1077869988454%3Ahid%3A575842020%3Az%3A60%3Ai%3A20240126070953%3Aet%3A1706249394%3Ac%3A1%3Arn%3A53371609%3Arqn%3A1%3Au%3A1706249394553777939%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C22%2C22%2C1%2C83%2C0%2C%2C67%2C3%2C%2C%2C%2C196%3Aco%3A0%3Acpf%3A1%3Ans%3A1706249393488%3Agi%3AR0ExLjIuNDExMzMxOTI2LjE3MDYyNDkzOTQ%3D%3Afp%3A215%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706249394%3At%3ATransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://transfiles.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 26-Jan-2024 06:09:54 GMT

GET
H2 200 4933562261553743136
tpc.googlesyndication.com/simgad/ Frame BB54 11 KB
11 KB 34ms
12ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4933562261553743136?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmQvFp2ipBt3OZ9PMql_9KgDyl1zw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=2897876991&adk=2362541866&adf=441738196&pi=t.ma~as.2897876991&w=970&lmt=1706249394&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706249393811&bpp=3&bdt=194&idt=240&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&correlator=8363418485769&frm=20&pv=2&ga_vid=411331926.1706249394&ga_sid=1706249394&ga_hid=811718109&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C44798934%2C31080643%2C95321627%2C95322164&oid=2&pvsid=354015820281090&tmod=344924490&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c62fb06d304a7e0f048c2132bc3c65da7b98b40b80bf8b2ea8344a4b89526cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:29:59 GMT
x-content-type-options: nosniff
age: 196795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10821
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 15:30:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Jan 2025 23:29:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame BB54 23 KB
9 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 11:54:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame BB54 3 KB
1 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:47:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 05:47:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame BB54 20 KB
9 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BB54 205 KB
65 KB 73ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:09:54 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame BB54 36 KB
15 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14823
x-xss-protection: 0
server: cafe
etag: 5840398140224802838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:30:27 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 14DB 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=2897876991&adk=2362541866&adf=441738196&pi=t.ma~as.2897876991&w=970&lmt=1706249394&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706249393811&bpp=3&bdt=194&idt=240&shv=r20240122&mjsv=m202401220101&ptt=9&saldr=aa&abxe=1&correlator=8363418485769&frm=20&pv=2&ga_vid=411331926.1706249394&ga_sid=1706249394&ga_hid=811718109&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44808397%2C44798934%2C31080643%2C95321627%2C95322164&oid=2&pvsid=354015820281090&tmod=344924490&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 05:38:20 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 14DB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
28ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 06:09:54 GMT
expires: Fri, 26 Jan 2024 06:09:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 06:09:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BB54 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ea47f240fa00bff7178cd0eb4b0da81570d54ccf47b92f5d1459f5f4d7a0d4e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BB54
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm6GnskyzZcOPBbPg1PIP4_WziA_m0-n6coqAkdf8EcCNtwEQASC0yrsjYJXikIKgB6AB9-KbtCjIAQKoAwHIA8mEgIAEqgTeAU_Q-NsaFkTPS5mcyIEgIie6pbtJtFoAGkyDWuszdNWufR0...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216742580227713372721%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window...

0
0

54ms
38ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216742580227713372721%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%2222%22:[%22true%22],%224%22:[%2201-26%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210413967218459081249%22}&andc=true

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16742580227713372721","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-26"],"6":["true"]},"priority":"500","source_event_id":"10413967218459081249"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 06:09:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 26 Jan 2024 06:09:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16742580227713372721","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"22":["true"],"4":["01-26"],"6":["true"]},"priority":"500","source_event_id":"10413967218459081249"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame CC36 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 11:59:51 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 64ms
38ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 26 Jan 2024 06:09:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 67ms
53ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df3fec149739ea57c35cfaa0788a9450bb0a5a2d71def85fbc3722ef6ce4cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12325
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/ 165 KB
56 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401220101/reactive_library_fy2021.js?bust=31080643

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096e5dbfbe3824e576d6a606cb8759e07703773b847c1927135ef8302b30439e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57002
x-xss-protection: 0
server: cafe
etag: 12636038807080621591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:09:55 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 06:09:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB32 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://transfiles.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 05:47:53 GMT
expires: Sat, 25 Jan 2025 05:47:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E6F2 829 B
999 B 18ms
17ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1373e6c12f4eda252ccc5e2f4cff95730d7a10e0825d2f3000ed11e43d8989c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2EJmyDZ3yGMVL51oRfwWRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://transfiles.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2EJmyDZ3yGMVL51oRfwWRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 06:09:55 GMT
expires: Fri, 26 Jan 2024 06:09:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 84AD 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://transfiles.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Thu, 08 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame FFEA 9 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://transfiles.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Thu, 08 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame DB32 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 11:54:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 84AD 4 KB
1 KB 115ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 05:33:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 06:09:55 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 84AD 205 B
651 B 107ms
8ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 13:51:31 GMT
x-content-type-options: nosniff
age: 231504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Jan 2025 13:51:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 84AD 604 B
696 B 108ms
9ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:43:34 GMT
x-content-type-options: nosniff
age: 195981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Jan 2025 23:43:34 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 84AD 16 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
server: cafe
etag: 16407976921096022632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:35:25 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 84AD 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9462
x-xss-protection: 0
server: cafe
etag: 4236850132385514013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:31:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7D46 624 B
245 B 47ms
46ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOLKvIMCMAE&v=APEucNU-eAHGRqWH0t0oxHdGe2nIoLWcbhlMI8ZuiJbZgSqrmZFj7WYBUig6nzP6a-ZeT8Afh2GcbTRch1fZ3OZ-8QWjDaNgrpuSOD6Ez3UNw3N8klpqtX0ji3_uE0VzCscJaMvrFc0l9JXha2gSKlnkrQGbKYcMJ2Vp42NoeCuvHB9wWeM3qos

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 06:09:55 GMT
expires: Fri, 26 Jan 2024 06:09:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 721B 89 KB
31 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:09:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 721B 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:47:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 05:47:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 721B 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 721B 205 KB
65 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:09:55 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 721B 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtyqqjskCmZjEEye1Hctcxo5WCi4lVhNNcf9P5edulcAVfbGpdUCPBh6M0dbcGFrFhmQaLmS8nN-p1Paa5OE3BMlhcHV4HRMi1MKL_IX7ddagCXoA

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E6F2 0
0 38ms
38ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=354015820281090&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DB32 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?l9X_XQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7D46
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8SqkFWVQfq_D8vXuCNQRI&google_cver=1

43 B
767 B

23ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8SqkFWVQfq_D8vXuCNQRI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOLKvIMCMAE&v=APEucNU-eAHGRqWH0t0oxHdGe2nIoLWcbhlMI8ZuiJbZgSqrmZFj7WYBUig6nzP6a-ZeT8Afh2GcbTRch1fZ3OZ-8QWjDaNgrpuSOD6Ez3UNw3N8klpqtX0ji3_uE0VzCscJaMvrFc0l9JXha2gSKlnkrQGbKYcMJ2Vp42NoeCuvHB9wWeM3qos
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpAYDN1GUevfHRJR6c%2FzxTscPNMnyyxvjH6TmAxShWnDE0wXqXNwWpdPcs5EF10nlpiZiYPuN7JIEOI4IHjUpTaIqBIqrqMUwApMD8ZsWSGTrsoOdOilP0SLPEZXZnr2WLislkFfnpG5Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84b69700badb921a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8SqkFWVQfq_D8vXuCNQRI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7D46
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbNMs8mktTgWqwpCuOrXwgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8SqkFWVQfq_D8vXuCNQRI&google_cver=1

43 B
736 B

39ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8SqkFWVQfq_D8vXuCNQRI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOLKvIMCMAE&v=APEucNU-eAHGRqWH0t0oxHdGe2nIoLWcbhlMI8ZuiJbZgSqrmZFj7WYBUig6nzP6a-ZeT8Afh2GcbTRch1fZ3OZ-8QWjDaNgrpuSOD6Ez3UNw3N8klpqtX0ji3_uE0VzCscJaMvrFc0l9JXha2gSKlnkrQGbKYcMJ2Vp42NoeCuvHB9wWeM3qos
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R52wDPDPVQCVWxkFt5dD%2F5xcJU21QJ925%2BpH4bIET2rjFae1Ds%2FkyNr74pkD7IWln90xSV%2FBBHaqVi1nShd1IIGzYL%2Fn8fthjMHr0FuwMlCs6ybWzMehs3aVLP0m1TDn%2FfXvpze5iLkYCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84b69700badc921a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8SqkFWVQfq_D8vXuCNQRI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7D46
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGSmf3CXcjnf8fLrFwP0UeM&google_cver=1

