urlscan.io logo urlscan.io
SecurityTrails logo

tempfile.ru Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: http://tempfile.ru/
Submission Tags: tranco_l324
Submission: On March 09 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tempfile.ru.
This is the only time tempfile.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 9 195.209.108.38 52007 (ADRIVER)
1 23.109.245.236 39134 (UNITEDNET)
1 88.218.242.219 56630 (MELBICOM-...)
2 88.218.242.3 56630 (MELBICOM-...)
1 188.42.149.156 39134 (UNITEDNET)
2 195.209.108.55 52007 (ADRIVER)
18 7
8    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
tempfile.ru
9    195.209.108.38 (Russian Federation)

ASN52007 (ADRIVER, RU)
ad.adriver.ru
1    23.109.245.236 (Moscow, Russian Federation)

ASN39134 (UNITEDNET, RU)
content.adriver.ru
1    88.218.242.219 (Moscow, Russian Federation)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
mlb2.adriver.ru
2    88.218.242.3 (Moscow, Russian Federation)

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)
content.adriver.ru
mlb1.adriver.ru
1    188.42.149.156 (Moscow, Russian Federation)

ASN39134 (UNITEDNET, RU)
servers3.adriver.ru
2    195.209.108.55 (Russian Federation)

ASN52007 (ADRIVER, RU)
ev.adriver.ru
Apex Domain
Subdomains		 Transfer
16 adriver.ru
ad.adriver.ru — Cisco Umbrella Rank: 21532
content.adriver.ru — Cisco Umbrella Rank: 34722
mlb2.adriver.ru — Cisco Umbrella Rank: 167980
mlb1.adriver.ru — Cisco Umbrella Rank: 168082
servers3.adriver.ru — Cisco Umbrella Rank: 208869
ev.adriver.ru — Cisco Umbrella Rank: 34054
55 KB
8 tempfile.ru
tempfile.ru
596 KB
18 2
Domain Requested by
9 ad.adriver.ru 6 redirects tempfile.ru
8 tempfile.ru tempfile.ru
2 ev.adriver.ru tempfile.ru
2 content.adriver.ru ad.adriver.ru
1 servers3.adriver.ru ad.adriver.ru
1 mlb1.adriver.ru ad.adriver.ru
1 mlb2.adriver.ru ad.adriver.ru
18 7

This site contains links to these domains. Also see Links.

Domain
diplomsagroups.com
rdiplomik24.com
Subject Issuer Validity Valid
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2023-03-07 -
2024-04-07		 a year crt.sh

This page contains 3 frames:

Primary Page: http://tempfile.ru/
Frame ID: 62C7022A8ABB320457B27C2A0E369158
Requests: 14 HTTP requests in this frame

Frame: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300&tuid=-5756942372
Frame ID: 6DC3ADCA94CF46A1FE62C8AD2CBDABA9
Requests: 2 HTTP requests in this frame

Frame: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&bt=49&target=blank&tail256=unknown&rnd=36607097&tuid=-4385026176
Frame ID: 0EE9645AB1AE20A18ECF63919809CFAC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Продажа дипломов: о высшем и среднем образовании.

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Page Statistics

18
Requests

33 %
HTTPS

14 %
IPv6

2
Domains

7
Subdomains

7
IPs

2
Countries

649 kB
Transfer

652 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300 HTTP 301
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300 HTTP 302
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300&tuid=-5756942372
Request Chain 7
  • http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&bt=49&target=blank&tail256=unknown&rnd=36607097 HTTP 301
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&bt=49&target=blank&tail256=unknown&rnd=36607097 HTTP 302
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&bt=49&target=blank&tail256=unknown&rnd=36607097&tuid=-4385026176
Request Chain 9
  • http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown HTTP 301
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown HTTP 302
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown&tuid=-6221355380

