urlscan.io logo urlscan.io
SecurityTrails logo

rg.ru Open in urlscan Pro
194.190.37.226  Public Scan

Go To Rescan Add Verdict Report
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Submission: On November 26 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 143 IPs in 13 countries across 109 domains to perform 818 HTTP transactions. The main IP is 194.190.37.226, located in Russian Federation and belongs to TELESTAR, RU. The main domain is rg.ru.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 2nd 2021. Valid for: a year.
This is the only time rg.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 194.190.37.226 64409 (TELESTAR)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
15 78.41.109.15 34879 (CCT-AS NG...)
2 13 2a02:6b8:20::215 208722 (YNDX)
5 2a02:6b8:a::a 208722 (YNDX)
1 5.9.141.118 24940 (HETZNER-AS)
2 28 95.163.37.253 47764 (MAILRU-AS...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 53 77.88.21.179 13238 (YANDEX)
13 2a00:1450:400... 15169 (GOOGLE)
3 194.190.23.28 64409 (TELESTAR)
1 10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 16 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a02:6b8::16b 208722 (YNDX)
1 2a02:6b8::211 208722 (YNDX)
3 24 96.46.186.57 7979 (SERVERS-COM)
1 13.225.78.32 16509 (AMAZON-02)
8 104.19.217.61 13335 (CLOUDFLAR...)
3 185.162.95.86 41722 (MIRAN-AS ...)
1 6 217.69.133.145 47764 (MAILRU-AS...)
1 18 2a02:6b8::1:119 208722 (YNDX)
3 6 88.212.201.210 39134 (UNITEDNET)
1 3 2001:6d0:4001... 52016 (TNSMSK-)
33 2a02:6b8::90 208722 (YNDX)
10 2a02:2638::3 44788 (ASN-CRITE...)
23 2a00:1148:db0... 47764 (MAILRU-AS...)
11 195.209.111.22 52007 (ADRIVER-AS)
11 185.184.8.65 204995 (RTB-HOUSE...)
12 37.18.16.6 205675 (HYBRID-AS)
6 148.251.9.22 24940 (HETZNER-AS)
2 3 168.119.8.212 24940 (HETZNER-AS)
2 88.212.234.52 7979 (SERVERS-COM)
3 82.202.225.227 49505 (SELECTEL)
1 146.185.195.92 50340 (SELECTEL-MSK)
6 2a02:6b8::184 208722 (YNDX)
12 2a03:90c0:41:... 199524 (GCORE)
6 17 46.46.165.171 29470 (RETNNET-AS)
6 6 2a02:24b0:300... 29470 (RETNNET-AS)
34 178.250.2.131 44788 (ASN-CRITE...)
1 151.236.71.82 204720 (CDNETWORKS)
6 6 18.193.195.133 16509 (AMAZON-02)
2 2 18.192.161.141 16509 (AMAZON-02)
3 3 193.232.148.140 48061 (UMA-TECH-AS)
2 2 72.251.249.13 29791 (VOXEL-DOT...)
7 9 31.172.81.172 44066 (DE-FIRSTC...)
1 1 138.201.139.144 24940 (HETZNER-AS)
3 2a02:6b8::36 208722 (YNDX)
2 23.111.211.20 7979 (SERVERS-COM)
1 2a02:6b8::2:158 208722 (YNDX)
9 2a00:1450:400... 15169 (GOOGLE)
6 92.38.138.107 199524 (GCORE)
2 2 35.210.53.219 15169 (GOOGLE)
1 82.202.225.240 50340 (SELECTEL-MSK)
6 93.184.221.133 15133 (EDGECAST)
1 88.212.252.73 7979 (SERVERS-COM)
1 138.201.55.243 24940 (HETZNER-AS)
1 138.201.55.248 24940 (HETZNER-AS)
1 88.212.234.124 7979 (SERVERS-COM)
1 88.99.129.244 24940 (HETZNER-AS)
1 88.99.129.243 24940 (HETZNER-AS)
1 2a02:6b8::5:114 208722 (YNDX)
3 5 195.209.108.37 52007 (ADRIVER-AS)
1 3 37.9.245.57 16345 (BEE-AS Ru...)
5 5 35.190.16.14 15169 (GOOGLE)
5 6 88.99.213.228 24940 (HETZNER-AS)
2 195.201.152.107 24940 (HETZNER-AS)
1 1 91.220.120.21 202173 (MAXIMATEL...)
7 9 89.108.119.28 197695 (AS-REG)
15 142.250.185.130 15169 (GOOGLE)
5 23.111.115.172 7979 (SERVERS-COM)
5 23.111.115.244 7979 (SERVERS-COM)
10 95.163.37.254 47764 (MAILRU-AS...)
