urlscan.io logo urlscan.io
SecurityTrails logo

transfiles.ru Open in urlscan Pro
157.90.215.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://transfiles.ru/
Effective URL: https://transfiles.ru/
Submission: On January 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 94 HTTP transactions. The main IP is 157.90.215.152, located in Munich, Germany and belongs to HETZNER-AS, DE. The main domain is transfiles.ru.
TLS certificate: Issued by R3 on December 11th 2023. Valid for: 3 months.
This is the only time transfiles.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    157.90.215.152 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.152.215.90.157.clients.your-server.de
transfiles.ru
15    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
593 KB
25 transfiles.ru
transfiles.ru
185 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
139 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
74 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6227
3 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
4 google.com
www.google.com — Cisco Umbrella Rank: 6
912 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
4 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2266
71 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
65 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
82 KB
94 12
Domain Requested by
25 transfiles.ru 1 redirects transfiles.ru
18 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
15 pagead2.googlesyndication.com transfiles.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
13 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 mc.yandex.com 3 redirects transfiles.ru
mc.yandex.ru
6 www.gstatic.com googleads.g.doubleclick.net
4 www.googleadservices.com
4 www.google.com 3 redirects tpc.googlesyndication.com
3 fonts.googleapis.com googleads.g.doubleclick.net
3 mc.yandex.ru 1 redirects transfiles.ru
2 www.google-analytics.com transfiles.ru
www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
94 15

This site contains links to these domains. Also see Links.

Domain
vk.com
Subject Issuer Validity Valid
transfiles.ru
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://transfiles.ru/
Frame ID: 46B76A979707644C5411FD93FBB5D798
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 2772083D29C5CD67018D53FE9BA06A44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Frame ID: 8A4F30B76A0C4B35A3F46774C3EB82AA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&adk=1812271804&adf=3025194257&lmt=1704122596&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596674&bpp=1&bdt=222&idt=209&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x100&nras=1&correlator=4827126309637&frm=20&pv=1&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=214
Frame ID: E11821ECA80827F922B85602A1283D89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FC1EEAB85B8D8850E321C1EB2DFF872B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F39F7C40AD3813F7B859CF189745EBD3
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 03BE713816A19CE7FD2547F547159F73
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D487A12C8230F30FB05DB8D9984B769C
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DAC5F86230CEBE4B35B307EC1AF0324D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A67245ACF92C9E985295CE83066B1E92
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: BE270465D84CF61303D35E577E2DF1E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: E3ACC82A491B165EAEEFBE3C046A71D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 5959FB40F2A1D245B3F3EF2DADD8B77D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 382ADE8A4EE437330680325E2B25D8B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C19824BD99A5D0AB22D73EADB32B2C9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TransFiles - бесплатный файлообменник без регистрации

Page URL History Show full URLs

  1. http://transfiles.ru/ HTTP 301
    https://transfiles.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

96 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

1235 kB
Transfer

3421 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://transfiles.ru/ HTTP 301
    https://transfiles.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10235.yY7Yz2IrgE83B1U9gxSfM_Gf9uz2-wQRRfnmWU59ijuoYZ6wWpt5QD7M3yBljlkq.FUPvI5Xhm8rYbcBJGzrLT1xqJlY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10235.ajSL01nHicrydwNREv5KLDlyxbkkoHvSFFFoRENjubrBTAZ1BqffdeTYEiuKvUQWb2oJhBLlgXIR6FSAlakY-LH2i9Iiu6DOaH9ATIEKC8H30DawAR5HxvvSYmtb-6tBu6QxoG3FoavznecGQL41_ZTW05O9EwWII9gEmYvg5wwFfFN7_QB75WwK-c3gI77o_4Iq4uOvC84yLcL9LGBx9-vd7xVHUP_3dTyh8u8_uHo%2C.Lqip-IN5s4VfWuZpXBGf6rMWYIc%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10235.8ie8ya4H-GVdZbNSm_dhRjIJV299hvqfNRhBhB2AfgKCJtc4p3VKu8C9pQyZv_Y8quDg7_Sh0dwUs1hluvSOZ00-h0H8UhFTsstK-iDIyopMKQeNVQWtvc0abj8rN3Ogfp75cQnYP38lIopGjS111U4mrFf4zcGqRMYCv79AOhcXNlq0w-vPgGriimkUebO0kSLhC2Zblatk3fWDJobXiA%2C%2C.PE8msL6TFwAUfwRdDQF-iYI-0rQ%2C
Request Chain 37
  • https://mc.yandex.com/watch/33590114?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1158649996147%3Ahid%3A769584574%3Az%3A60%3Ai%3A20240101162316%3Aet%3A1704122597%3Ac%3A1%3Arn%3A818422534%3Arqn%3A1%3Au%3A1704122597321169065%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C26%2C19%2C1%2C187%2C0%2C%2C86%2C6%2C%2C%2C%2C319%3Aco%3A0%3Acpf%3A1%3Ans%3A1704122596217%3Agi%3AR0ExLjIuNDA2NjYzNDQxLjE3MDQxMjI1OTc%3D%3Afp%3A314%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704122597%3At%3ATransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/33590114/1?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1158649996147%3Ahid%3A769584574%3Az%3A60%3Ai%3A20240101162316%3Aet%3A1704122597%3Ac%3A1%3Arn%3A818422534%3Arqn%3A1%3Au%3A1704122597321169065%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C26%2C19%2C1%2C187%2C0%2C%2C86%2C6%2C%2C%2C%2C319%3Aco%3A0%3Acpf%3A1%3Ans%3A1704122596217%3Agi%3AR0ExLjIuNDA2NjYzNDQxLjE3MDQxMjI1OTc%3D%3Afp%3A314%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704122597%3At%3ATransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Request Chain 50
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 75
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cc7H75NiSZey8O4jQn88P856yoAWYyOWSdJeVm_D-EdrZHhABILTKuyNglYKAgLQHoAGW467PA8gBAakCQWlI9RqFsj6oAwHIA8sEqgTZAU_Q-qcWljj7NEIwKJYg_NXUmQgIWPP-QdNGHcXhCTolAJZyAA6x7mbUOn6UeUEGAs7RPXgTFkr-RP57ww94bOqsbwupjCFVsCkBm_HDIJd4E6OltmL0d6s5ZEIenWv3mKFmbwccN75oFsFypFfcSHVDdBgXPsKX9nkDj-S2JnSwbdUVZ7Yr5WObpvKXXIHJuKdFDS0iU-xYpNAxcESd1oxlzfNk_NQ8mMcRYBANIOeztTmfIKLCJRz97YvqsnMnpIyr8P9g2XE39gxVJOy_TUNL00bUXuZITXDABMCx5uaXBIgFjLLKw0CSBQQIBBgBkgUECAUYBIAH0pzRMKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEN6zC9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY8OiqsL-8gwOaCUBodHRwczovL3d3dy5ob3JuZXRzZWN1cml0eS5jb20vZGUvbHAvMzY1LXRvdGFsLXByb3RlY3Rpb24tcGxhbnMvgAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05Njc4MzM1ODg3MDU1OTI1GAA&sigh=-ZXMAUVhsMI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_D_SQAuq5p92d0KOKr2ihYHogvPVR5Uo9rEZK45-PuYaGIq6y0F_5DGjqDoskxGKI0Cms7hNCwTd97zrwmuLeUI7_H3m6ZJMh3RgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213570333201245467161%22,%22debug_reporting%22:true,%22destination%22:%22https://hornetsecurity.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22971747734%22],%2222%22:[%22true%22],%224%22:[%2201-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2262685857863619553%22}&andc=true
Request Chain 77