43 B
1 KB

6ms
6ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGSmf3CXcjnf8fLrFwP0UeM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOLKvIMCMAE&v=APEucNU-eAHGRqWH0t0oxHdGe2nIoLWcbhlMI8ZuiJbZgSqrmZFj7WYBUig6nzP6a-ZeT8Afh2GcbTRch1fZ3OZ-8QWjDaNgrpuSOD6Ez3UNw3N8klpqtX0ji3_uE0VzCscJaMvrFc0l9JXha2gSKlnkrQGbKYcMJ2Vp42NoeCuvHB9wWeM3qos

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
an-x-request-uuid: 12d5a73d-fda9-4000-99b4-73ed3058f310
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGSmf3CXcjnf8fLrFwP0UeM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7D46
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNjgyNDA2ODUwOTQ4OTA5Mw%3D%3D

170 B
243 B

38ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNjgyNDA2ODUwOTQ4OTA5Mw%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
an-x-request-uuid: f35b543a-2691-4338-87f4-b9dc01a4840c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzczNjgyNDA2ODUwOTQ4OTA5Mw%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 721B 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4163680719403&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 721B 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4163680719403&version=m202309260101&ct=76&x=1&cor=13021087195393425000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 721B 110 KB
42 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASSH3OvPQqIfRH8E1x_8rSdzIMc5vZd0BnFZe1DwSrqm81UX48m0hw1GhOKEHVot1Ry06OFxx4kFm8SGMpAzhnCn2p1gatFdUZqt3FtJzralO2JDdliIKYanR27wFyUSbqGwVBuLgvw4LtUO2DRaKtgh3gdfYfY1OYdmU_nJhStonCB3M&dbm_d=AKAmf-BKOnCpcPQJVyuOfMG7iLCUGyd4QpsXc1hyivqKQiSzqNCDPTsgnuWQNZk9GvswkeZG2PnN7yW6lXA2Ho_ENCH7uHSUQt2acI7FhUCrrBA4AF0YteQi_cpbGN1DmY0ycApJfOBQ1cKwOzncoCgRpTeyV_KKr7FsLIu2L8tYxQVQRro6_ggA59CwA4-Iz4nJgI5AKGzpffX3F71IYta2_5ZoobGO3E01wcKUbuFWowiyeIMp4gzAQ7T1whkI971nuO0Cr7zYSxXiNpipEB7p2uO1yO4Nc9HyMnd_SDr8KbHxuTAV5FD6YKCjiHxxmxi86Ck0060PZ3hBmHCDItUKKHkURcxdn3FoIq7eIy3ZaXtqF7cMvnZ3TgY4PI3qzouHIvbXnp6HM1338lmtN7Lau9Dby4TaIReEYuSPafJEtpFvISvjKMXCVudc0xvp8DhA-rQV74tI4d2174ThTJF7OHxX43kkXjnTtMfo6Sg6liuEWUPZsEwrGB4uHty-T6C0z02T8HJ7Tc74K-N6XZh_IIgSH89AC9YF-h9PJnDk2nCeDHepYdCmbWfDxeCAo9sym8nQn5tknx6k5DoebRdnS3g3-kTSxEchVcQ84KuOioUdrkAgw0EgQ9_46h6XimprSwi06swfRrgxKzpYgks5YXQaTK2XFSiPfjWOxmZSy2oJ7V85hdDjHA9OIqJJT-DoaqBuRBRcltbd-UkFFhuGkQlChAhDPQS-MejAKUAdc4t8waRvJjTIDjScFKz-hf4hrSUbAdqQ9-3FteKuqkhVkwgfDSVrV9g7P0Gseyrt5oDYoU4aUmGfHKLSVhnY8Xn-OcGLN3u98aUyIc1y3vDwBmGCJe0PsF1PQW9bP-UBto_LMK74GZKGvD3FS73mmw9eZ5e-WQ051ipwYIKDS0jmqeL8koWBc7AfV_E3lvgts7X6_CYWBA1uskHD4sXrPqdKaUXAomQqV-4n9yCQE_ByOV0huC2tY1j3FYoW118TgGEzWJYIuPRtSEhIQprIekRE3MiudMpNXbD0ZDOL_M3xmjfoJ36esf4-ykNjmGbWU8tloCy4cwtCPMvTOQRcH-GISYWLj_2-UC2mK8ct4BMXOZCz_NlH-00eZf6peLw0JZ7plYByt8ALfDDlAfTyQwAhxmJi-JPx3OMoOD_ihb09Tc7TUIp80iKeAHPzU7z7J_3qQH8lg_sv0RbO8-kWlHz7MIsQS7Id2KSCUgvRPDCZE0KS6CToLfHHTvdo4gVuPijLHi2jBs67WlZzbdIZPGTOumkVxoU2BU5YHtIKdgq2vHxd8FRD48fPHx3Rp63UfovHtFIL0mVw4oajSxzkfG-O8jTYUG-KBlUsI4VcVOzXtJLI3eLghg3bxtbSpPwhJlr-C80pPWGnsPK_BlArzvjEAQdf2qMuuR9-SjUXDxiUWvK8bfREj_kzRnV00OT7fL7rNyCiPpDsPkU9MlxXI7NLriQ97twZaNLxyYwj-rpWWmhVFUAcrM8NazGYntH5_sD46DJil1MN4xfae1V5IGFKNfG5TGDrTq2-rl-L7hS8TDF2LEe55T1PHaEe23A4DdsVtmKMc1EscqQvYgRG1dfb2LwvtzQy-M0xOOvtjwA-gOVyjHKvr9WX_6-C0V8ZdVQqcOT4iwacJKCtcZ1j6xyduaL6HGbMgQY3W-UBxoIax1ZXbDudIWh8DDSYOp8w_hH-XtkKFhWT4Bi_r74o5WQo8UCtG91zSW_yXr1iIUgWapKySdV34vJoV_Ufiky1kEPUEAdqLsc0nISKwggkT3jP9EId21tGLiwCDKau_XfYdSP_XaJaJ611km0r5GnlZx-JNhCDlVLb-UwazI_V1IxjGUKkPXiU-X8lO1p6O4L2sd_9AOp16SVljaJlbkvomAvaVhFJiEaYWOf1PRDfvaHLE52QhiwclrN9wughgm6W6kVNwNrpzENGVqnUna2UcaxwYg6La76D09vmXsYD5ukoSFxW96AUYeeyl7M0axNivQQDzoNeS9aT2ggKVR6ASqMA8lyK4nwBK5xJhyab9kYZYU5om_-yemTh18uNGQJoVeEnkku1NBAlUdHobdTTT6cSubTdubD5087bAENyHuO0fglwL8oK4I_UbzwzdJIlmZI4RxQlUrPjRvfyMc_0DRhZ6utzyzxAfpkmx8tclNYS_UZRIldXH-_PP53iz5EGtZtAjBD_0iDSg1hHBfPYpc7WHhMc7BneKVpXbMMulpNw1ZObNeB4vLJfFtOTMJ9kfot7LYYCQ2YyVvtIZtgL4ZL6uYzdGPff4Oa9yQGXGeIXgSRkJeHyhzRGjV3Fn8I63SNBjxRBGE2MswMS1WaOL0UgxHC5ARpdqYy0fJpjm9_aS0u0ds_LvaUfttfQ-HHRfKYPISZ-XM92vIe48imswxMc8JHRKIGHkcYNVKl0ilnDk2l4PvitxjvkCKkS--FtuW2KAJ_A0mq2G5ZGjPfv00ctS8qUXlVefkUamTYPmKjWutK971NUFlJRYbqud7RRQ8Ss_MBbw-kTh9tHHsf18iuao4L_qk84EcNAbj6kQOilOrt4gvP2Eq0YvHlXOw-7rsZMUyiVc3sr1wFU6SX42aviRbY3u-Cc27QFxeuoZ6QXIIK-M3FZAJW6en-iQ5O5rrdwMAWJJhcwv2kMt-TFe_GhMTBhNsm_qh1uBVJZMxfaogxr_0fXXgbxqKE--5o3xXgmpOkZFWci-R2RMEC_9IghPpbWJjdcZGmAmKpiqWi5WvztHFSSoSglRVA36m1rNorXsmQdTZzQaEdwWIPsl3yhnhzAgdIPtPlDmA2Pz_NUIWvDKsvw6p7hcSF-OkOHF_KJ4kBVhJRz5j3vwIl34VdLldctTYcNALKUqfnv7uDp_iO-r1aPqL31NvXyvCKOEO2H1BX15Rbm3ffrAI6IK9ijHBcBbFoWrKOkDISkeqoD8IYHZwkzVcQ_fPKgcfA9DpN2K9LqGzkiqpinibcPpBp_K5Lb7YKo4aQgwLmS7FScKgICidqz4Oi2i9AUy-Z9Be2Twzzxe19KdwWUx3O5mzijmsgx9-MbFbYCMXRsbkjo977MoKb_ZJzBjG1BSeo42rqlGW7lHL4oMpd_6D-A4xKVwPuKNEEss1a6My2Jgy261m7t8nKlPHJ-TcpxukQGZSqUvLHWwsds9u_E0KnGCXZlV2nQYFnSy_qF-SbDQl8h2UxnVdAI3JkBz2iXbT-O_tbgzDOf_5e1XbZU9103rTnecdfC-KJgyX4U4OJIdI0FR-kmYRbyxhfBpfU8NfBLibyWMoIWJtjOHjKCYzCtt7nqAwpy1zdTuyGSyGXcvKUDA9HIYgOwxkduZNmsOdEzOmeD4GT9bP2SB7qwMTtexBZPZ4qUyQxSuGMtgOrAmAUAN5cx6V_jBOFPuOzC0EY7OzBa2RmR9P6dp4s2WBjF9zGHXB1E1xWx3bR-FbFRvzTMwXLAYdWBqIDQR1lFp104YZulWCKGRCAuTHxzc-j9vFLUdBk3DIYzNnwjL8ugsWwhW26iUAlq1eS5_boSHx8W6zziBnO5ZAAikn0HN-7paIeH2F0ibNtkunJUUz4JV2cU_21IEHMuxEsghgHxkspZUvrdw0KbC4H0r9en04Bzv8bvQEBKg9_o_iurQfsONUEVueo2N0GUoF5VnfxRQ6zx4tVSrjeLG5cFG9gx2iPcSsPQbQXYmbJkVqv6E8T3Jt3SY3Ldjy1-gjSXQR7I5vhAvcpfnv6TgvuR3JsFcRWW-Pxyn4Mtd2XZQ8tteJvgDcpy04jH1GwK0kmVGOSYFprxIRdb9Ny8cA&cid=CAQSTgAvHhf_tftpMUbSFFgPO6NOXEZKyjVTr5wjyW29DLgMHISL3lV66xFnuFtDbiPrltftYY4TruFcvLgddr4MGO82ujR6FMX1WZr6JdhDQxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftransfiles.ru%2F&ds=l&xdt=1&iif=1&cor=13021087195393425000&adk=521587873&idt=72&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3106eae061cb58c46ffb485e349c25a751055a885b595d375c0a437a6ffb1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42496
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 990E 14 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 26 Jan 2024 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 05:37:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Jan 2024 06:09:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 990E 2 KB
822 B 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 11:54:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 990E 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 11:54:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E2E4 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1895
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 05:38:20 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 990E 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:47:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 05:47:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 990E 20 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:41:57 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 990E 205 KB
65 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 06:09:55 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 990E 37 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 15:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 00:40:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 15:50:21 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E2E4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