3 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 35.244.223.69 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.180.43.83 50340 (SELECTEL-MSK)
15 23 216.58.212.162 15169 (GOOGLE)
1 31.172.81.159 44066 (DE-FIRSTC...)
2 185.137.232.40 50340 (SELECTEL-MSK)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
48 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 34.117.231.160 15169 (GOOGLE)
2 22 2a00:1450:400... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
1 1 195.54.48.25 12516 (WEBORAMA ...)
2 35.201.81.244 15169 (GOOGLE)
1 35.244.174.68 15169 (GOOGLE)
1 2 35.201.80.102 15169 (GOOGLE)
1 2 35.227.248.159 15169 (GOOGLE)
1 2 54.239.38.253 16509 (AMAZON-02)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
5 18 37.18.16.17 205675 (HYBRID-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 23.111.119.12 7979 (SERVERS-COM)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
29 2a00:1450:400... 15169 (GOOGLE)
1 80.64.106.152 20764 (RASCOM-AS...)
1 23.111.115.236 7979 (SERVERS-COM)
3 4 188.34.131.134 24940 (HETZNER-AS)
4 176.99.5.169 49352 (LOGOL-AS)
1 4 185.15.175.130 43226 (SAFEDATA ...)
1 37.157.2.237 198622 (ADFORM)
1 2 185.94.180.125 35220 (SPOTX-AMS)
10 104.19.216.61 13335 (CLOUDFLAR...)
2 92.223.106.16 199524 (GCORE)
1 92.38.138.27 199524 (GCORE)
1 92.223.103.202 199524 (GCORE)
1 92.223.103.7 199524 (GCORE)
9 15 2.18.234.21 16625 (AKAMAI-AS)
8 11 37.252.173.27 29990 (ASN-APPNEX)
1 37.18.16.22 205675 (HYBRID-AS)
7 142.250.184.194 15169 (GOOGLE)
1 69.173.144.165 26667 (RUBICONPR...)
2 3 142.250.186.98 15169 (GOOGLE)
2 95.181.171.233 50214 (QWARTA)
1 104.19.136.78 13335 (CLOUDFLAR...)
3 92.223.103.54 199524 (GCORE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 65.108.1.47 24940 (HETZNER-AS)
1 1 185.180.223.67 49981 (WORLDSTREAM)
1 1 185.180.220.208 49981 (WORLDSTREAM)
1 1 185.180.223.221 49981 (WORLDSTREAM)
2 2 190.2.153.150 49981 (WORLDSTREAM)
1 1 212.8.250.228 49981 (WORLDSTREAM)
1 185.165.240.175 49981 (WORLDSTREAM)
6 2a00:1450:400... 15169 (GOOGLE)
2 92.223.103.218 199524 (GCORE)
1 51.75.86.98 16276 (OVH)
2 11 46.4.114.109 24940 (HETZNER-AS)
1 2 116.202.82.143 24940 (HETZNER-AS)
1 82.145.213.8 39832 (NO-OPERA)
1 74.125.140.155 15169 (GOOGLE)
4 195.201.243.72 24940 (HETZNER-AS)
2 81.222.128.214 20597 (ELTEL-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 194.190.117.93 204600 (REPUBLER-AS)
1 37.18.103.21 205675 (HYBRID-AS)
2 185.15.175.146 43226 (SAFEDATA ...)
1 1 109.248.237.36 201009 (SUPPORTIT-AS)
1 95.211.66.35 60781 (LEASEWEB-...)
1 1 193.106.92.202 48614 (ITSOFT-AS)
1 1 80.64.106.148 20764 (RASCOM-AS...)
1 1 5.200.44.35 48096 (ITGRAD)
1 2 89.108.97.2 197695 (AS-REG)
4 4 217.66.147.170 29209 (SPBMTS-AS...)
2 2 213.87.44.187 13174 (MTSNET Mo...)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 217.65.2.150 3175 (CITYTELEC...)
1 93.95.102.105 48347 (MTW-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 188.42.29.80 7979 (SERVERS-COM)
2 18.196.18.238 16509 (AMAZON-02)
4 142.250.186.34 15169 (GOOGLE)
2 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
9 2.18.235.40 16625 (AKAMAI-AS)
1 52.31.222.185 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 69.173.144.139 26667 (RUBICONPR...)
2 2 213.19.147.44 26120 (RHYTHMONE)
818 143
2    194.190.37.226 (Russian Federation)