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Ctz0X5NiSZe-1PJ2pn88Poe6T4Av31KLJdJeYhtePDpa6p9bnGhABILTKuyNglYKAgLQHoAGwubyGA8gBAqkCQWlI9RqFsj6oAwHIA8mEgIAEqgTeAU_QFqqU-2RhiTeY8oQyLR5zyZdFrgK7zPB4hVviO8hRJFvAWPxB78X92v_22dj-SOegdNIdSrYbl6dbhYPtM-SS4CHUCDBeta8IbUbUk6WDWU32ywh_BCVXVfFOkJZnI610lZ9t7dwW-ikXCsmPABrT5wkvPumd1ygpULITPvfxiTzhqIGHzkSMV3xLlLug5QDi2_56iXKlUztlVpryZrF-TFuQjbV5s8AxbBzbygU743n3F0aElw_AKstdz2XlTaztRqtkupKWk4p8AMInkI1UCHgzWofHf4t-I1YEasAEjrj-3fcCiAXQ2snkBqAGAoAHuMbDeagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEP-bDNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYs-SrsL-8gwOaCTlodHRwczovL3d3dy5hbGJlcnRpbmEuYXQvYXVzc3RlbGx1bmdlbi9tb25ldC1iaXMtcGljYXNzby-ACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLYEwPQFQGAFwGyFxwKGggAEhRwdWItOTY3ODMzNTg4NzA1NTkyNRgA&sigh=jD5k8awHLmk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_Au5nLr5Rhtme-_s1fYSprOBUVgDQ7Rqf0LoXmR5QAQyB0h8c9enX9eXoBDkAKRi12GSG42CJ9t7eCWL0W0DF5N3SM_YzuL243hgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224869536350384091786%22,%22debug_reporting%22:true,%22destination%22:%22https://albertina.at%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22818879664%22],%2222%22:[%22true%22],%224%22:[%2201-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223294464599396630465%22}&andc=true
Request Chain 79
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 81
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
transfiles.ru/
Redirect Chain
  • http://transfiles.ru/
  • https://transfiles.ru/
20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4f97fe3d5ef2cf021e265f59fdfd2423a4da15ea466aa44f3aa89028cf92e01d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
6363
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 Jan 2024 15:23:16 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=10, max=100
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
309
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 01 Jan 2024 15:23:16 GMT
Keep-Alive
timeout=10, max=100
Location
https://transfiles.ru/
Server
Apache/2.4.41 (Ubuntu)
jquery.mCustomScrollbar.css
transfiles.ru/css/ 		42 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/css/jquery.mCustomScrollbar.css
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
072dd12d521dc5871a870dacff4a8ac61abdb47901952659a3076dcb55179ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 17:24:25 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"a871-5c07ed594d403-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
3989
common.css
transfiles.ru/css/ 		44 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/css/common.css?rnd=5
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ed23d77f6f9b412693cc70e8a3c3244919b82829198c8a07750fa3c10d6de7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 17:24:25 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"af66-5c07ed5934d67-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=98
Content-Length
8167
common_m.css
transfiles.ru/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/css/common_m.css?rnd=5
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
73d3d28d5dc18dedd5748b4b506e44cafbfa836ed3a04117e6be7e72b7f2e1a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 17:24:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"35b2-5c07ed58e2cf2-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
2795
jquery.min.js
transfiles.ru/assets/504097ca/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/assets/504097ca/jquery.min.js
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 18:54:34 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"16dc4-5c08017fc8490-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
33430
ru.png
transfiles.ru/images/ 		224 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/ru.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
670bc999df02739e39c67ab53dd9e9d4c7be5049c14c29613fd96b2907a798a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:31 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"e0-5c07ee0b1c31c"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
224
en.png
transfiles.ru/images/ 		758 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/en.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9a87f8ade1743dc729fd6066a644c763d997b3415cdd7d27d38b0bbb4dd4b172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:25 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2f6-5c07ee0525e13"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
758
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d271299e902c88e3b9e30cec3b3735968c4c1c5ea6f9f219b805fc9f30e7d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51312
x-xss-protection
0
server
cafe
etag
1512122708449823829
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 15:23:16 GMT
show
transfiles.ru/securimage/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/securimage/show
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ad9f14d562831205887a75ede03079c570f6435894b2e227c9510c11da1a3a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Mon, 01 Jan 2024 15:23:16GMT
Server
Apache/2.4.41 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=10, max=99
Expires
Mon, 26 Jul 1997 05:00:00 GMT
functions.js
transfiles.ru/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/js/functions.js?rnd=5
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1ba0d75f0de5b0569bf17b0d9fc0ba65f6859f6f775943e7894531e097cc0412

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jan 2022 00:02:37 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"31fa-5d5432bbec140-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
3612
upload.js
transfiles.ru/js/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/js/upload.js?rnd=5
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b3adc420b193ed57d7944e9f41997745a4bbabf401749faa4e604790f9bc72c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Jun 2022 11:50:15 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"6113-5e089b9bf0bc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=98
Content-Length
6119
plupload.full.min.js
transfiles.ru/js/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/js/plupload.full.min.js
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b5395c833ff802b735ee54aa7ee540bfcd4256a5d1dc83368ba255a590665b93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 17:27:33 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1b9b9-5c07ee0cba3e2-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
36474
jquery.mCustomScrollbar.concat.min.js
transfiles.ru/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/js/jquery.mCustomScrollbar.concat.min.js
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
150b9f119f532d05a6a0eeca49d36bc7a01f8ec912bac67af2a34309ee320bf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 17:27:35 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"9f96-5c07ee0e797e3-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
12352
clipboard.min.js
transfiles.ru/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/js/clipboard.min.js
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 17:27:32 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2aa5-5c07ee0c2f935-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=97
Content-Length
3397
zclip.min.js
transfiles.ru/js/zclip/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://transfiles.ru/js/zclip/zclip.min.js
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
be2a64ee6b66368dbd5803ef1b1a74fbbf47dfcbba16b62f14abfe2e0539c5cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 17:27:33 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1d02-5c07ee0d20c73-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
2651
tag.js
mc.yandex.ru/metrika/ 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 27 Dec 2023 07:32:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"658bd2fc-11627"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71207
expires
Mon, 01 Jan 2024 16:23:16 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Jan 2024 15:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