25ms
25ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 06:09:55 GMT
expires: Fri, 26 Jan 2024 06:09:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 06:09:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1925915/77841633/ Frame 721B 60 KB
15 KB 107ms
32ms Script
application/javascript 52.18.204.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1925915/77841633/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015411622&ias_pubId=pub-9678335887055925&ias_chanId=1&ias_placementId=20939250460&bidurl=https://transfiles.ru/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iLpOByKwmzIKqt3_NzQr2I
Requested by: Host: transfiles.ru
URL: https://transfiles.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.204.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-204-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1ef3267178bd8be2a3ce8d416e7bcfd7df6dfcad4410731e6829f66815402aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 721B 111 KB
39 KB 55ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 19:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Jan 2024 19:25:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 721B 12 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASSH3OvPQqIfRH8E1x_8rSdzIMc5vZd0BnFZe1DwSrqm81UX48m0hw1GhOKEHVot1Ry06OFxx4kFm8SGMpAzhnCn2p1gatFdUZqt3FtJzralO2JDdliIKYanR27wFyUSbqGwVBuLgvw4LtUO2DRaKtgh3gdfYfY1OYdmU_nJhStonCB3M&dbm_d=AKAmf-BKOnCpcPQJVyuOfMG7iLCUGyd4QpsXc1hyivqKQiSzqNCDPTsgnuWQNZk9GvswkeZG2PnN7yW6lXA2Ho_ENCH7uHSUQt2acI7FhUCrrBA4AF0YteQi_cpbGN1DmY0ycApJfOBQ1cKwOzncoCgRpTeyV_KKr7FsLIu2L8tYxQVQRro6_ggA59CwA4-Iz4nJgI5AKGzpffX3F71IYta2_5ZoobGO3E01wcKUbuFWowiyeIMp4gzAQ7T1whkI971nuO0Cr7zYSxXiNpipEB7p2uO1yO4Nc9HyMnd_SDr8KbHxuTAV5FD6YKCjiHxxmxi86Ck0060PZ3hBmHCDItUKKHkURcxdn3FoIq7eIy3ZaXtqF7cMvnZ3TgY4PI3qzouHIvbXnp6HM1338lmtN7Lau9Dby4TaIReEYuSPafJEtpFvISvjKMXCVudc0xvp8DhA-rQV74tI4d2174ThTJF7OHxX43kkXjnTtMfo6Sg6liuEWUPZsEwrGB4uHty-T6C0z02T8HJ7Tc74K-N6XZh_IIgSH89AC9YF-h9PJnDk2nCeDHepYdCmbWfDxeCAo9sym8nQn5tknx6k5DoebRdnS3g3-kTSxEchVcQ84KuOioUdrkAgw0EgQ9_46h6XimprSwi06swfRrgxKzpYgks5YXQaTK2XFSiPfjWOxmZSy2oJ7V85hdDjHA9OIqJJT-DoaqBuRBRcltbd-UkFFhuGkQlChAhDPQS-MejAKUAdc4t8waRvJjTIDjScFKz-hf4hrSUbAdqQ9-3FteKuqkhVkwgfDSVrV9g7P0Gseyrt5oDYoU4aUmGfHKLSVhnY8Xn-OcGLN3u98aUyIc1y3vDwBmGCJe0PsF1PQW9bP-UBto_LMK74GZKGvD3FS73mmw9eZ5e-WQ051ipwYIKDS0jmqeL8koWBc7AfV_E3lvgts7X6_CYWBA1uskHD4sXrPqdKaUXAomQqV-4n9yCQE_ByOV0huC2tY1j3FYoW118TgGEzWJYIuPRtSEhIQprIekRE3MiudMpNXbD0ZDOL_M3xmjfoJ36esf4-ykNjmGbWU8tloCy4cwtCPMvTOQRcH-GISYWLj_2-UC2mK8ct4BMXOZCz_NlH-00eZf6peLw0JZ7plYByt8ALfDDlAfTyQwAhxmJi-JPx3OMoOD_ihb09Tc7TUIp80iKeAHPzU7z7J_3qQH8lg_sv0RbO8-kWlHz7MIsQS7Id2KSCUgvRPDCZE0KS6CToLfHHTvdo4gVuPijLHi2jBs67WlZzbdIZPGTOumkVxoU2BU5YHtIKdgq2vHxd8FRD48fPHx3Rp63UfovHtFIL0mVw4oajSxzkfG-O8jTYUG-KBlUsI4VcVOzXtJLI3eLghg3bxtbSpPwhJlr-C80pPWGnsPK_BlArzvjEAQdf2qMuuR9-SjUXDxiUWvK8bfREj_kzRnV00OT7fL7rNyCiPpDsPkU9MlxXI7NLriQ97twZaNLxyYwj-rpWWmhVFUAcrM8NazGYntH5_sD46DJil1MN4xfae1V5IGFKNfG5TGDrTq2-rl-L7hS8TDF2LEe55T1PHaEe23A4DdsVtmKMc1EscqQvYgRG1dfb2LwvtzQy-M0xOOvtjwA-gOVyjHKvr9WX_6-C0V8ZdVQqcOT4iwacJKCtcZ1j6xyduaL6HGbMgQY3W-UBxoIax1ZXbDudIWh8DDSYOp8w_hH-XtkKFhWT4Bi_r74o5WQo8UCtG91zSW_yXr1iIUgWapKySdV34vJoV_Ufiky1kEPUEAdqLsc0nISKwggkT3jP9EId21tGLiwCDKau_XfYdSP_XaJaJ611km0r5GnlZx-JNhCDlVLb-UwazI_V1IxjGUKkPXiU-X8lO1p6O4L2sd_9AOp16SVljaJlbkvomAvaVhFJiEaYWOf1PRDfvaHLE52QhiwclrN9wughgm6W6kVNwNrpzENGVqnUna2UcaxwYg6La76D09vmXsYD5ukoSFxW96AUYeeyl7M0axNivQQDzoNeS9aT2ggKVR6ASqMA8lyK4nwBK5xJhyab9kYZYU5om_-yemTh18uNGQJoVeEnkku1NBAlUdHobdTTT6cSubTdubD5087bAENyHuO0fglwL8oK4I_UbzwzdJIlmZI4RxQlUrPjRvfyMc_0DRhZ6utzyzxAfpkmx8tclNYS_UZRIldXH-_PP53iz5EGtZtAjBD_0iDSg1hHBfPYpc7WHhMc7BneKVpXbMMulpNw1ZObNeB4vLJfFtOTMJ9kfot7LYYCQ2YyVvtIZtgL4ZL6uYzdGPff4Oa9yQGXGeIXgSRkJeHyhzRGjV3Fn8I63SNBjxRBGE2MswMS1WaOL0UgxHC5ARpdqYy0fJpjm9_aS0u0ds_LvaUfttfQ-HHRfKYPISZ-XM92vIe48imswxMc8JHRKIGHkcYNVKl0ilnDk2l4PvitxjvkCKkS--FtuW2KAJ_A0mq2G5ZGjPfv00ctS8qUXlVefkUamTYPmKjWutK971NUFlJRYbqud7RRQ8Ss_MBbw-kTh9tHHsf18iuao4L_qk84EcNAbj6kQOilOrt4gvP2Eq0YvHlXOw-7rsZMUyiVc3sr1wFU6SX42aviRbY3u-Cc27QFxeuoZ6QXIIK-M3FZAJW6en-iQ5O5rrdwMAWJJhcwv2kMt-TFe_GhMTBhNsm_qh1uBVJZMxfaogxr_0fXXgbxqKE--5o3xXgmpOkZFWci-R2RMEC_9IghPpbWJjdcZGmAmKpiqWi5WvztHFSSoSglRVA36m1rNorXsmQdTZzQaEdwWIPsl3yhnhzAgdIPtPlDmA2Pz_NUIWvDKsvw6p7hcSF-OkOHF_KJ4kBVhJRz5j3vwIl34VdLldctTYcNALKUqfnv7uDp_iO-r1aPqL31NvXyvCKOEO2H1BX15Rbm3ffrAI6IK9ijHBcBbFoWrKOkDISkeqoD8IYHZwkzVcQ_fPKgcfA9DpN2K9LqGzkiqpinibcPpBp_K5Lb7YKo4aQgwLmS7FScKgICidqz4Oi2i9AUy-Z9Be2Twzzxe19KdwWUx3O5mzijmsgx9-MbFbYCMXRsbkjo977MoKb_ZJzBjG1BSeo42rqlGW7lHL4oMpd_6D-A4xKVwPuKNEEss1a6My2Jgy261m7t8nKlPHJ-TcpxukQGZSqUvLHWwsds9u_E0KnGCXZlV2nQYFnSy_qF-SbDQl8h2UxnVdAI3JkBz2iXbT-O_tbgzDOf_5e1XbZU9103rTnecdfC-KJgyX4U4OJIdI0FR-kmYRbyxhfBpfU8NfBLibyWMoIWJtjOHjKCYzCtt7nqAwpy1zdTuyGSyGXcvKUDA9HIYgOwxkduZNmsOdEzOmeD4GT9bP2SB7qwMTtexBZPZ4qUyQxSuGMtgOrAmAUAN5cx6V_jBOFPuOzC0EY7OzBa2RmR9P6dp4s2WBjF9zGHXB1E1xWx3bR-FbFRvzTMwXLAYdWBqIDQR1lFp104YZulWCKGRCAuTHxzc-j9vFLUdBk3DIYzNnwjL8ugsWwhW26iUAlq1eS5_boSHx8W6zziBnO5ZAAikn0HN-7paIeH2F0ibNtkunJUUz4JV2cU_21IEHMuxEsghgHxkspZUvrdw0KbC4H0r9en04Bzv8bvQEBKg9_o_iurQfsONUEVueo2N0GUoF5VnfxRQ6zx4tVSrjeLG5cFG9gx2iPcSsPQbQXYmbJkVqv6E8T3Jt3SY3Ldjy1-gjSXQR7I5vhAvcpfnv6TgvuR3JsFcRWW-Pxyn4Mtd2XZQ8tteJvgDcpy04jH1GwK0kmVGOSYFprxIRdb9Ny8cA&cid=CAQSTgAvHhf_tftpMUbSFFgPO6NOXEZKyjVTr5wjyW29DLgMHISL3lV66xFnuFtDbiPrltftYY4TruFcvLgddr4MGO82ujR6FMX1WZr6JdhDQxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Ftransfiles.ru%2F&ds=l&xdt=1&iif=1&cor=13021087195393425000&adk=521587873&idt=72&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:58:41 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 721B 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:39:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 23:39:38 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 721B 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
DATA 200
OK truncated
/ Frame 721B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e99826e0b024a921953c4bbf5420fe98579f8c46f3c24e054924d8734464210