ASN64409 (TELESTAR, RU)
PTR: sport.rg.ru
rg.ru
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
10    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
15    78.41.109.15 (Russian Federation)

ASN34879 (CCT-AS NGENIX, RU)
cdnimg.rg.ru
13    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
5    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
1    5.9.141.118 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz-s-fr60.rutarget.ru
cdn.rutarget.ru
28    95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io
relap.io
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
53    77.88.21.179 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net
ads.adfox.ru
13    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    194.190.23.28 (Russian Federation)

ASN64409 (TELESTAR, RU)
PTR: front.rg.ru
front.rg.ru
10    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
gcdn.2mdn.net
3    2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
16    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
3    2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
matchid.adfox.yandex.ru
1    2a02:6b8::211 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
zen.yandex.ru
24    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    13.225.78.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-32.fra2.r.cloudfront.net
widgets.sprinklecontent.com
8    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.lentainform.com
c.lentainform.com
cdn.lentainform.com
servicer.lentainform.com
cm.lentainform.com
autocounter.lentainform.com
3    185.162.95.86 (Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ads5-1.smir11.imcmdb.net
smi2.ru
6    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
18    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
6    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
3    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
33    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
10    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
23    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
rs.mail.ru
11    195.209.111.22 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
pb.adriver.ru
11    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
adfox-c2s-ams.creativecdn.com
12    37.18.16.6 (Netherlands)

ASN205675 (HYBRID-AS, RU)
hbe199.hybrid.ai
6    148.251.9.22 (Ballenstedt, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.9.251.148.clients.your-server.de
yhb.p.otm-r.com
3    168.119.8.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.8.119.168.clients.your-server.de
exchange.buzzoola.com
2    88.212.234.52 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-1.sser3.imcmdb.net
static.smi2.net
3    82.202.225.227 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.ssel21.imcmdb.net
stat.media
1    146.185.195.92 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: target2-1.ssel25.imcmdb.net
target.smi2.ru
6    2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
avatars.mds.yandex.net
12    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn01.nativeroll.tv
cdn01.seedr.com
cdn02.nativeroll.tv
17    46.46.165.171 (Moscow, Russian Federation)

ASN29470 (RETNNET-AS, RU)
mediatoday.ru
instreamvideo.ru
6    2a02:24b0:300:2::1 (Russian Federation)

ASN29470 (RETNNET-AS, RU)
idntfy.ru
34    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    151.236.71.82 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
6    18.193.195.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-195-133.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.192.161.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-161-141.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
3    193.232.148.140 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.sender.ltmse.com
px.adhigh.net
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
9    31.172.81.172 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
sync3.adsniper.ru
1    138.201.139.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de
cm.p.altergeo.ru
3    2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
favicon.yandex.net
2    23.111.211.20 (Russian Federation)

ASN7979 (SERVERS-COM, US)
viadata.store
1    2a02:6b8::2:158 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
banners.adfox.ru
9    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    92.38.138.107 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f48.moevideo.net
moevideo.biz
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    82.202.225.240 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net
smi2.net
6    93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST, US)
cstatic.weborama.fr
1    88.212.252.73 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-1.sser5.imcmdb.net
static1.smi2.net
1    138.201.55.243 (Fellbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-1.sfa65.imcmdb.net
static8.smi2.net
1    138.201.55.248 (Fellbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-2.sfa65.imcmdb.net
static5.smi2.net
1    88.212.234.124 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-1.sser4.imcmdb.net
static2.smi2.net
1    88.99.129.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-4.sfa65.imcmdb.net
static3.smi2.net
1    88.99.129.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-4.sfa66.imcmdb.net
static6.smi2.net
1    2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
ysa-static.passport.yandex.ru
5    195.209.108.37 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
3    37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)
vomqvllrvahc3ei-mdt.ops.beeline.ru
vota5ik8v8t2dmu-mdt.ops.beeline.ru
0100007f427aa0619f04021f02b06930-sp.ops.beeline.ru
5    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
6    88.99.213.228 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-213-228.clients.your-server.de
sync.1dmp.io
2    195.201.152.107 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.107.152.201.195.clients.your-server.de
sync.dmp.otm-r.com
1    91.220.120.21 (Russian Federation)

ASN202173 (MAXIMATELECOM, RU)
tms.dmp.wi-fi.ru
9    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
15    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
5    23.111.115.172 (Russian Federation)

ASN7979 (SERVERS-COM, US)
cdn.viadata.store
5    23.111.115.244 (Russian Federation)

ASN7979 (SERVERS-COM, US)
logs.viadata.store
10    95.163.37.254 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: cdn.relap.io
cdn.relap.io
3    2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
st.hbrd.io
2    35.244.223.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.223.244.35.bc.googleusercontent.com
wf.frontend.weborama.fr
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    185.180.43.83 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host83.seedr.ru
statsb.nativeroll.tv
23    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
1    31.172.81.159 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
2    185.137.232.40 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host40.seedr.ru
statsa.nativeroll.tv
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
8    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
48    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
542c324d60275ff1d95c45e141b7fb7a.safeframe.googlesyndication.com
09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
1    34.117.231.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.231.117.34.bc.googleusercontent.com
ds.frontend.weborama.fr
22    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
googleads.g.doubleclick.net
31    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    195.54.48.25 (France)

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: aub-collect-lb-c03-01-vip.weborama.fr
wam-google.solution.weborama.fr
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    35.201.80.102 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 102.80.201.35.bc.googleusercontent.com
dx.frontend.weborama.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
fp.hybrid.ai
18    37.18.16.17 (Netherlands)