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tempfile.ru/ 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tempfile.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62192d94d9a846679bb40a2ae76091b83a0a7921d5b4faea9472c484c99f7c81
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
861af5a9cd6666a3-AMS
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Mar 2024 12:10:03 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E64JN%2FDSaBDodlASj%2Bh3qjclnz1ZQGiQgdqlzg7Z7L0QChj3tYZcn1JbVSnGYJ7Zli3BUt8uDsxyCHp5cr3FfZ2nAwzzPvfqZEtvwoxykmz9CB0yUpMje1jA8L0AOd0SDpUEOAO82gjI2g%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=0
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
st_main.css
tempfile.ru/ 		708 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tempfile.ru/st_main.css
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3847ab11a5852174fc5672b697cd33c4c574b080074568625ee9c97ebbe776a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 12:10:03 GMT
Strict-Transport-Security
max-age=0
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Tue, 10 Dec 2019 11:56:07 GMT
Server
cloudflare
ETag
W/"5def87d7-2c4"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWlrfcWFC3K5vgBfbhcPgHGTFvLVa3Npu6f4EgGKtNUK7PTEF5dhUMP3su3QyACd4zgMMXyx8Cu%2Ba8VRYFPzWZhmUYpJNk1ys4Df4gtRctbTdM9V0zcuSy6j3ltAYsyvt9%2Bm6mNXjAcXwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=2592000
CF-RAY
861af5aa4e2f66a3-AMS
Expires
Mon, 08 Apr 2024 06:19:06 GMT
st_client.css
tempfile.ru/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tempfile.ru/st_client.css
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c5ad5fefee1bd8480dd0aeeaf908c312341667a60e8c57d854aaed44ad7c54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 12:10:03 GMT
Strict-Transport-Security
max-age=0
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Tue, 10 Dec 2019 11:56:07 GMT
Server
cloudflare
ETag
W/"5def87d7-108f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1DydINCBobZc9yQ0u2Mf0%2BFSZVO0hSf%2FK6lfIpZL78aICULpQETnHahekt%2FgoYS8fP3rBNYEOLe7dsybo5XEr9wOgnfREDEC4kbX7caf1QVCHnB6l9Dlv2NSsdRaBqQrglcNnL5%2BSsBVw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=2592000
CF-RAY
861af5aa6d9db96f-AMS
Expires
Sat, 06 Apr 2024 15:51:45 GMT
logo.gif
tempfile.ru/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tempfile.ru/img/logo.gif
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79bb46c08644a268f91fc13e8779aad8effb862473ed3d42ae3d53c3aa159d8f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 12:10:03 GMT
Strict-Transport-Security
max-age=0
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
2661
Last-Modified
Tue, 10 Dec 2019 11:56:07 GMT
Server
cloudflare
ETag
"5def87d7-a65"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50XzngkW7aayYrnqLjlVQQIlBL0fK7byKr5EQvQ%2F52y3ZDq57siKxRMoRF%2FauFH8hE1vLtLsjOQa%2FFCu1lPQzDMWGzdoPzUCLJoHNv8Kk5RBYVaqF4PbIN9x3SKOphDIBn3ExHAR9r0K9w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Cache-Control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
861af5aa696b6564-AMS
Expires
Mon, 08 Apr 2024 07:10:07 GMT
adgravity.js
tempfile.ru/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tempfile.ru/adgravity.js
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c57abca6f24f7756f0c1a43ea5e046602a578eeb8022f75c800404ecf914edf8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 12:10:03 GMT
Strict-Transport-Security
max-age=0
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Fri, 02 Feb 2024 12:04:18 GMT
Server
cloudflare
ETag
W/"65bcda42-469"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQEYXc7M5z0QZupQKar1RwnUyGWM%2FuFM0CLKm6Y1t9DlbjBIyvjN6k5SnBO5RIpg8puipoFlIGiKyYipH%2FT4GYUhsFtBzdXLqteWGWOUX%2BFx2tvKbZB6h17CceKXljQ7idgb9gVaGe6qpw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=2592000
CF-RAY
861af5aa69726565-AMS
Expires
Sat, 06 Apr 2024 20:29:28 GMT
rdiploma24.gif
tempfile.ru/ 		580 KB
581 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tempfile.ru/rdiploma24.gif
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ae9b625a284ffbf06d10793c3b84a9633085170c30249682d60d24aa057787
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 12:10:03 GMT
Strict-Transport-Security
max-age=0
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
594117
Last-Modified
Wed, 11 Dec 2019 07:18:29 GMT
Server
cloudflare
ETag
"5df09845-910c5"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GbfWwBSY3zYB%2Fy%2F%2Fl7GLiiWDHaB75Csv8Vy8245CvNKI1Cu5vm%2F0KVX5EZKWL5Iby%2BhRfqckfqMa7hrF%2BqH8Xi%2BV4LYbjvuZ3ERWg1MCQ3B7TVghDWp3SQEy3jac7vheQwQfRIU8iqbBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Cache-Control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
861af5aa6a2ab900-AMS
Expires
Sun, 31 Mar 2024 15:40:16 GMT
adlabs.js
tempfile.ru/ 		984 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tempfile.ru/adlabs.js
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159b2cc879b137342dad982cf9ba27d1fb3deae849cc003ca9189b1c0760df05
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 12:10:03 GMT
Strict-Transport-Security
max-age=0
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Fri, 02 Feb 2024 12:04:18 GMT
Server
cloudflare
ETag
W/"65bcda42-3d8"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVlJi8WYw%2FZ%2FUoyAVXvvVrLwmroaJgR8LBL7AYCcmjEcF0WqwBeVSb3wKzJLovVXHZuDbPA1KHspBNnOw2bduRo8Gk1XA44lwMksWBDiEajec%2F%2Bx9kh%2BbCMZZWQ0pUdZS5MMYYjoOcK%2FeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=2592000
CF-RAY
861af5aa68956670-AMS
Expires
Sun, 31 Mar 2024 15:40:16 GMT
erle.cgi
ad.adriver.ru/cgi-bin/ Frame 6DC3
Redirect Chain
  • http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300&tuid=-5756942372
4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300&tuid=-5756942372
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Server
195.209.108.38 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software
/
Resource Hash
dce85d720057de8933f0b0bddbc2339101c6ee6eb665103780b35fb0f665b4eb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2024 12:10:03 GMT
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type
application/x-javascript; charset=windows-1251
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
3999
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Mar 2024 12:10:03 GMT
Transfer-Encoding
chunked
P3P
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Content-Type