51
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 01 Jan 2024 17:22:25 GMT
logo.png
transfiles.ru/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/logo.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
65d1456be6662023da53e43fe6969523b439f1c1bbe4c50d83a03140e2f4df34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/css/common.css?rnd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"16c3-5c07ee041185a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=97
Content-Length
5827
ny_red.png
transfiles.ru/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/ny_red.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a7ef210d24557ba96d64e6df08c9334e60da905c7311f23858c82185f1e7ebc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:31 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"39e5-5c07ee0b5f932"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=96
Content-Length
14821
bg.jpg
transfiles.ru/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/bg.jpg
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ce5c6a664266f7bd7c91b7962ac9d5145c026724d2b811af7bb6fc24c25abadd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/css/common.css?rnd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:29 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1430-5c07ee0893c77"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=96
Content-Length
5168
arrow-right.png
transfiles.ru/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/arrow-right.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d361fa53452f7eb52ddbc5c45ba350ba75f0117f2b369151f49564bba8badbb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/css/common.css?rnd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:28 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"92e-5c07ee07dd2b1"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=98
Content-Length
2350
arrow-left.png
transfiles.ru/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/arrow-left.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bf7da95652a69fd03cdc7f824dbac0aeb59b45bc06851fc0921c25fd651968fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/css/common.css?rnd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"97e-5c07ee03e3a00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=98
Content-Length
2430
btn_radio.png
transfiles.ru/images/ 		281 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/btn_radio.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
db6d5f406963934ee967f7ea0cc5f2368cf64b1fb774dd6122d171595558032e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/css/common.css?rnd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"119-5c07ee049a3c6"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=95
Content-Length
281
btn_password.png
transfiles.ru/images/ 		1000 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/btn_password.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
17adcfaaca25915c8117cf42d948cb1a5b1c50aa8c0366b01985418b799a632e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/css/common.css?rnd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:31 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3e8-5c07ee0aa7fcc"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=98
Content-Length
1000
btn_qrcode.png
transfiles.ru/images/ 		624 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/btn_qrcode.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
667d1872d646efc435c01a6af873b637545e011790236c6aec3a0cebd37b14fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/css/common.css?rnd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"270-5c07ee03cc303"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=97
Content-Length
624
donate.png
transfiles.ru/images/ 		831 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/donate.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6f1565d977b8533ec77b0d646270aa11b36039129680ae21fe9f78e28ce172fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/css/common.css?rnd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:28 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"33f-5c07ee087c57b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=99
Content-Length
831
logo_footer.png
transfiles.ru/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://transfiles.ru/images/logo_footer.png
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/css/common.css?rnd=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
157.90.215.152 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.152.215.90.157.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f9c1dd4271998324523173e25f1f7ad65863c378087e71d3e819af7cdd650344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/css/common.css?rnd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 15:23:16 GMT
Last-Modified
Wed, 21 Apr 2021 17:27:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"418-5c07ee0483c6a"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=98
Content-Length
1048
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
collect
www.google-analytics.com/j/ 		15 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1729833449&t=pageview&_s=1&dl=https%3A%2F%2Ftransfiles.ru%2F&ul=en-us&de=UTF-8&dt=TransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1340165467&gjid=1094524115&cid=406663441.1704122597&tid=UA-72075365-1&_gid=200220759.1704122597&_r=1&_slc=1&z=837122095
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ea6dc38062bfb51a2d5dd76a3726e933579f741da5acee5afba1b2681010ec02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://transfiles.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 15:23:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://transfiles.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FG4BQLH20C&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
814d102ed594a7193bc4e0a84884766557e24c587030c84a26b716fd5ae3e770
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83523
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 2024 15:23:16 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9678335887055925&plah=transfiles.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfc1c423c7723a3bce3bd7ee219566f799e5015651bb2c94ac721219a2bfbee4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137960
x-xss-protection
0
server
cafe
etag
834576395923303176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 15:23:16 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 2772 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfiles.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57863
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 31 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Sun, 14 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FG4BQLH20C&gtm=45je3bt0v9135322126&_p=1704122596598&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=406663441.1704122597&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftransfiles.ru%2F&dt=TransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&sid=1704122596&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=530
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FG4BQLH20C&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 15:23:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://transfiles.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10235.yY7Yz2IrgE83B1U9gxSfM_Gf9uz2-wQRRfnmWU59ijuoYZ6wWpt5QD7M3yBljlkq.FUPvI5Xhm8rYbcBJGzrLT1xqJlY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10235.ajSL01nHicrydwNREv5KLDlyxbkkoHvSFFFoRENjubrBTAZ1BqffdeTYEiuKvUQWb2oJhBLlgXIR6FSAlakY-LH2i9Iiu6DOaH9ATIEKC8H30DawAR5HxvvSYmtb-6tBu6QxoG3Foa...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10235.8ie8ya4H-GVdZbNSm_dhRjIJV299hvqfNRhBhB2AfgKCJtc4p3VKu8C9pQyZv_Y8quDg7_Sh0dwUs1hluvSOZ00-h0H8UhFTsstK-iDIyopMK...