ASN205675 (HYBRID-AS, RU)
ssp.hbrd.io
ssp.hybrid.ai
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    23.111.119.12 (Russian Federation)

ASN7979 (SERVERS-COM, US)
pl.viadata.store
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
29    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    80.64.106.152 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr7.rutarget.ru
clientside-video-bidder.rutarget.ru
1    23.111.115.236 (Russian Federation)

ASN7979 (SERVERS-COM, US)
rtb-msk-2.viadata.store
4    188.34.131.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de
adx.com.ru
4    176.99.5.169 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d41257.acod.regrucolo.ru
vtg1.rktch.com
4    185.15.175.130 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
1    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
10    104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.lentainform.com
2    92.223.106.16 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f40.moevideo.net
playreplay.me
thesame.tv
1    92.38.138.27 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f15.moevideo.net
cs-0.moevideo.biz
1    92.223.103.202 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f33.moevideo.net
playreplay.net
1    92.223.103.7 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f23.moevideo.net
eda.video
15    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
11    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
7    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googleadservices.com
2    95.181.171.233 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv233.qwarta.ru
cdn-rtb.sape.ru
1    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
3    92.223.103.54 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f51.moevideo.net
moe.video
1    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    65.108.1.47 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.1.108.65.clients.your-server.de
ssp.bidvol.com
1    185.180.223.67 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-67.hosted-by-worldstream.net
ad.mox.tv
1    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.mediawayss.com
1    185.180.223.221 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-221.hosted-by-worldstream.net
ad.outstream.today
2    190.2.153.150 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
ad.adopx.net
ad.invamia.com
1    212.8.250.228 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-228.hosted-by-worldstream.net
ad.vidverto.io
1    185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net
ad.vidver.to
6    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    92.223.103.218 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f57.moevideo.net
am-0.moevideo.biz
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
11    46.4.114.109 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info
www.acint.net
2    116.202.82.143 (Osterhofen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1325744.sapientru.net
ssp-rtb.sape.ru
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    74.125.140.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net
bid.g.doubleclick.net
4    195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info
acint.net
2    81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru
ssp.adriver.ru
1    2606:4700:3039::6815:c0be (United States)

ASN13335 (CLOUDFLARENET, US)
a.utraff.com
2    194.190.117.93 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb1.kavanga.ru
sync.republer.com
1    37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm-eu.hybrid.ai
2    185.15.175.146 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
tag.digitaltarget.ru
1    109.248.237.36 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)
stat.adlabs.ru
1    95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
adlmerge.com
1    193.106.92.202 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
PTR: rav4ever.ru
prodmp.ru
1    80.64.106.148 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru
sape-sync.rutarget.ru
1    5.200.44.35 (Russian Federation)

ASN48096 (ITGRAD, RU)
ads.adlook.me
2    89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru
ut.rktch.com
4    217.66.147.170 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-170-147-66-217.spbmts.ru
sm.rtb.mts.ru
2    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
1    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
2    2606:4700:10::6816:457 (United States)

ASN13335 (CLOUDFLARENET, US)
s3.advarkads.com
2    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:401f:4::7 (Ireland)

ASN15169 (GOOGLE, US)
r2---sn-aigzrn7z.c.2mdn.net
1    188.42.29.80 (Luxembourg)