text/html
Location
/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300&tuid=-5756942372
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
erle.cgi
ad.adriver.ru/cgi-bin/ Frame 0EE9
Redirect Chain
  • http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&bt=49&target=blank&tail256=unknown&rnd=36607097
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&bt=49&target=blank&tail256=unknown&rnd=36607097
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&bt=49&target=blank&tail256=unknown&rnd=36607097&tuid=-4385026176
3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&bt=49&target=blank&tail256=unknown&rnd=36607097&tuid=-4385026176
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Server
195.209.108.38 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software
/
Resource Hash
456a6d6a4c47ff3d2fd2f4c885bd848cb380f128bb51a5b0d371354350e6cdb9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2024 12:10:03 GMT
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type
application/x-javascript; charset=windows-1251
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
2908
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Mar 2024 12:10:03 GMT
Transfer-Encoding
chunked
P3P
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Content-Type
text/html
Location
/cgi-bin/erle.cgi?sid=93974&bt=49&target=blank&tail256=unknown&rnd=36607097&tuid=-4385026176
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
code.js
tempfile.ru/http://top-fwz1.mail.ru/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://tempfile.ru/http://top-fwz1.mail.ru/js/code.js
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 12:10:03 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UU%2FbcQIgqh%2FlUvsbeF9F01ZKEzjCQ%2B9LIILknJ%2BQwdyLtpTcz%2BN7N9CYW6ArPi5vzD%2BA%2BPdGsmb%2FTtlCu20skNUagVWTmnW697UGnVvhmvRNe72IbC4pRX8ncLkIX9tmWIn6QTEF1g8MpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
861af5aada2b6565-AMS
alt-svc
h3=":443"; ma=86400
erle.cgi
ad.adriver.ru/cgi-bin/
Redirect Chain
  • http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown
  • https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown&tuid=-6221355380
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown&tuid=-6221355380
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Server
195.209.108.38 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software
/
Resource Hash
b1b79170f2eb50af6cd2341224b1525a591a6cf2d79f946646e9901e3901a3ec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2024 12:10:03 GMT
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type
application/x-javascript; charset=windows-1251
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Length
1674
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Mar 2024 12:10:03 GMT
Transfer-Encoding
chunked
P3P
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Content-Type
text/html
Location
/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown&tuid=-6221355380
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AV.js
content.adriver.ru/banners/0002186/0002186173/0/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://content.adriver.ru/banners/0002186/0002186173/0/AV.js
Requested by
Host: ad.adriver.ru
URL: http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300
Protocol
HTTP/1.1
Server
23.109.245.236 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
8052b32e991546411cb62c2a6e526f081c1913de925941167e8ffa531acfe5bd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sat, 09 Mar 2024 12:10:03 GMT
Last-Modified
Wed, 22 Nov 2023 13:49:47 GMT
Server
nginx
ETag
"655e06fb-7ccd"
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31949
Expires
Sat, 09 Mar 2024 13:10:03 GMT
script.js
mlb2.adriver.ru/images/0000211/0000211117/0/ Frame 6DC3 		146 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mlb2.adriver.ru/images/0000211/0000211117/0/script.js?190767300
Requested by
Host: ad.adriver.ru
URL: http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.218.242.219 Moscow, Russian Federation, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
749867d0a776f315cef5a0a4537171755fd24e9b8c20bcd0607fe451585eeea8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 12:10:17 GMT
last-modified
Mon, 24 Dec 2007 01:27:55 GMT
server
nginx
etag
"476f0b1b-92"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
146
expires
Sat, 09 Mar 2024 13:10:17 GMT
ad-marking.js
content.adriver.ru/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.adriver.ru/ad-marking.js
Requested by
Host: ad.adriver.ru
URL: http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=blank&bt=43&tail256=unknown&rnd=190767300
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.218.242.3 Moscow, Russian Federation, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
c3c877236c77bf83316683a3c3e8906649b14f39233c9794c92f08f52e1b523f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 12:10:03 GMT
last-modified
Tue, 27 Feb 2024 09:56:30 GMT
server
nginx
etag
"65ddb1ce-21ae"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
8622
expires
Sat, 09 Mar 2024 13:10:03 GMT
script.js
mlb1.adriver.ru/images/0000545/0000545568/0/ Frame 0EE9 		188 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mlb1.adriver.ru/images/0000545/0000545568/0/script.js?36607097
Requested by
Host: ad.adriver.ru
URL: http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&bt=49&target=blank&tail256=unknown&rnd=36607097
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.218.242.3 Moscow, Russian Federation, ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT),
Reverse DNS
Software
nginx /
Resource Hash
8333ae0de44d790bbe56acb0fea58717d7c1073b2cb8057113478843542a37c2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sat, 09 Mar 2024 12:10:03 GMT
last-modified
Thu, 22 Jan 2009 12:43:43 GMT
server
nginx
etag
"497869ff-bc"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
188
expires
Sat, 09 Mar 2024 13:10:03 GMT
script.js
servers3.adriver.ru/images/0000001/0000001275/0/ 		3 B
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servers3.adriver.ru/images/0000001/0000001275/0/script.js?147206796
Requested by
Host: ad.adriver.ru
URL: http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.149.156 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
e27c93df6af8f3bfa3b3147f75892de4c7223da9b97f8cd1f966863609fd667c