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3C37 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 65738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:54:17 GMT
expires: Fri, 24 Jan 2025 11:54:17 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame F9C1 51 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 11:59:51 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C37 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Jan 2025 11:54:25 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/ Frame D1A4 128 KB
23 KB 21ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07497e600d542b16e71f360179e2018d30b254cf361db69f24d083d2a060df17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 226435
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23444
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 15:16:00 GMT
expires: Wed, 22 Jan 2025 15:16:00 GMT
last-modified: Wed, 10 Jan 2024 17:01:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 721B 0
0 101ms
51ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyKzWjxWg7M5LJOJCrJX4IKWVVr3rJYtIamjVLSdCbsVIosjTp5hejNcRsW75rSTqo4XWugc2m4NbYKZsz1YlGLvwFIzMrERiFDhGMNi_D26YVqQl-g1lnZyv4a7CQjce5eBQovdf3tR9fnYPH5PTdj_CLVoXV4h1DU8uZYsuqeV9BnE2BeKN2_ZBIqM-qQzs6R0ccGPjcxtVoDzOAeoeNvRscGBlQ4Y9YqkneZ1hEN-6r_vW7P86K4iTfh95Zlf-qYI54PfwW2LiGq6pxNcGee9Q0vC18JFc_Ejz2VJngVmI4pJdXUfiBMzDC5cZPAh0aqKWInmhLscXG-wfCGbdIUKRYPdElj5Ix4o25WtpLmCiOTqloTU6jQclsAEEJnY6ie9NsXdzPCxQVYKTpnEmYU5pKQo8Ku8xA4giPQyL_ssKO35Y1VNCuYFgv-0oaEjuTFvh8o9iGMuKgdxtkIwH9z88waBA8BCmE0GPr-KJiJ5Rt2lkCcSnE35AXpcA0JbJh262JLOYIou_nN02u8eBJ9ZEfFuVObqWkWuC729YR4t313kD2mxTDmMSa69l_9waqkt4iPG2p7iZeuUO5lJ1OtkBX7OSXlLt61WMnekSoFw3UiTj0ICs74NSIjFQWIMPCe5prE6IbJFYJZbgO_50hVB1-91oKqn8ydTnMVxq4shBCgk3eOp7cOy_82RTfnlBTZbMMfiqQjAxNDe--u2vgM27pNIvXvqsua4CBMxNFM2hM6VUo5NV09wzWZd0nw3DbwCZMHtlsMaA9C3C-7MvRAWF4TMZIV83a9ij75qYMxTdEQh-Kh_R-ESg37CYYO5t13poI84JY2S4QLyCXbhnEoQ-GmdjRJL-TXwzM2U_rPJV-RjKMY4JAC1kFR5URSWl9L17qTznVniPute1b9pdM6jkCm_Etx8o32uY33wwXLC0E7aTNJDJoX3avMETyiIQlRZgialgAWC-ZJ90Wz3rHZkMDT2BG-iSQT3f-60k3yOZDReeszmmxdBJiQViG7PqqkpEyQP37Bg0HqDDaApb4YCiLLC_ENuDay2qSBZmP-rRR03gemwIHIuL3Xw3lyiyQLxQFjTxbpdtMIGBig8CwUtH4DrZWBFRx5EFwDiSJyswOOMBn8v3AzlzWYWCghfm9TEHFkveFRM2GYomTKh3Vklp77g2QxCNUPVYij98-v_YY1wINXLoZ-v29FRdJl-0UoR7ra1DlKfTkWgqMjilPueUxMzp0GHpag7cnzrfItXr3xySspwayZUBbm5qtjG6_ai7puBd4YeFH2_N0J9fmsvI2UGl8uRJfBD4PqLIEbAZ9I8zdb3Eh1r7YKaaZO4A&sai=AMfl-YTRTHCnKoRIxMV8B4I3TIwFrHRTa3Ee_DDjXQlbZ57Ww7-FQnUY3C2v0RaJlcd-zmT0dRdQodfnRgtEWqZ5xtPcwCRnyyoB7nqsKS15zTWX7LIjqLhCnKfTyYhRJFRgtR9Tzz3HeRyVy21frN5Kh9imVjXeJS-scEcAf6DzI7hn9B0iZK_3nJkhA50PMVKOKYH3sCx9Qu4uo8fkZSbP02TsZ0aUOy-ZaS4SGr_qQ3BoE2A_Hf5adTNN5yRTSWmK5hoxl9EMKcHsxS-414Cc0XvYUqV4hizcxubtQ8Lv7Y5bUEwrzgaPXox4-u0oH34&sig=Cg0ArKJSzGj1K8_n-9RvEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=101&cbvp=1&cstd=99&cisv=r20240122.46379&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 26 Jan 2024 06:09:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 93656
tags.bluekai.com/site/ Frame 721B 62 B
573 B 189ms
148ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D31345938&phint=crid%3D208185439&phint=pid%3D385946907
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 26 Jan 2024 06:09:55 GMT
content-length: 62
bk-server: 2294
content-type: image/gif