ASN7979 (SERVERS-COM, US)
api.advarkads.com
2    18.196.18.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-18-238.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
4    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ade.googlesyndication.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
9    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    52.31.222.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-222-185.eu-west-1.compute.amazonaws.com
mb.moatads.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
Apex Domain
Subdomains		 Transfer
92 googlesyndication.com
pagead2.googlesyndication.com
f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
542c324d60275ff1d95c45e141b7fb7a.safeframe.googlesyndication.com
09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
503 KB
69 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pubads.g.doubleclick.net
bid.g.doubleclick.net
756 KB
61 yandex.ru
yandex.ru
matchid.adfox.yandex.ru
zen.yandex.ru
mc.yandex.ru
an.yandex.ru
ysa-static.passport.yandex.ru
576 KB
54 adfox.ru
ads.adfox.ru
banners.adfox.ru
60 KB
38 relap.io
relap.io
cdn.relap.io
380 KB
34 criteo.com
bidder.criteo.com
6 KB
31 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r2---sn-aigzrn7z.c.2mdn.net
962 KB
29 mail.ru
top-fwz1.mail.ru
ad.mail.ru
rs.mail.ru
210 KB
25 hybrid.ai
hbe199.hybrid.ai
fp.hybrid.ai
ssp.hybrid.ai
dm.hybrid.ai Failed
dm-eu.hybrid.ai
17 KB
25 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
18 KB
24 google.com
www.google.com
adservice.google.com
5 KB
20 rg.ru
rg.ru
cdnimg.rg.ru
front.rg.ru
2 MB
18 adriver.ru
pb.adriver.ru
ad.adriver.ru
ssp.adriver.ru
12 KB
18 lentainform.com
jsc.lentainform.com
c.lentainform.com
cdn.lentainform.com
servicer.lentainform.com
s-img.lentainform.com
cm.lentainform.com
autocounter.lentainform.com
189 KB
17 weborama.fr
cstatic.weborama.fr
redirect.frontend.weborama.fr
wf.frontend.weborama.fr
ds.frontend.weborama.fr
wam-google.solution.weborama.fr
idsync.frontend.weborama.fr
21 KB
17 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
977 KB
17 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
315 KB
15 acint.net
www.acint.net
acint.net
8 KB
15 casalemedia.com
dsum-sec.casalemedia.com
13 KB
14 viadata.store
viadata.store
cdn.viadata.store
logs.viadata.store
pl.viadata.store
rtb-msk-2.viadata.store
424 KB
14 google.co.uk
www.google.co.uk
adservice.google.co.uk
2 KB
13 nativeroll.tv
cdn01.nativeroll.tv
cdn02.nativeroll.tv
statsb.nativeroll.tv
statsa.nativeroll.tv
315 KB
13 yastatic.net
yastatic.net
371 KB
11 adnxs.com
ib.adnxs.com
10 KB
11 hbrd.io
st.hbrd.io
ssp.hbrd.io
24 KB
11 creativecdn.com
adfox-c2s-ams.creativecdn.com
2 KB
10 moatads.com
z.moatads.com
mb.moatads.com
px.moatads.com
130 KB
10 criteo.net
static.criteo.net
79 KB
9 aidata.io
x01.aidata.io
5 KB
9 moevideo.biz
moevideo.biz
cs-0.moevideo.biz
am-0.moevideo.biz
783 KB
9 googletagservices.com
www.googletagservices.com
277 KB
9 mediatoday.ru
mediatoday.ru
6 KB
9 yandex.net
avatars.mds.yandex.net
favicon.yandex.net
117 KB
9 smi2.net
static.smi2.net
smi2.net
static1.smi2.net
static8.smi2.net
static5.smi2.net
static2.smi2.net
static3.smi2.net
static6.smi2.net
198 KB
9 google-analytics.com
www.google-analytics.com
96 KB
8 instreamvideo.ru
instreamvideo.ru
3 KB
8 otm-r.com
yhb.p.otm-r.com
sync.dmp.otm-r.com
2 KB
7 bumlam.com
sync.bumlam.com
4 KB
6 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
4 KB
6 digitaltarget.ru
dmg.digitaltarget.ru
tag.digitaltarget.ru
21 KB
6 rktch.com
vtg1.rktch.com
ut.rktch.com
9 KB
6 bidswitch.net
x.bidswitch.net
3 KB
6 idntfy.ru
idntfy.ru
2 KB
6 yadro.ru
counter.yadro.ru
4 KB
6 1dmp.io
static.1dmp.io Failed
sync.1dmp.io
3 KB
5 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
11 KB
5 ampproject.org
cdn.ampproject.org
103 KB
4 sape.ru
cdn-rtb.sape.ru
ssp-rtb.sape.ru
19 KB
4 com.ru
adx.com.ru
2 KB
4 smi2.ru
smi2.ru
target.smi2.ru
7 KB
3 advarkads.com
s3.advarkads.com
api.advarkads.com
8 KB
3 moe.video
moe.video
20 KB
3 googleadservices.com
www.googleadservices.com
15 KB
3 beeline.ru
vomqvllrvahc3ei-mdt.ops.beeline.ru