Request headers

Referer
http://tempfile.ru/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 09 Mar 2024 12:10:03 GMT
last-modified
Mon, 26 May 2003 12:24:18 GMT
server
nginx
etag
"3ed20772-3"
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
3
expires
Sat, 09 Mar 2024 13:10:03 GMT
event.cgi
ev.adriver.ru/cgi-bin/ 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ev.adriver.ru/cgi-bin/event.cgi?xpid=DsjXofwffs7LfCVHdjabnOSzbDl9BodmNf5MxyfPVQ49i4BhodVBVTa4RHk9vGWH-fYh3cWT5QMBceQ&bid=211117&type=0&custom=113=0;161=0;162=0;168=1;176=0;177=1;213=0;214=2;216=1600;217=1200;218=false;163=http%3A%2F%2Ftempfile.ru%2F;165=0;226=1
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.55 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2024 12:10:04 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type
image/gif
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
event.cgi
ev.adriver.ru/cgi-bin/ 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ev.adriver.ru/cgi-bin/event.cgi?xpid=Dej5PFIn638It-yQOpoFppwpkMvzXK0QFARvruZjuyjjYDaiGqe-1cija1IZ0FQjXhtBzm1QnHJJ8g7osdw&bid=545568&type=0&custom=113=0;161=0;162=0;168=1;176=0;177=1;213=0;214=2;216=1600;217=1200;218=false;163=http%3A%2F%2Ftempfile.ru%2F;165=0;226=1
Requested by
Host: tempfile.ru
URL: http://tempfile.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.55 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://tempfile.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2024 12:10:03 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type
image/gif
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| ar_cn string| ar_Tail string| ar_link function| ar_getDoc function| ar_putContainer function| ar_putDiv object| _tmr number| RndNum4NoCash function| AdriverViewability object| adriverviewability function| httplize string| ar_q undefined| ar_e string| CgiHref number| ar_bt number| ar_siteid string| Mirror number| bid number| sliceid number| ar_adid number| ar_pz string| ar_sz number| ar_nid string| ar_pass number| ar_bn number| ar_geozoneid string| Path string| Comp0 number| Width number| Height string| date number| Uid string| Target string| Alt string| CompPath number| ar_ntype number| ar_tns string| ar_rhost number| ar_exposure_price string| ar_xpid string| ar_script object| AdR

1 Cookies

Domain/Path Name / Value
.adriver.ru/ Name: cid
Value: AKWBhOSj5GYQzRIYNOGwn2A

22 Console Messages

Source Level URL
Text
javascript warning URL: http://tempfile.ru/(Line 185)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://tempfile.ru/(Line 185)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://tempfile.ru/http://top-fwz1.mail.ru/js/code.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown(Line 38)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://servers3.adriver.ru/images/0000001/0000001275/0/script.js?147206796, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://ad.adriver.ru/cgi-bin/erle.cgi?sid=93974&target=top&bt=16&rnd=147206796&tail256=unknown(Line 38)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://servers3.adriver.ru/images/0000001/0000001275/0/script.js?147206796, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://tempfile.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0