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10235.8ie8ya4H-GVdZbNSm_dhRjIJV299hvqfNRhBhB2AfgKCJtc4p3VKu8C9pQyZv_Y8quDg7_Sh0dwUs1hluvSOZ00-h0H8UhFTsstK-iDIyopMKQeNVQWtvc0abj8rN3Ogfp75cQnYP38lIopGjS111U4mrFf4zcGqRMYCv79AOhcXNlq0w-vPgGriimkUebO0kSLhC2Zblatk3fWDJobXiA%2C%2C.PE8msL6TFwAUfwRdDQF-iYI-0rQ%2C
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:17 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10235.8ie8ya4H-GVdZbNSm_dhRjIJV299hvqfNRhBhB2AfgKCJtc4p3VKu8C9pQyZv_Y8quDg7_Sh0dwUs1hluvSOZ00-h0H8UhFTsstK-iDIyopMKQeNVQWtvc0abj8rN3Ogfp75cQnYP38lIopGjS111U4mrFf4zcGqRMYCv79AOhcXNlq0w-vPgGriimkUebO0kSLhC2Zblatk3fWDJobXiA%2C%2C.PE8msL6TFwAUfwRdDQF-iYI-0rQ%2C
date
Mon, 01 Jan 2024 15:23:16 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
ads
googleads.g.doubleclick.net/pagead/ Frame 8A4F 		130 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9678335887055925&plah=transfiles.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e39bfaa518b84b595236b3e579e73138d82b8942ca3f5fa93aeea570cd16456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfiles.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44898
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 15:23:17 GMT
expires
Mon, 01 Jan 2024 15:23:17 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
advert.gif
mc.yandex.com/metrika/ 		43 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:16 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 25 Dec 2023 13:57:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65898a2e-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 01 Jan 2024 16:23:16 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E118 		334 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&adk=1812271804&adf=3025194257&lmt=1704122596&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596674&bpp=1&bdt=222&idt=209&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x100&nras=1&correlator=4827126309637&frm=20&pv=1&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9678335887055925&plah=transfiles.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2fdd0046f34a3b939004b5e4c160c3b4a3211c0617ae0846b335a05fb116cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfiles.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
83710
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 15:23:17 GMT
expires
Mon, 01 Jan 2024 15:23:17 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=menu_main&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 15:23:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/33590114/
Redirect Chain
  • https://mc.yandex.com/watch/33590114?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
  • https://mc.yandex.com/watch/33590114/1?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
439 B
531 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/33590114/1?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1158649996147%3Ahid%3A769584574%3Az%3A60%3Ai%3A20240101162316%3Aet%3A1704122597%3Ac%3A1%3Arn%3A818422534%3Arqn%3A1%3Au%3A1704122597321169065%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C26%2C19%2C1%2C187%2C0%2C%2C86%2C6%2C%2C%2C%2C319%3Aco%3A0%3Acpf%3A1%3Ans%3A1704122596217%3Agi%3AR0ExLjIuNDA2NjYzNDQxLjE3MDQxMjI1OTc%3D%3Afp%3A314%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704122597%3At%3ATransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
90f77496c9a5d6485df0f765a0793d8f050eefaa4e7296ba6e3dc156cf9bd5bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 15:23:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 01-Jan-2024 15:23:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://transfiles.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Mon, 01-Jan-2024 15:23:17 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Jan 2024 15:23:17 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 01-Jan-2024 15:23:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/33590114/1?wmode=7&page-url=https%3A%2F%2Ftransfiles.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1158649996147%3Ahid%3A769584574%3Az%3A60%3Ai%3A20240101162316%3Aet%3A1704122597%3Ac%3A1%3Arn%3A818422534%3Arqn%3A1%3Au%3A1704122597321169065%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C26%2C19%2C1%2C187%2C0%2C%2C86%2C6%2C%2C%2C%2C319%3Aco%3A0%3Acpf%3A1%3Ans%3A1704122596217%3Agi%3AR0ExLjIuNDA2NjYzNDQxLjE3MDQxMjI1OTc%3D%3Afp%3A314%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704122597%3At%3ATransFiles%20-%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://transfiles.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 01-Jan-2024 15:23:17 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame 8A4F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 01:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
569938
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 25 Mar 2024 01:04:19 GMT
be57976d6a1e029e51e0bec17ffb7574.js
www.gstatic.com/mysidia/ Frame 8A4F 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/be57976d6a1e029e51e0bec17ffb7574.js?tag=text/vanilla_highlight_ms_cta_adjustment
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78cd504f90d41af80a454c16027b045c44a9c3d3e74f4a414b0e269be93ea54a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 02:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4901
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 28 Mar 2024 02:21:41 GMT
css
fonts.googleapis.com/ Frame 8A4F 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jan 2024 15:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 14:16:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jan 2024 15:23:17 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8A4F 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
48538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8A4F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
58980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8A4F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 16:18:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
83092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 16:18:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8A4F 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
48538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8A4F 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Jan 2024 15:23:17 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 8A4F 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 31 Mar 2024 13:56:43 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9678335887055925&plah=transfiles.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e44128a2911dbcc9031a191b00018005dbde321e10a7c330fa6d603b02a07ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56011