vota5ik8v8t2dmu-mdt.ops.beeline.ru
0100007f427aa0619f04021f02b06930-sp.ops.beeline.ru
2 KB
3 adhigh.net
px.adhigh.net
1 KB
3 stat.media
stat.media
29 KB
3 buzzoola.com
exchange.buzzoola.com
1015 B
3 tns-counter.ru
www.tns-counter.ru
1 KB
3 rutarget.ru
cdn.rutarget.ru
nativeroll-sync.rutarget.ru Failed
clientside-video-bidder.rutarget.ru
sape-sync.rutarget.ru
3 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 teads.tv
sync.teads.tv
344 B
2 openx.net
us-u.openx.net
420 B
2 serving-sys.com
bs.serving-sys.com
1 KB
2 republer.com
sync.republer.com
950 B
2 bidvol.com
ssp.bidvol.com
955 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 pubmatic.com
image6.pubmatic.com
539 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com
2 KB
2 tapad.com
pixel.tapad.com
872 B
2 weborama.com
dx.frontend.weborama.com
462 B
2 admedo.com
pool.admedo.com
714 B
2 seedr.com
cdn01.seedr.com
321 B
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com
582 B
1 1rx.io
sync.1rx.io
697 B
1 adition.com
dsp.adfarm1.adition.com
586 B
1 mathtag.com
sync.mathtag.com
862 B
1 gnezdo.ru
fcgi4.gnezdo.ru
189 B
1 new-programmatic.com
match.new-programmatic.com
215 B
1 uuidksinc.net
s.uuidksinc.net
206 B
1 adlook.me
ads.adlook.me
162 B
1 prodmp.ru
prodmp.ru
279 B
1 adlmerge.com
adlmerge.com
115 B
1 adlabs.ru
stat.adlabs.ru
107 B
1 utraff.com
a.utraff.com
826 B
1 opera.com
t.adx.opera.com
410 B
1 onetag-sys.com
onetag-sys.com
814 B
1 vidver.to
ad.vidver.to
430 B
1 vidverto.io
ad.vidverto.io
495 B
1 invamia.com
ad.invamia.com
510 B
1 adopx.net
ad.adopx.net
526 B
1 outstream.today
ad.outstream.today
539 B
1 mediawayss.com
ad.mediawayss.com
561 B
1 mox.tv
ad.mox.tv
490 B
1 createjs.com
code.createjs.com
63 KB
1 mgid.com
cm.mgid.com
686 B
1 eda.video
eda.video
332 B
1 playreplay.net
playreplay.net
332 B
1 thesame.tv
thesame.tv
332 B
1 playreplay.me
playreplay.me
332 B
1 adform.net
cm.adform.net
106 B
1 rlcdn.com
idsync.rlcdn.com
417 B
1 sniperlog.ru
sync3.sniperlog.ru
516 B
1 wi-fi.ru
tms.dmp.wi-fi.ru
695 B
1 altergeo.ru
cm.p.altergeo.ru
523 B
1 sprinklecontent.com
widgets.sprinklecontent.com
20 KB
1 cloudflare.com
cdnjs.cloudflare.com
2 KB
818 109
Domain Requested by
53 ads.adfox.ru 3 redirects rg.ru
yastatic.net
48 pagead2.googlesyndication.com securepubads.g.doubleclick.net
rg.ru
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
srcdoc
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
34 bidder.criteo.com static.criteo.net
33 an.yandex.ru yastatic.net
rg.ru
yandex.ru
www.acint.net
31 tpc.googlesyndication.com securepubads.g.doubleclick.net
rg.ru
tpc.googlesyndication.com
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com
imasdk.googleapis.com
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
29 s0.2mdn.net rg.ru
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
s0.2mdn.net
09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
imasdk.googleapis.com
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
28 relap.io 2 redirects rg.ru
relap.io
www.acint.net
24 ads.betweendigital.com 3 redirects rg.ru
yastatic.net
yandex.ru
www.acint.net
23 cm.g.doubleclick.net 15 redirects googleads.g.doubleclick.net
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
22 ad.mail.ru yastatic.net
relap.io
yandex.ru
rg.ru
moevideo.biz
ad.mail.ru
www.acint.net
20 googleads.g.doubleclick.net 2 redirects rg.ru
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
www.googleadservices.com
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
18 mc.yandex.ru 1 redirects cdnimg.rg.ru
rg.ru
mc.yandex.ru
yastatic.net
16 www.google.com 2 redirects rg.ru
tpc.googlesyndication.com
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
15 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
15 cdnimg.rg.ru rg.ru
cdnimg.rg.ru
13 fonts.gstatic.com fonts.googleapis.com
rg.ru
13 yastatic.net 2 redirects yastatic.net
yandex.ru
rg.ru
12 hbe199.hybrid.ai yastatic.net
yandex.ru
11 www.acint.net 2 redirects cdn-rtb.sape.ru
rg.ru
www.acint.net
11 ib.adnxs.com 8 redirects googleads.g.doubleclick.net
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