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame D1A4 32 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:49:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Jan 2024 23:49:10 GMT

GET
H2 200 main.19.8.476.js Show response
static.adsafeprotected.com/ Frame 721B 214 KB
67 KB 38ms
6ms Script
application/javascript 2600:9000:223f:5800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.476.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1925915/77841633/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015411622&ias_pubId=pub-9678335887055925&ias_chanId=1&ias_placementId=20939250460&bidurl=https://transfiles.ru/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iLpOByKwmzIKqt3_NzQr2I
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5d8aa9dad0a65624bd4e2bc22e74c310e3d2475e2d807c1713e7608e7cff0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:51:43 GMT
x-amz-version-id: 13aFAFQbOW1qsA26vxpqAkiT2qAXWsDK
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 202693
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 23 Jan 2024 20:34:43 GMT
server: AmazonS3
etag: W/"77d80e0eab989d48e932a266a346e250"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 8rc0afU9lrVNUp9OBbOL5BBvF8Af8a3AvqiV_imtrVq1VPkUwDQJ3w==

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 721B 0
0 45ms
43ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyKzWjxWg7M5LJOJCrJX4IKWVVr3rJYtIamjVLSdCbsVIosjTp5hejNcRsW75rSTqo4XWugc2m4NbYKZsz1YlGLvwFIzMrERiFDhGMNi_D26YVqQl-g1lnZyv4a7CQjce5eBQovdf3tR9fnYPH5PTdj_CLVoXV4h1DU8uZYsuqeV9BnE2BeKN2_ZBIqM-qQzs6R0ccGPjcxtVoDzOAeoeNvRscGBlQ4Y9YqkneZ1hEN-6r_vW7P86K4iTfh95Zlf-qYI54PfwW2LiGq6pxNcGee9Q0vC18JFc_Ejz2VJngVmI4pJdXUfiBMzDC5cZPAh0aqKWInmhLscXG-wfCGbdIUKRYPdElj5Ix4o25WtpLmCiOTqloTU6jQclsAEEJnY6ie9NsXdzPCxQVYKTpnEmYU5pKQo8Ku8xA4giPQyL_ssKO35Y1VNCuYFgv-0oaEjuTFvh8o9iGMuKgdxtkIwH9z88waBA8BCmE0GPr-KJiJ5Rt2lkCcSnE35AXpcA0JbJh262JLOYIou_nN02u8eBJ9ZEfFuVObqWkWuC729YR4t313kD2mxTDmMSa69l_9waqkt4iPG2p7iZeuUO5lJ1OtkBX7OSXlLt61WMnekSoFw3UiTj0ICs74NSIjFQWIMPCe5prE6IbJFYJZbgO_50hVB1-91oKqn8ydTnMVxq4shBCgk3eOp7cOy_82RTfnlBTZbMMfiqQjAxNDe--u2vgM27pNIvXvqsua4CBMxNFM2hM6VUo5NV09wzWZd0nw3DbwCZMHtlsMaA9C3C-7MvRAWF4TMZIV83a9ij75qYMxTdEQh-Kh_R-ESg37CYYO5t13poI84JY2S4QLyCXbhnEoQ-GmdjRJL-TXwzM2U_rPJV-RjKMY4JAC1kFR5URSWl9L17qTznVniPute1b9pdM6jkCm_Etx8o32uY33wwXLC0E7aTNJDJoX3avMETyiIQlRZgialgAWC-ZJ90Wz3rHZkMDT2BG-iSQT3f-60k3yOZDReeszmmxdBJiQViG7PqqkpEyQP37Bg0HqDDaApb4YCiLLC_ENuDay2qSBZmP-rRR03gemwIHIuL3Xw3lyiyQLxQFjTxbpdtMIGBig8CwUtH4DrZWBFRx5EFwDiSJyswOOMBn8v3AzlzWYWCghfm9TEHFkveFRM2GYomTKh3Vklp77g2QxCNUPVYij98-v_YY1wINXLoZ-v29FRdJl-0UoR7ra1DlKfTkWgqMjilPueUxMzp0GHpag7cnzrfItXr3xySspwayZUBbm5qtjG6_ai7puBd4YeFH2_N0J9fmsvI2UGl8uRJfBD4PqLIEbAZ9I8zdb3Eh1r7YKaaZO4A&sai=AMfl-YTRTHCnKoRIxMV8B4I3TIwFrHRTa3Ee_DDjXQlbZ57Ww7-FQnUY3C2v0RaJlcd-zmT0dRdQodfnRgtEWqZ5xtPcwCRnyyoB7nqsKS15zTWX7LIjqLhCnKfTyYhRJFRgtR9Tzz3HeRyVy21frN5Kh9imVjXeJS-scEcAf6DzI7hn9B0iZK_3nJkhA50PMVKOKYH3sCx9Qu4uo8fkZSbP02TsZ0aUOy-ZaS4SGr_qQ3BoE2A_Hf5adTNN5yRTSWmK5hoxl9EMKcHsxS-414Cc0XvYUqV4hizcxubtQ8Lv7Y5bUEwrzgaPXox4-u0oH34&sig=Cg0ArKJSzGj1K8_n-9RvEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=149&vt=11&dtpt=48&dett=3&cstd=99&cisv=r20240122.46379&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: transfiles.ru
URL: https://transfiles.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 MM_logo.png
s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/ Frame D1A4 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/MM_logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4336111e84dc42f94adca7e9798d71626c2a01330dc700bda5fc9873dc39efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:37:38 GMT
date: Tue, 23 Jan 2024 23:37:38 GMT
x-content-type-options: nosniff
age: 196337
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1814
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:01:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 SA_logo.png
s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/ Frame D1A4 1 KB
1 KB 10ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/SA_logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff410c49df1880c0d305691923c285ecf96aff086fc430af176e59bf18d4357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:27:54 GMT
date: Tue, 23 Jan 2024 23:27:54 GMT
x-content-type-options: nosniff
age: 196921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1447
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:01:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Prod1.png
s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/ Frame D1A4 4 KB
4 KB 14ms
13ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/Prod1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c563b9e0e8834b40b2738c5789cf6a449430eaf9d3edce516b280b55187ad2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:32:21 GMT
date: Tue, 23 Jan 2024 23:32:21 GMT
x-content-type-options: nosniff
age: 196654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4552
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:01:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Preis1.png
s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/ Frame D1A4 4 KB
4 KB 12ms
11ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/Preis1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c2cc30decbe1d30d6da92ff92a80bb773ab94b140d81fb5e1d61eff75735a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:40:57 GMT
date: Tue, 23 Jan 2024 23:40:57 GMT
x-content-type-options: nosniff
age: 196138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3881
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:01:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual2.png
s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/ Frame D1A4 7 KB
7 KB 13ms
13ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/Visual2.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