x-xss-protection
0
server
cafe
etag
9336093937293375424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 15:23:17 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame FC1E 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 14:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8A4F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e6aa61ac13523282df8470de068bd19837c73b07b19cfaec216b135cf050d9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame FC1E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 15:23:17 GMT
expires
Mon, 01 Jan 2024 15:23:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 15:23:17 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame F39F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9678335887055925&plah=transfiles.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfiles.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62753
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 31 Dec 2023 21:57:24 GMT
etag
5585625838579639069
expires
Sun, 14 Jan 2024 21:57:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 03BE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9678335887055925&plah=transfiles.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfiles.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62753
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 31 Dec 2023 21:57:24 GMT
etag
5585625838579639069
expires
Sun, 14 Jan 2024 21:57:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8A4F 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 21:01:51 GMT
x-content-type-options
nosniff
age
411686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 21:01:51 GMT
css2
fonts.googleapis.com/ Frame F39F 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jan 2024 15:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 15:05:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jan 2024 15:23:17 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F39F 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 22:18:58 GMT
x-content-type-options
nosniff
age
234259
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 28 Dec 2024 22:18:58 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F39F 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 21:31:42 GMT
x-content-type-options
nosniff
age
64295
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 30 Dec 2024 21:31:42 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame F39F 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 01:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
48514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 01:54:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame F39F 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
18333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 10:17:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 03BE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
58980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 23:00:17 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D487 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 14:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 03BE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 16:18:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
83092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 16:18:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 03BE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
48538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 01:54:19 GMT
12829305183580751892
tpc.googlesyndication.com/daca_images/simgad/ Frame 03BE 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/12829305183580751892
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5c25f51b857c3e46300f8eb7449cf91cd8237a9dd39e7e431de3ce539b65e54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 08:07:28 GMT
date
Tue, 26 Dec 2023 08:07:28 GMT
x-content-type-options
nosniff
age
544549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47626
x-xss-protection
0
last-modified
Sat, 07 Aug 2021 18:57:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 03BE 		202 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62114
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 15:58:30 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 03BE 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 02:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
45086
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 02:51:51 GMT
css
fonts.googleapis.com/ Frame DAC5 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jan 2024 15:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 14:28:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jan 2024 15:23:17 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DAC5 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
48538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame DAC5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
58980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 23:00:17 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A672 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 14:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DAC5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 16:18:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
83092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 14 Jan 2024 16:18:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DAC5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
48538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 01:54:19 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DAC5 		202 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
1487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62114
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 Jan 2024 15:58:30 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame DAC5 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 31 Mar 2024 13:56:43 GMT
truncated