rg.ru
11 adfox-c2s-ams.creativecdn.com yastatic.net
yandex.ru
11 pb.adriver.ru yastatic.net
yandex.ru
10 s-img.lentainform.com rg.ru
10 ssp.hybrid.ai rg.ru
st.hbrd.io
10 cdn.relap.io rg.ru
relap.io
10 static.criteo.net yastatic.net
rg.ru
yandex.ru
static.criteo.net
10 fonts.googleapis.com rg.ru
relap.io
cdn01.nativeroll.tv
securepubads.g.doubleclick.net
9 x01.aidata.io 7 redirects www.acint.net
9 www.googletagservices.com yastatic.net
rg.ru
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
9 mediatoday.ru 2 redirects rg.ru
9 www.google.co.uk rg.ru
9 www.google-analytics.com rg.ru
cdnimg.rg.ru
www.google-analytics.com
cdn01.nativeroll.tv
moevideo.biz
8 ssp.hbrd.io 5 redirects
8 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
8 instreamvideo.ru 4 redirects rg.ru
7 googleads4.g.doubleclick.net rg.ru
7 sync.bumlam.com 5 redirects www.acint.net
6 imasdk.googleapis.com rg.ru
imasdk.googleapis.com
cdn-rtb.sape.ru
6 sync.1dmp.io 5 redirects www.acint.net
6 cstatic.weborama.fr cdn01.nativeroll.tv
cstatic.weborama.fr
6 moevideo.biz yastatic.net
moevideo.biz
6 x.bidswitch.net 6 redirects
6 idntfy.ru 6 redirects
6 cdn01.nativeroll.tv rg.ru
cdn01.nativeroll.tv
6 avatars.mds.yandex.net rg.ru
6 yhb.p.otm-r.com yastatic.net
yandex.ru
6 counter.yadro.ru 3 redirects rg.ru
6 top-fwz1.mail.ru 1 redirects cdnimg.rg.ru
rg.ru
top-fwz1.mail.ru
5 px.moatads.com 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 adservice.google.co.uk securepubads.g.doubleclick.net
5 logs.viadata.store rg.ru
5 cdn.viadata.store rg.ru
cdn.viadata.store
5 redirect.frontend.weborama.fr 5 redirects
5 ad.adriver.ru 3 redirects rg.ru
5 yandex.ru rg.ru
yastatic.net
4 z.moatads.com 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
z.moatads.com
4 ade.googlesyndication.com rg.ru
4 sm.rtb.mts.ru 4 redirects
4 acint.net www.acint.net
4 pubads.g.doubleclick.net rg.ru
imasdk.googleapis.com
4 dmg.digitaltarget.ru 1 redirects rg.ru
www.acint.net
4 vtg1.rktch.com rg.ru
4 adx.com.ru 3 redirects rg.ru
4 cdn02.nativeroll.tv cdn01.nativeroll.tv
3 moe.video moevideo.biz
3 www.googleadservices.com 2 redirects yastatic.net
3 st.hbrd.io rg.ru
st.hbrd.io
3 favicon.yandex.net rg.ru
3 px.adhigh.net 3 redirects
3 stat.media smi2.ru
stat.media
3 exchange.buzzoola.com 2 redirects rg.ru
3 www.tns-counter.ru 1 redirects rg.ru
3 smi2.ru cdnimg.rg.ru
static.smi2.net
rg.ru
3 matchid.adfox.yandex.ru yastatic.net
yandex.ru
3 stats.g.doubleclick.net www.google-analytics.com
3 front.rg.ru cdnimg.rg.ru
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bs.serving-sys.com rg.ru
2 csi.gstatic.com imasdk.googleapis.com
2 s3.advarkads.com www.acint.net
s3.advarkads.com
2 tech.rtb.mts.ru 2 redirects
2 ut.rktch.com 1 redirects www.acint.net
2 tag.digitaltarget.ru www.acint.net
tag.digitaltarget.ru
2 sync.republer.com 2 redirects
2 ssp.adriver.ru www.acint.net
2 ssp-rtb.sape.ru 1 redirects cdn-rtb.sape.ru
2 am-0.moevideo.biz moevideo.biz
2 ssp.bidvol.com 1 redirects rg.ru
2 cdn-rtb.sape.ru rg.ru
2 cm.lentainform.com jsc.lentainform.com
2 sync.search.spotxchange.com 1 redirects rg.ru
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 image6.pubmatic.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects rg.ru
2 pixel.tapad.com 1 redirects rg.ru
2 dx.frontend.weborama.com 1 redirects rg.ru
2 idsync.frontend.weborama.fr rg.ru
2 09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 statsa.nativeroll.tv rg.ru
cdn01.nativeroll.tv
2 wf.frontend.weborama.fr rg.ru
2 sync.dmp.otm-r.com rg.ru
www.acint.net
2 pool.admedo.com 2 redirects
2 viadata.store yastatic.net
rg.ru
2 cdn01.seedr.com cdn01.nativeroll.tv
2 sync3.adsniper.ru 2 redirects
2 ap.lijit.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 static.smi2.net smi2.ru
rg.ru
2 jsc.lentainform.com cdnimg.rg.ru
jsc.lentainform.com
2 www.gstatic.com rg.ru
2 rg.ru rg.ru
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 s.tribalfusion.com 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 sync.mathtag.com 1 redirects
1 mb.moatads.com z.moatads.com
1 api.advarkads.com s3.advarkads.com
1 r2---sn-aigzrn7z.c.2mdn.net rg.ru