547a49e6ffa62067fd09740c7d2794c749ca716954cd06af2640c15e633af686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:39:48 GMT
date: Tue, 23 Jan 2024 23:39:48 GMT
x-content-type-options: nosniff
age: 196207
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7128
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:01:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual1.png
s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/ Frame D1A4 3 KB
3 KB 12ms
12ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/Visual1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92396917ea90b33297b8cfb311e2958640ab789d03ce7218ba10bdef264380d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 19:21:22 GMT
date: Tue, 23 Jan 2024 19:21:22 GMT
x-content-type-options: nosniff
age: 211713
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2599
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:01:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual.png
s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/ Frame D1A4 4 KB
4 KB 10ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/Visual.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddef912d8de7f2cd437efc4ee3944e6c2f02ad4122c3a6c1a51abb90c3ac2f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:27:54 GMT
date: Tue, 23 Jan 2024 23:27:54 GMT
x-content-type-options: nosniff
age: 196921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3746
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:01:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Bild.jpg
s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/ Frame D1A4 15 KB
15 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/Bild.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

938bb79f64d35741a592a07d71cc15ddd5efb0e1fab536ed56f3746f8594ba18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3061231144849003717/LeaderboardBOSE/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 19:25:45 GMT
date: Thu, 25 Jan 2024 19:25:45 GMT
x-content-type-options: nosniff
age: 38650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15677
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:01:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C37 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZmGAs0yzZZD8DqiRjuwPjcGc2AoAAAAAOAHgBAI&bg=!YWKlYi3NAAa8BdJLnAU7ADQBe5WfOJsSwSV6VeXKOQYKPG5HMRUgqZpo_S_FGGy7bgmkbO2VAqrQaOItqCBQvtJSn6iIAgAAAGpSAAAAAWgBB5kDDTGK5zcPzz0iB4a6NEbfy0D2eM_etmrIEPavG4lmAhipllty0sRhOBNNkrCC8P8HbQaMowRFK2Ss-JSek6TjAfPz9Kx1PIE-O9UAU4UyMhbq8n8OskdqT8Kd-wi4KSthAunPZVi4AxvJpshzugfiiaIL9u4bvsNukrsrgAMIU3zLxic1ISprJXYANf_pfvnSZSz3ZQn3EaQUvfSRwMjvbS0dpM0kqIuS9PTvkt83mhqHH_ITnbMI38J0wDaP2Tcb5p68OFNwroMm33ESyXYLr0wNZw8r6xRDwf_QU0MCmmLHYf7mVrY7f2Br73fNkmvDGm-VAjfgX-wcH7LxdXmc0kUvtljWrP82nqmsphDp0vre0w-7B3FtVNtVZkp2CvYn7vDmsS54l4jWBszESuP6ksAY43jsHlIIuh9s5hQiFTQaPYxF1vRgb_VENWdnNFMdgneXXLH_HKEs2H7mCvMgYq0EP2xQdGVP07pZMRvzi4_4rb7Navoi2CqPh8mbYqTgEze4Hju2X2udVz4aEYwWB0bSqPdTmuv6GHHBmlz_t_GwPjmeHEpDv1LCQFWxs54nclZziqKIPw1BFD0_AFfq_-tb6OvReFj7nJKeVdvCQW98_55EYAyoiycd9eKN9K73aD-L2Qx8GyfKaY6BW3wdIcGvRr0XQJUvjmsTEia4kpqMgztT11bdZGvihRbpT-pxWvwmW7UAEtDXByZ_0FbOZbewSGVWBeIbHdnFhEG5wul8tqYGeIR4TqjcQBEI781xt4th9D2dOC-Lcbwf1o84eXL-Da1RY29CFuvbobYWKjV2XFIFwPnnebhxsb6H8iZnQXm6XF-_m_qLfaiNHgEob9SNuYPCmQgWA6W3ZhiXmQBcr1MnOcOQRTFuOTTgyVwDSn_uHeh36stfUA3izYbhGZHXcWuHJwASmCJxxx5zrHd8pz8bcW35ayFTxgq8ug0JdFtOaYLx-ckjMJYz4dpasFaQyJ7HwaGDn6FAraiGK5sqBeOQjs0QXwDEPnuGps_QO4x5n9kugAhtTY0lkNM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 721B
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1925915/77841633/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015411622&ias_pubId=pub-9678335887055925&ias_chanId=1&ias_placementId=20939250460&bi...
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

17 B
465 B

6ms
6ms

Script
application/javascript

2600:9000:223f:5800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:223f:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10464517
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: T-_9ahlnmIpbhG0OcgydZDNLfXg8MRkVuGbxKIBJHQ9K4i-oQamoPQ==