/ Frame 03BE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c28d80d5088bdd28371bea3fee303fc3465e73e81b46fc309d223de10bbb0be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 8A4F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cc7H75NiSZey8O4jQn88P856yoAWYyOWSdJeVm_D-EdrZHhABILTKuyNglYKAgLQHoAGW467PA8gBAakCQWlI9RqFsj6oAwHIA8sEqgTZAU_Q-qcWljj7NEIwKJYg_NXUmQgIWPP-QdNGHcX...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213570333201245467161%22,%22debug_reporting%22:true,%22destination%22:%22https://hornetsecurity.com%22,%22event_report_wind...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213570333201245467161%22,%22debug_reporting%22:true,%22destination%22:%22https://hornetsecurity.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22971747734%22],%2222%22:[%22true%22],%224%22:[%2201-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2262685857863619553%22}&andc=true
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:18 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"13570333201245467161","debug_reporting":true,"destination":"https://hornetsecurity.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["971747734"],"22":["true"],"4":["01-01"],"6":["true"]},"priority":"500","source_event_id":"62685857863619553"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 2024 15:23:18 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 01 Jan 2024 15:23:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13570333201245467161","debug_reporting":true,"destination":"https://hornetsecurity.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["971747734"],"22":["true"],"4":["01-01"],"6":["true"]},"priority":"500","source_event_id":"62685857863619553"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame BE27 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9678335887055925&output=html&h=100&slotname=5082731799&adk=4286390268&adf=441738196&pi=t.ma~as.5082731799&w=970&lmt=1704122596&format=970x100&url=https%3A%2F%2Ftransfiles.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704122596665&bpp=1&bdt=214&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=4827126309637&frm=20&pv=2&ga_vid=406663441.1704122597&ga_sid=1704122597&ga_hid=1729833449&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080104%2C42532524%2C44798934%2C95320884&oid=2&pvsid=4130683587725727&tmod=547179304&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 09:01:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
541285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 09:01:52 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 03BE
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Ctz0X5NiSZe-1PJ2pn88Poe6T4Av31KLJdJeYhtePDpa6p9bnGhABILTKuyNglYKAgLQHoAGwubyGA8gBAqkCQWlI9RqFsj6oAwHIA8mEgIAEqgTeAU_QFqqU-2RhiTeY8oQyLR5zyZdFrgK...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224869536350384091786%22,%22debug_reporting%22:true,%22destination%22:%22https://albertina.at%22,%22event_report_window%22:%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224869536350384091786%22,%22debug_reporting%22:true,%22destination%22:%22https://albertina.at%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22818879664%22],%2222%22:[%22true%22],%224%22:[%2201-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223294464599396630465%22}&andc=true
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:18 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"4869536350384091786","debug_reporting":true,"destination":"https://albertina.at","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["818879664"],"22":["true"],"4":["01-01"],"6":["true"]},"priority":"500","source_event_id":"3294464599396630465"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 2024 15:23:18 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 01 Jan 2024 15:23:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4869536350384091786","debug_reporting":true,"destination":"https://albertina.at","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["818879664"],"22":["true"],"4":["01-01"],"6":["true"]},"priority":"500","source_event_id":"3294464599396630465"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9678335887055925&plah=transfiles.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44cbfaf3513341738e789a1ee5556599377aae365659c6851b0db1eacc7d619f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12184
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D487
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 15:23:17 GMT
expires
Mon, 01 Jan 2024 15:23:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 15:23:17 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame E3AC 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 09:01:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
541285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 09:01:52 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A672
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 15:23:17 GMT
expires
Mon, 01 Jan 2024 15:23:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 15:23:17 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 5959 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: transfiles.ru
URL: https://transfiles.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 09:01:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
541285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 09:01:52 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213570333201245467161%22,%22debug_reporting%22:true,%22destination%22:%22https://hornetsecurity.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22971747734%22],%2222%22:[%22true%22],%224%22:[%2201-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2262685857863619553%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 01 Jan 2024 15:23:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224869536350384091786%22,%22debug_reporting%22:true,%22destination%22:%22https://albertina.at%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22818879664%22],%2222%22:[%22true%22],%224%22:[%2201-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223294464599396630465%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 01 Jan 2024 15:23:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9678335887055925&plah=transfiles.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 Jan 2024 15:23:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 382A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://transfiles.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3743
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 14:20:55 GMT
expires
Tue, 31 Dec 2024 14:20:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7C19 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