Redirect headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
server: nginx
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 411A 91 KB
23 KB 6ms
6ms Script
application/javascript 2600:9000:223f:5800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10994445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: lFzywWLF2A7Q7wnWMYBgDisuj7U8_TRdiqRsZz889unyJ7Nj2imsCw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 721B 43 B
215 B 366ms
119ms Image
image/gif 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=1c0b052d-4269-0d74-805c-5d0cc07d4e78&tv=%7Bc:2nVnh1,pingTime:-3,time:118,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:105%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:118,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:105,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B19~0%5D,as:%5B19~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2rKzVj+11%7C121%7C122%7C13%7C14%7C15%7C1611%7C1612%7C171*.1925915-77841633%7C1711%7C1712%7C1713,idMap:171*,rmeas:1,rend:0,renddet:na,siq:106%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 721B 43 B
215 B 362ms
118ms Image
image/gif 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=1c0b052d-4269-0d74-805c-5d0cc07d4e78&tv=%7Bc:2nVnh2,pingTime:-6,time:119,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:119,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:105,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B20~0%5D,as:%5B20~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2rKzVj+11%7C121%7C122%7C13%7C14%7C15%7C1611%7C1612%7C171*.1925915-77841633%7C1711%7C1712%7C1713,idMap:171*,rmeas:1,rend:0,renddet:na,siq:106%7D&tpiLookup=ao:transfiles.ru*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 721B 43 B
216 B 360ms
117ms Image
image/gif 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=1c0b052d-4269-0d74-805c-5d0cc07d4e78&tv=%7Bc:2nVnh5,pingTime:-2,time:122,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:317,beZ:318,mfA:414,cmA:415,inA:415,inZ:417,prA:417,prZ:420,si:423,poA:423,poZ:432,cmZ:432,mfZ:432,loA:436,loZ:437,ltA:439,ltZ:439,mdA:318,mdZ:363%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:105%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:122,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:105,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B23~0%5D,as:%5B23~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2rKzVj+11%7C121%7C122%7C13%7C14%7C15%7C1611%7C1612%7C171*.1925915-77841633%7C1711%7C1712%7C1713,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:106,sinceFw:16,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BB54 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssI9GEkyfoo2-w_AYkA2sCPd1ikXVqY9yVQvO23eFAn6s9dU9JoLeS50mxXPFYH_xxUAxoCLrkGRHw0ekGivJO6_-ARenL5cfXP4hid6yxPjzaXljEF0XHr-0hMll-goQvxwdc7VQP14MGLFzbp92m2eLEV&sai=AMfl-YRR8fIq0heLNQPaLAOPWzr2Zi-HvXowjKTfWM11dzwiHKve08F2K4Uvl2dP55yrRyL2sU7rO40kIixZVUKzdh4J1Zhjx9X80ObHU6Uju1bY_QAg4VVYXioQa_R5g0n6DwdYfXnTFQqjsFFrg8yn&sig=Cg0ArKJSzLoO1WKlABqoEAE&cid=CAQSTgAvHhf_Lsa0CfQTpcTlZR1I2zyRdw6tqFDeKvDQaJbSq_E1dyNTPNn5b_GVDgFtHdNjtOXlAahIcET_GQBf9qzFgL7DPFd7kpbmZHaMsBgB&id=lidar2&mcvt=1000&p=0,77,100,894&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2362541866&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170624939400&rst=1706249394064&rpt=599&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 39ms
39ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=354015820281090&bg=!wMOlw4zNAAa8BdJLnAU7ADQBe5WfOP-5OzAFhRy6Af3N_JcpP6MEQRN7ykBWQcvUB5kUr3DruvRAeArC2qsm7Ss5dv9CAgAAAGRSAAAAAmgBBwoAXGGYymuYftEg3yY5LVL6krGgzjXjB3DsdZR3zIjaTS9I2_syMKKoeNvBaq4EOL8X8geYfZvADtjrn24CsjY3OB1BzNIop7d4Ir39KJWuT4kgPoMD-oxiCK-JZEWhmQKtLJL07F0MbIuwX9CHiyMpzOEdKZxKmrE-6LWSt1UTiG--7pFSm_8Fv3r35nTDjJWlBuh0pyHg35arqET0ECFeN8A20FYCm9uZHLk-_54bx6Sf5zugPtboXnPt_8yW6ln5qkydtUH5-UtPYxvmZVTOkDnKwAQKOGSdMyFVBqw7FrEDbisfuprO0SiWxufYXCyRmUozMbTBq2qSUeL43GrdHRAhesW6DneRNobxeb-Sn_hRDP80x3q41q0kR7s56w9x1dmUlmtcu4TikYpZ0ZwhrgercBCQyZM11KANlUbDGT-0tzgtrqHdQdSUg0cr5ykHmEEBjVD7Zw2_OylYKo8MRNBP_AHmIphYFbhkSKZ-4y0l5vMoEiXU-bJ5xOusCniplDcc0gvS2-GoGXD9E8BFUWC3etwDob-ZeWV-V5zvgk2zN7SGyDYfBoQ-y1fT26fVhZqoyF0XPPt86gEQhIwJex0h2TIPIv3SpEpyiBzCtSMuTqTU1Sowr5LHEqXQs1HCjtUujpzrf5SOgIixUIjnEdQudHuyjM1Fe8fm1whvinavyTNuwB7aiLderB9X5Qp8RPP_nNter0kOyVJW0ht1YJ25Edg2moGmq1PP-F2gjYvQVVeRJfpT-zBCbVa37BDeQkwxwLA1JQdfG-iEiL8-H5PdAa32frb27s2pp24rs8xxeY2lkzjVWp5MN_yJb8Izq-UHMqVlQR_HhQr-_su4zYSAcJc91xMmD_QcbppSleQsK0hixKaAmVo7ZASkGmDtKyaCw2HHBsjwTK8XzXr8wk6OQOckmnHliTl40nFTSYvCUHRvWp99XGw0mm8usnARjDlNBO5D4EUoW0-Re8hSvSmoBcWG05lkjJtrZylJ5secGPooai7FinwrNYAGretznUNsKsOnMWrUXW5xcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://transfiles.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 721B 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=1c0b052d-4269-0d74-805c-5d0cc07d4e78&tv=%7Bc:2nVnlI,pingTime:-10,time:409,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706249395846%7C%7Ca8b7030a347f8e997a2668228605dfcb%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7Cd6da9b0c9ae5389f0b76db7472a29e05%7C%7Ccc4a0918b592efc713576db81aedf2e5%7C%7C74aeb9161edd29dd8346c97fa5e14084%7C%7C82fe458583a9f86f6b8cc5a8b3900b08%7C%7Cb1c6aedb590f3102a796299d0a1ea939%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:55 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 721B 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=1c0b052d-4269-0d74-805c-5d0cc07d4e78&tv=%7Bc:2nVno6,time:557,type:e,im:%7Bpci:%7Btdr:429%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:557,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:105,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B458~0%5D,as:%5B458~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:121,fm:u2rKzVj+11%7C121%7C122%7C13%7C14%7C15%7C1611%7C1612%7C171*.1925915-77841633%7C1711%7C1712%7C1713,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:106,sis:169%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:56 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 721B 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJbFA6qAlXWU76Yx2dqJ3yuY9RUhPKvaDA0tMdGLQGL8m-p47OR3Nm1SnEb2avN7A340zbl9NzLhDQTFztUw9Ih2DeGJ5NpC5nPG5p7pNrbi1UKR9dRafW253M81JJwrGqr0c_tEOIcJr_whccp8MpQ9sf&sai=AMfl-YRMa1o6VAxwLJdAwk1h1hJmUQr3w_KsKrHrsq1nf1luCOv3UTHMPoAXF5BlzwWuEx6cwZUCmEutp1mNBK5pXlgxSaby6BGvTsvvCOS6da9OC6MXwreoxFZITaLAS35HWn1NLe3KEqHS6KvVIuT6&sig=Cg0ArKJSzOKOL9nklkJzEAE&cid=CAQSTgAvHhf_tftpMUbSFFgPO6NOXEZKyjVTr5wjyW29DLgMHISL3lV66xFnuFtDbiPrltftYY4TruFcvLgddr4MGO82ujR6FMX1WZr6JdhDQxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=316,816,1000,1026,1026&tos=316,500,184,26,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170624939500&rst=1706249395120&rpt=270&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 33590114
mc.yandex.com/webvisor/ 43 B
0 190ms
190ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/33590114?wv-part=1&wv-type=7&wmode=0&wv-hit=575842020&page-url=https%3A%2F%2Ftransfiles.ru%2F&rn=406225286&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1706249397%3Aw%3A1600x1200%3Av%3A1211%3Az%3A60%3Ai%3A20240126070956%3Au%3A1706249394553777939%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Ast%3A1706249397&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://transfiles.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:56 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 26-Jan-2024 06:09:56 GMT
content-type: image/gif
access-control-allow-origin: https://transfiles.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 26-Jan-2024 06:09:56 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 721B 0
20 B 37ms
37ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4163680719403&version=m202309260101&ct=76&x=1&cor=13021087195393425000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 33590114
mc.yandex.com/webvisor/ 43 B
0 59ms
59ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/33590114?wv-part=1&wv-type=7&wmode=0&wv-hit=575842020&page-url=https%3A%2F%2Ftransfiles.ru%2F&rn=562697397&browser-info=we%3A1%3Aet%3A1706249397%3Aw%3A1600x1200%3Av%3A1211%3Az%3A60%3Ai%3A20240126070957%3Au%3A1706249394553777939%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Ast%3A1706249397&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://transfiles.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:57 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 26-Jan-2024 06:09:57 GMT
content-type: image/gif
access-control-allow-origin: https://transfiles.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 26-Jan-2024 06:09:57 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 721B 43 B
215 B 118ms
117ms Image
image/gif 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=1c0b052d-4269-0d74-805c-5d0cc07d4e78&tv=%7Bc:2nVnG2,pingTime:1,time:1669,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:105%7D,%7Bpiv:100,vs:i,r:,t:669%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:669,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:105,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B570~0%5D,as:%5B570~728.90%5D%7D%7D,%7Bsl:i,t:669,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:120,fm:u2rKzVj+11%7C121%7C122%7C13%7C14%7C15%7C1611%7C1612%7C171*.1925915-77841633%7C1711%7C1712%7C1713,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:106,sis:169%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:57 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 721B 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=1c0b052d-4269-0d74-805c-5d0cc07d4e78&tv=%7Bc:2nVnG2,pingTime:1,time:1669,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:105%7D,%7Bpiv:100,vs:i,r:,t:669%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:669,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:105,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B570~0%5D,as:%5B570~728.90%5D%7D%7D,%7Bsl:i,t:669,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:120,fm:u2rKzVj+11%7C121%7C122%7C13%7C14%7C15%7C1611%7C1612%7C171*.1925915-77841633%7C1711%7C1712%7C1713,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:106,sis:169%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:1f4c:77b4:a4de:e986 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 06:09:57 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
transfiles.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: u76nf2ciqf21sfs2bfrcb3o1ar
.transfiles.ru/	1970-01-21 03:33:29	Name: _ga Value: GA1.2.411331926.1706249394
.transfiles.ru/	1970-01-20 17:58:55	Name: _gid Value: GA1.2.1181078495.1706249394
.transfiles.ru/	1970-01-20 17:57:29	Name: _gat Value: 1
.transfiles.ru/	1970-01-21 03:33:29	Name: _ga_FG4BQLH20C Value: GS1.2.1706249393.1.0.1706249393.0.0.0
.transfiles.ru/	1970-01-21 02:43:05	Name: _ym_uid Value: 1706249394553777939
.transfiles.ru/	1970-01-21 02:43:05	Name: _ym_d Value: 1706249394
.mc.yandex.com/	1970-01-20 17:57:29	Name: sync_cookie_csrf Value: 1181605813fake
.yandex.com/	1970-01-21 03:33:29	Name: i Value: QhQHP8ECYJyAy0ad2dLlhTxHcWOzJdaYp+UsNgZiGCmi+QYwJr8WujRVsj5CvNYgWIzC1D8QnPrbnamZkw9slarpa70=
.yandex.com/	1970-01-21 02:43:05	Name: yandexuid Value: 5624846181706249393
.transfiles.ru/	1970-01-20 17:58:41	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:57:29	Name: sync_cookie_csrf Value: 2224412053fake
.mc.yandex.com/	1970-01-20 17:58:55	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 03:33:29	Name: yandexuid Value: 5624846181706249393
.yandex.ru/	1970-01-21 03:33:29	Name: yuidss Value: 5624846181706249393
.yandex.ru/	1970-01-21 03:33:29	Name: i Value: QhQHP8ECYJyAy0ad2dLlhTxHcWOzJdaYp+UsNgZiGCmi+QYwJr8WujRVsj5CvNYgWIzC1D8QnPrbnamZkw9slarpa70=
.yandex.ru/	1970-01-21 03:33:29	Name: yp Value: 1706335794.yu.8853201701706249393
.yandex.ru/	1970-01-21 02:43:05	Name: ymex Value: 1708841394.oyu.8853201701706249393
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 916944521706249394
.yandex.com/	1970-01-21 02:43:05	Name: yuidss Value: 5624846181706249393
.yandex.com/	1970-01-21 02:43:05	Name: ymex Value: 1737785394.yrts.1706249394
.yandex.com/	1970-01-21 02:43:05	Name: bh Value: KgI/MA==
.transfiles.ru/	1970-01-20 17:57:31	Name: _ym_visorc Value: w
.transfiles.ru/	1970-01-21 03:19:05	Name: __gads Value: ID=5f532ce3efd9690e:T=1706249394:RT=1706249394:S=ALNI_MZHlWC8MM15I5p2HzcB0qrrFJdMsA
.transfiles.ru/	1970-01-21 03:19:05	Name: __gpi Value: UID=00000d49bdb81104:T=1706249394:RT=1706249394:S=ALNI_MYbGQ3jOjDrG7ks8VJSS-MdESXk7g
.doubleclick.net/	1970-01-20 17:57:32	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:19:05	Name: IDE Value: AHWqTUko3UdYoyfzJia5DwNaamO7ngh4eD71V6jAVnTbO8kYLkcXCj5zyW6EhYnbycY
.googleadservices.com/	1970-01-20 20:07:05	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 20:07:05	Name: XANDR_PANID Value: 29RUAgINOIdi2b-ca0lOyEiFhOaNeX066sTkqJwOSCFFWh7JZzJI135r9mFLzPXsWv7PNtOwYDyMYM5MxVKJNubW3OSTgpYDpOMxh40WgMU.
.adnxs.com/	1970-01-21 03:33:29	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:07:05	Name: uuid2 Value: 3736824068509489093
.casalemedia.com/	1970-01-21 02:43:05	Name: CMID Value: ZbNMs8mktTgWqwpCuOrXwgAA
.casalemedia.com/	1970-01-20 20:07:05	Name: CMPS Value: 5206
.casalemedia.com/	1970-01-20 20:07:05	Name: CMPRO Value: 5206
.doubleclick.net/	1970-01-20 22:16:41	Name: APC Value: AfxxVi6leYc2h3n6-RoIkNSV13fY5yvb90ct1ZGhP8TB6Q_pETtSPA
.adnxs.com/	1970-01-20 20:07:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilij$d>i!]tbPl1M>e)ZlrFUfJ+tGXxoiI/Q/PJ%y'PCGJ@S>Uap/N6ipO^NF>lFDoJa3If)y3KL9D3I?+NP+/*<
.bluekai.com/	1970-01-20 22:16:41	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 22:16:41	Name: bkpa Value: KJyN0AWvQY9xxBcENaj+cc1V63SnH9ABoWQB7qXyVdfcPh5nP9xmlUHyRQZbnp+7Y4smVE3RmjDZYt2FmyuMYjr+NzY9HxndTNkN6B8T+WYB0d5bJm+/My2Aj0Dc
.bluekai.com/	1970-01-20 22:16:41	Name: bku Value: ts6O9nB1LtVwFe/p