009dea9c682c50c69038bb9a291f3a7e0f2e967f26503e436cf64c16926224a1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uftIGDkNHpIZPJYFSeF-rQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://transfiles.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uftIGDkNHpIZPJYFSeF-rQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 15:23:18 GMT
expires
Mon, 01 Jan 2024 15:23:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 382A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 10:54:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
102538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 Dec 2024 10:54:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7C19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4130683587725727&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 382A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?c5vnqQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:23:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4130683587725727&bg=!dnWldTrNAAY3kmNgF5I7ADQBe5WfOLQ8EN0G7TrVHDI_mhYrgl7i_TTIayTrI_qnMtJPKyt1qBYE_HPDCMKNnpDfvsMTAgAAADFSAAAAAmgBB5kC5XiL43qES-zkya_BY9152ztZYyQpevOBuPAsZ7wXlRfHmRl6u8pJpRfsL9040mvmfSbGiS7iAgecWDNTj0cz6H-nZn4-sW_iycyLtGbnfR19eSxLgDFKrRJ4D7Wm_FFDh6iFnrebH3qq3ItXObjlGWTURpYHj-JMm_3HSao-oLJ6XIxHY4Wg10vm1P8fGo1KFEy1oynEjBvOlEz-9zbb-Pzkhpk__lXLXnZQ396mQje80HqPjsKqCE5e_d7PbLVoExiRFVkZCCjYQG1IsVIJXm0xJtQlq9-Cauni1lxe54B7xQxb1ihBwwiWftj0g8v2MFdXpJ6sCOl0v_JJs99hmSEd6G5_iBSYjjiQ2clM_zXGkB-KCL4ugp7yflNG8WtsKZZZIpdmDM0Y7vsSYjcQuFhSxQMcwHIU4BYYv0EyJuyQNw05vNNDqcCbFZowsiUcJLz-2E0Biow2bpidsOt477xv84Zm_kGAjviCnSXKXr8VkESWNPMDzN47XX9ik1McIYyAFjzqk5Yfw0OPbWlY2T8D4vk-8BTdTcFyMr74A30XIyrq7eBUIi3b1ny0T9e86qRTbIDGLBtTFLSnCL8cCvX_WxZK3R3i4RacJZXrFDb9MAHJ4HAwyOV1Nyy-ui_l2nlOs2lgKqCmQBsMNDfkEoP-RuGq0p2ZSeMbTKiG_ch6eY1Ab8Puf6_m3SrCnnyjdcMmR8lWwqXsKdYIFelbdjpHxYwI_ZsoKqlxFCu5Iqsimrt681-cbU9txmbnXp6-CzYZz9X25zp34o2s8kb0dZePG2BqrDoWktBLn1FlFnKN3jpoV-rS7RuVQ9Ah9nVOvaHVIPZnBofsFZ1EfGkSsv6gUyeeeBI6rM7Eoj0kRdIrLF9FXjJfQ7Hg9NAy0hrpDhiXvDlNx6xxOELGDZZogW1wSxnSzGwZTmUvLmKXNoIRldZMHtvO4Sgwtb_i6RUZZi-f2pP0UXBPJDn37wNK0KL5vpjk-Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://transfiles.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 8A4F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfI0vK4RwwXKdrD64xghBNgdlglTVSm6-WJa3Zz8fWi6Y4kVC__QIVJjAsTcgPaknyBFhe4zQrKnxI6pEXDdpz_TbFiqO88UeaDkUvlP3FS4YDzMWqiBGoQNBJ923OELt0tkveM7Jh9UNkKGqz8dKbwLDJQP630TM54xqSh-o-ArNrjKzfBek&sai=AMfl-YSl65rJQQcH_0hc5GrU-gQU4286VMtXGREiVw0AHbZQ0NdbaHE2CyOYP2XPRht6ap3jQjdC0YgLML7eWVr2JSJtAnMi3TFm6rhlJrKu-VPbOtxabPjB_aOQJMh8ygwOr2GwdfWgBZzOqWu990oK&sig=Cg0ArKJSzMBGGWxT493nEAE&cid=CAQSTgAvHhf_D_SQAuq5p92d0KOKr2ihYHogvPVR5Uo9rEZK45-PuYaGIq6y0F_5DGjqDoskxGKI0Cms7hNCwTd97zrwmuLeUI7_H3m6ZJMh3RgB&id=lidar2&mcvt=1000&p=0,0,100,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4286390268&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704122596871&rpt=983&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 15:23:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 03BE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvo3akZmSTUvV5wHSqeHofRITTu1EiOsdrqAC0u7N2RZU9mz3RHDSj22zklwfGjUuq4TTvbRXvU88fNG7oldMXYVo-qgBdu0vjNORriQbNE6bfr8ztYIaknoCPW2uKxCbpTX98751cPYScxwfskS9pAUyuUQ0xHD_RY66sfEoFwrgZsF7q17pz7bad8wMp5kuYTwHgsKqrcT48N6H-dDFNkKtAqreY8ITq1xaZCc6ErzyDH398528XJosNWIST13oX6XtF4RQmqygPSdeCvYQYYPE4PcEj0MU2SC0MEJaq8qhwmS0IByq-wgKYPmaGkautVP8btFYZmWZXl3L1CtzT22nrzkpeTVJend8XJz9TuE-eRiZ0XhQJT3rMI-7Du0EqfkHy6G4VQri4PuV_s48t-MflhCioKc1SIsmBKcfbY3gliXYCWDJB8W1-fOp2n_Zx19e9ZodsomyKt5gBAMQPD4q4oNkScRReNSM50MFJ1czAHBlQK2zGfWbAa_ygwt1e3v9XRw1E5tocP113CZZPZM9AsJbANYZ1Jqf0ZNAdgH7MqfKRU2SX8JVZsXXSXGHg-lqwM0Yys0Zx0kY6FdfWrYtozDGwSEA7b8mqamSinY7fb7A7s53zU6T5ksWJHn97b9UAZgv1xW7TRYTN0P5bFmUsMotkboNujZeJxDdBuUSonwwNI1GF4mnroCewbtheffZFZsySRlCYo1AjWOi6QEE4iH4XTPVfDFbeotB1rC9i_0ATSpxL_3_IQA8_sbVI8HnKso0kYdqpqo8448PH0xBc9u6zrWSCjbIkWLfU0aFEFPheMIxU1pTwrTeQmMvQ9fAB6VYjUEExGq_d4IHlWFVb08WkD1nSIdOcGhrpMYB5XJSJIyAht4JyF6-kkOj_AwwkfbYylkmVDmi3ZJc8o1ka-1vTVtZ4h1jIf5-P7r2zmQfMdYK-blq585eAfu7Hblb_xZPTydsypxBcKAUBxhPDJ_Dgs_TB2qE5DCgiHGki7dqHjNzuqmMn-ZCnbBaWPB2BLqeAZgW4gZtaG9BaBbjCFgvY_aIMR7ohuTd-4rSbnr4AOEpwLyEA_OCtEU5c89Av12hVGoYwTrj53pHB3Md7wls5DcplLWlZdiTZcAi3_dv2suygVpgralckD5PpXhE1BybIvTnck0iryDk-bdNSDjC-UNlt5EHMOQw&sai=AMfl-YTkiyaGZ2fYR461Ewe7YwRf3PdBaXXZI4FprLiwBlZSXpe8xJblvWLmk8HNF3Q5bBdZL4zqP2gA37_Rml9xQofozNhyBBFfq3o75RMqb-GQTiW5gcKZTd1m2QVGSeNA60qzYtSSCFQNr_HV_KsdNj6W7KFrNJpEnRcQVw&sig=Cg0ArKJSzALzwz6Sr38LEAE&cid=CAQSTgAvHhf_Au5nLr5Rhtme-_s1fYSprOBUVgDQ7Rqf0LoXmR5QAQyB0h8c9enX9eXoBDkAKRi12GSG42CJ9t7eCWL0W0DF5N3SM_YzuL243hgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,767,1000,1028,1226&tos=83,684,233,28,198&v=20231207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704122597681&rpt=147&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 15:23:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
33590114
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/33590114?wv-part=1&wv-type=7&wmode=0&wv-hit=769584574&page-url=https%3A%2F%2Ftransfiles.ru%2F&rn=12224107&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1704122600%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20240101162319%3Au%3A1704122597321169065%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Ast%3A1704122600&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://transfiles.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 15:23:19 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 01-Jan-2024 15:23:19 GMT
content-type
image/gif
access-control-allow-origin
https://transfiles.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 01-Jan-2024 15:23:19 GMT
33590114
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/33590114?wv-part=1&wv-type=7&wmode=0&wv-hit=769584574&page-url=https%3A%2F%2Ftransfiles.ru%2F&rn=32017988&browser-info=we%3A1%3Aet%3A1704122600%3Aw%3A1600x1200%3Av%3A1201%3Az%3A60%3Ai%3A20240101162319%3Au%3A1704122597321169065%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Ast%3A1704122600&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://transfiles.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 15:23:19 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 01-Jan-2024 15:23:19 GMT
content-type
image/gif
access-control-allow-origin