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
static.adsafeprotected.com
tags.bluekai.com
tpc.googlesyndication.com
transfiles.ru
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.130
142.250.185.162
142.250.186.34
157.90.215.152
172.64.151.101
2001:4860:4802:34::36
2600:1f18:1aca:4280:1f4c:77b4:a4de:e986
2600:9000:223f:5800:8:48e:53c0:93a1
2a00:1450:4001:802::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a02:6b8::1:119
37.252.171.21
52.18.204.174
72.246.169.24
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
067c1d043faf9261ebe169bf4fd40e5b9fb2eea90bb7255d3ef4d627fbb306db
07497e600d542b16e71f360179e2018d30b254cf361db69f24d083d2a060df17
096e5dbfbe3824e576d6a606cb8759e07703773b847c1927135ef8302b30439e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2cc30decbe1d30d6da92ff92a80bb773ab94b140d81fb5e1d61eff75735a9c
1373e6c12f4eda252ccc5e2f4cff95730d7a10e0825d2f3000ed11e43d8989c4
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ba0d75f0de5b0569bf17b0d9fc0ba65f6859f6f775943e7894531e097cc0412
1e99826e0b024a921953c4bbf5420fe98579f8c46f3c24e054924d8734464210
1ef3267178bd8be2a3ce8d416e7bcfd7df6dfcad4410731e6829f66815402aa4
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
1ff410c49df1880c0d305691923c285ecf96aff086fc430af176e59bf18d4357
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2df3fec149739ea57c35cfaa0788a9450bb0a5a2d71def85fbc3722ef6ce4cae
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
547a49e6ffa62067fd09740c7d2794c749ca716954cd06af2640c15e633af686
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
65d1456be6662023da53e43fe6969523b439f1c1bbe4c50d83a03140e2f4df34
670bc999df02739e39c67ab53dd9e9d4c7be5049c14c29613fd96b2907a798a5
6f1565d977b8533ec77b0d646270aa11b36039129680ae21fe9f78e28ce172fa
73d3d28d5dc18dedd5748b4b506e44cafbfa836ed3a04117e6be7e72b7f2e1a5
77044084c68c4add69f41684901500e51f762d3399263a9d62c039e288f3a33d
811cc06168f4b0cc938bba79419c8e061e0ef46ce84beb436ab6280ece3bb1c6
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
8c62fb06d304a7e0f048c2132bc3c65da7b98b40b80bf8b2ea8344a4b89526cf
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
92396917ea90b33297b8cfb311e2958640ab789d03ce7218ba10bdef264380d1
938bb79f64d35741a592a07d71cc15ddd5efb0e1fab536ed56f3746f8594ba18
9a87f8ade1743dc729fd6066a644c763d997b3415cdd7d27d38b0bbb4dd4b172
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c563b9e0e8834b40b2738c5789cf6a449430eaf9d3edce516b280b55187ad2e
9ea47f240fa00bff7178cd0eb4b0da81570d54ccf47b92f5d1459f5f4d7a0d4e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a81266c22353d2b69bda2939a46c4e493bee4ec380148419cebcf28804b16248
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3106eae061cb58c46ffb485e349c25a751055a885b595d375c0a437a6ffb1e9
b4336111e84dc42f94adca7e9798d71626c2a01330dc700bda5fc9873dc39efa
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
ce5c6a664266f7bd7c91b7962ac9d5145c026724d2b811af7bb6fc24c25abadd
d1b0b9353645cf6fc328b9d0ebb6022c13e81b840eb5ce7a257398af6b519796
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5d8aa9dad0a65624bd4e2bc22e74c310e3d2475e2d807c1713e7608e7cff0b4
d8d7facadee6df9e3f8ae5b0aeeef6f02045131ff8a2df78c95137bb73cbda99
ddef912d8de7f2cd437efc4ee3944e6c2f02ad4122c3a6c1a51abb90c3ac2f52
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68e846652715c14c2970581cfcd91b6a0404d1a2db14123c73eb1df1b8f9781
ea6dc38062bfb51a2d5dd76a3726e933579f741da5acee5afba1b2681010ec02
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed23d77f6f9b412693cc70e8a3c3244919b82829198c8a07750fa3c10d6de7e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9c1dd4271998324523173e25f1f7ad65863c378087e71d3e819af7cdd650344
fb21fd4370a43d94578522fba8664bc1e14db666aa48e2f2a1e0ddfa3b923de4
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

transfiles.ru Open in urlscan Pro 157.90.215.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

93 %HTTPS

64 %IPv6

17 Domains

23 Subdomains

23 IPs

4 Countries

1338 kBTransfer

3865 kBSize

39 Cookies

1 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

transfiles.ru Open in urlscan Pro
157.90.215.152 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

93 %
HTTPS

64 %
IPv6

17
Domains

23
Subdomains

23
IPs

4
Countries

1338 kB
Transfer

3865 kB
Size

39
Cookies

111 HTTP transactions
2 data transactions