https://transfiles.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 01-Jan-2024 15:23:19 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture function| $ function| jQuery string| LANG string| password string| error_try_again string| reload_page string| err_msg string| err_msg_tecworks string| error_msg string| g_ref number| is_iframe string| plink string| g_schema string| host_1 string| nt_msg_upload string| nt_msg_link string| nt_msg_pass number| to_notify function| ym string| GoogleAnalyticsObject function| ga string| DIP string| uploaded_msg string| share_title string| err_msg_virus string| err_msg_empty_email string| err_msg_empty_comment string| err_msg_name string| err_msg_email string| files_uploading string| you_have_files string| link_to_dl string| copy_link_pass string| copy_link string| create_pass string| delete_pass string| link_sended_to string| error_on_sending string| conf_delete_all string| rm_link string| up_rm_error object| adsbygoogle function| sendAjax function| parseSize function| getShortStr function| changeLanguage function| validateName function| validateEmail function| verifyPass function| verifyCaptcha function| reloadCaptcha function| sendUpEmail function| sendComplaint function| addQrcode function| changeDisplayVersion function| updateShareService function| setCookieUsing function| sendNotification object| moxie object| mOxie object| o object| plupload boolean| mCustomScrollbar object| jQuery183012161000652147758 object| ZeroClipboard object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| googletag object| Ya object| yaCounter33590114 function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| google_llp object| GoogleGcLKhOms

28 Cookies

Domain/Path Name / Value
transfiles.ru/ Name: PHPSESSID
Value: 95uk3u3ukm5a1qsc2ogufmoe2k
.transfiles.ru/ Name: _ga
Value: GA1.2.406663441.1704122597
.transfiles.ru/ Name: _gid
Value: GA1.2.200220759.1704122597
.transfiles.ru/ Name: _gat
Value: 1
.transfiles.ru/ Name: _ga_FG4BQLH20C
Value: GS1.2.1704122596.1.0.1704122596.0.0.0
.transfiles.ru/ Name: _ym_uid
Value: 1704122597321169065
.transfiles.ru/ Name: _ym_d
Value: 1704122597
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2432073144fake
.yandex.com/ Name: i
Value: R+qSczbcKik0pFOFTOFHAzBveG6pCPknoMMZDTuxsple69VpE4Chd/V31RkSaaseFVhCcqRCYvOn0eJ7lylP1i4kpzk=
.yandex.com/ Name: yandexuid
Value: 8131705571704122596
.transfiles.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2649762683fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 8131705571704122596
.yandex.ru/ Name: yuidss
Value: 8131705571704122596
.yandex.ru/ Name: i
Value: R+qSczbcKik0pFOFTOFHAzBveG6pCPknoMMZDTuxsple69VpE4Chd/V31RkSaaseFVhCcqRCYvOn0eJ7lylP1i4kpzk=
.yandex.ru/ Name: yp
Value: 1704208997.yu.9725233321704122596
.yandex.ru/ Name: ymex
Value: 1706714597.oyu.9725233321704122596
mc.yandex.com/ Name: yabs-sid
Value: 2512870701704122597
.yandex.com/ Name: yuidss
Value: 8131705571704122596
.yandex.com/ Name: ymex
Value: 1735658597.yrts.1704122597
.yandex.com/ Name: bh
Value: KgI/MA==
.transfiles.ru/ Name: _ym_visorc
Value: w
.transfiles.ru/ Name: __gads
Value: ID=27009e62002b8634:T=1704122596:RT=1704122596:S=ALNI_Ma48m9sIlIKPNByAMKo_z_4YeC4gA
.transfiles.ru/ Name: __gpi
Value: UID=00000ceb523700a0:T=1704122596:RT=1704122596:S=ALNI_MaO_98NPcRR8wquVgt6OIr6iUAUyA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUn-e1MiQhH8lMQTBGNaruMxVlCI1xvHW7GrhAFmbOBV2gxWYdlQ96m7r3CCzPY
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
transfiles.ru
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
157.90.215.152
172.217.18.2
2001:4860:4802:32::36
2a00:1450:4001:806::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a02:6b8::1:119
009dea9c682c50c69038bb9a291f3a7e0f2e967f26503e436cf64c16926224a1
072dd12d521dc5871a870dacff4a8ac61abdb47901952659a3076dcb55179ea7
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
150b9f119f532d05a6a0eeca49d36bc7a01f8ec912bac67af2a34309ee320bf3
17adcfaaca25915c8117cf42d948cb1a5b1c50aa8c0366b01985418b799a632e
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ba0d75f0de5b0569bf17b0d9fc0ba65f6859f6f775943e7894531e097cc0412
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e44128a2911dbcc9031a191b00018005dbde321e10a7c330fa6d603b02a07ec
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
44cbfaf3513341738e789a1ee5556599377aae365659c6851b0db1eacc7d619f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f97fe3d5ef2cf021e265f59fdfd2423a4da15ea466aa44f3aa89028cf92e01d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65d1456be6662023da53e43fe6969523b439f1c1bbe4c50d83a03140e2f4df34
667d1872d646efc435c01a6af873b637545e011790236c6aec3a0cebd37b14fd
670bc999df02739e39c67ab53dd9e9d4c7be5049c14c29613fd96b2907a798a5
6d271299e902c88e3b9e30cec3b3735968c4c1c5ea6f9f219b805fc9f30e7d35
6f1565d977b8533ec77b0d646270aa11b36039129680ae21fe9f78e28ce172fa
73d3d28d5dc18dedd5748b4b506e44cafbfa836ed3a04117e6be7e72b7f2e1a5
78cd504f90d41af80a454c16027b045c44a9c3d3e74f4a414b0e269be93ea54a
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
814d102ed594a7193bc4e0a84884766557e24c587030c84a26b716fd5ae3e770
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e39bfaa518b84b595236b3e579e73138d82b8942ca3f5fa93aeea570cd16456
90f77496c9a5d6485df0f765a0793d8f050eefaa4e7296ba6e3dc156cf9bd5bc
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9a87f8ade1743dc729fd6066a644c763d997b3415cdd7d27d38b0bbb4dd4b172
9e6aa61ac13523282df8470de068bd19837c73b07b19cfaec216b135cf050d9a
a7ef210d24557ba96d64e6df08c9334e60da905c7311f23858c82185f1e7ebc7
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad9f14d562831205887a75ede03079c570f6435894b2e227c9510c11da1a3a63
b3adc420b193ed57d7944e9f41997745a4bbabf401749faa4e604790f9bc72c5
b5395c833ff802b735ee54aa7ee540bfcd4256a5d1dc83368ba255a590665b93
be2a64ee6b66368dbd5803ef1b1a74fbbf47dfcbba16b62f14abfe2e0539c5cb
bf7da95652a69fd03cdc7f824dbac0aeb59b45bc06851fc0921c25fd651968fe
c28d80d5088bdd28371bea3fee303fc3465e73e81b46fc309d223de10bbb0be2
ce5c6a664266f7bd7c91b7962ac9d5145c026724d2b811af7bb6fc24c25abadd
cfc1c423c7723a3bce3bd7ee219566f799e5015651bb2c94ac721219a2bfbee4
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d361fa53452f7eb52ddbc5c45ba350ba75f0117f2b369151f49564bba8badbb1
d5c25f51b857c3e46300f8eb7449cf91cd8237a9dd39e7e431de3ce539b65e54
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
db6d5f406963934ee967f7ea0cc5f2368cf64b1fb774dd6122d171595558032e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2fdd0046f34a3b939004b5e4c160c3b4a3211c0617ae0846b335a05fb116cb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6dc38062bfb51a2d5dd76a3726e933579f741da5acee5afba1b2681010ec02
ed23d77f6f9b412693cc70e8a3c3244919b82829198c8a07750fa3c10d6de7e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f9c1dd4271998324523173e25f1f7ad65863c378087e71d3e819af7cdd650344