1 gcdn.2mdn.net 1 redirects
1 fcgi4.gnezdo.ru www.acint.net
1 match.new-programmatic.com www.acint.net
1 s.uuidksinc.net 1 redirects
1 0100007f427aa0619f04021f02b06930-sp.ops.beeline.ru 1 redirects
1 ads.adlook.me 1 redirects
1 sape-sync.rutarget.ru 1 redirects
1 prodmp.ru 1 redirects
1 adlmerge.com www.acint.net
1 stat.adlabs.ru 1 redirects
1 dm-eu.hybrid.ai www.acint.net
1 a.utraff.com www.acint.net
1 bid.g.doubleclick.net imasdk.googleapis.com
1 t.adx.opera.com rg.ru
1 onetag-sys.com cache.betweendigital.com
1 ad.vidver.to rg.ru
1 ad.vidverto.io 1 redirects
1 ad.invamia.com 1 redirects
1 ad.adopx.net 1 redirects
1 ad.outstream.today 1 redirects
1 ad.mediawayss.com 1 redirects
1 ad.mox.tv 1 redirects
1 autocounter.lentainform.com jsc.lentainform.com
1 code.createjs.com s0.2mdn.net
1 cm.mgid.com rg.ru
1 token.rubiconproject.com eus.rubiconproject.com
1 eda.video moevideo.biz
1 playreplay.net moevideo.biz
1 cs-0.moevideo.biz moevideo.biz
1 thesame.tv moevideo.biz
1 playreplay.me moevideo.biz
1 cm.adform.net rg.ru
1 rtb-msk-2.viadata.store rg.ru
1 clientside-video-bidder.rutarget.ru rg.ru
1 dm.hybrid.ai fp.hybrid.ai
st.hbrd.io
1 secure-assets.rubiconproject.com 1 redirects
1 pl.viadata.store rg.ru
1 fp.hybrid.ai st.hbrd.io
1 idsync.rlcdn.com rg.ru
1 wam-google.solution.weborama.fr 1 redirects
1 542c324d60275ff1d95c45e141b7fb7a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ds.frontend.weborama.fr cstatic.weborama.fr
1 servicer.lentainform.com jsc.lentainform.com
1 sync3.sniperlog.ru rg.ru
1 cdn.lentainform.com rg.ru
1 statsb.nativeroll.tv cdn01.nativeroll.tv
1 ajax.googleapis.com yastatic.net
1 c.lentainform.com jsc.lentainform.com
1 rs.mail.ru rg.ru
1 vota5ik8v8t2dmu-mdt.ops.beeline.ru rg.ru
1 tms.dmp.wi-fi.ru 1 redirects
1 vomqvllrvahc3ei-mdt.ops.beeline.ru rg.ru
1 ysa-static.passport.yandex.ru rg.ru
1 static6.smi2.net rg.ru
1 static3.smi2.net rg.ru
1 static2.smi2.net rg.ru
1 static5.smi2.net rg.ru
1 static8.smi2.net rg.ru
1 static1.smi2.net rg.ru
1 smi2.net rg.ru
1 banners.adfox.ru rg.ru
1 cm.p.altergeo.ru 1 redirects
1 cache.betweendigital.com ads.betweendigital.com
1 target.smi2.ru rg.ru
1 widgets.sprinklecontent.com cdnimg.rg.ru
1 zen.yandex.ru cdnimg.rg.ru
1 cdnjs.cloudflare.com cdnimg.rg.ru
1 cdn.rutarget.ru rg.ru
0 nativeroll-sync.rutarget.ru Failed rg.ru
0 static.1dmp.io Failed cdnimg.rg.ru
818 197
Subject Issuer Validity Valid
*.rg.ru
AlphaSSL CA - SHA256 - G2		 2021-05-02 -
2022-06-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.rutarget.ru
Thawte RSA CA 2018		 2021-05-17 -
2022-06-17		 a year crt.sh
relap.io
GeoTrust RSA CA 2018		 2021-08-26 -
2022-09-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
matchid.adfox.yandex.ru
Yandex CA		 2021-08-26 -
2022-02-18		 6 months crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
*.zen.yandex.ru
Yandex CA		 2021-07-14 -
2022-01-12		 6 months crt.sh
sprinklecontent.com
Amazon		 2021-04-06 -
2022-05-05		 a year crt.sh
smi2.ru
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
bs.yandex.ru
Yandex CA		 2021-11-17 -
2022-05-18		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
*.p.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2022-02-06		 2 years crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.adfox.ru
Yandex CA		 2021-07-27 -
2022-01-06		 5 months crt.sh
smi2.net
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
stat.media
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
avatars.mds.yandex.net
Yandex CA		 2021-08-31 -
2022-03-01		 6 months crt.sh
cdn01.nativeroll.tv
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
cdn01.seedr.com
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
favicon.yandex.net
Yandex CA		 2021-07-06 -
2021-12-05		 5 months crt.sh
*.viadata.store
Sectigo RSA Domain Validation Secure Server CA		 2020-11-17 -
2021-11-27		 a year crt.sh
s3.yandex.net
Yandex CA		 2021-08-31 -
2022-03-01		 6 months crt.sh
*.moevideo.biz
AlphaSSL CA - SHA256 - G2		 2021-04-27 -
2022-05-29		 a year crt.sh
edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-21 -
2022-10-22		 a year crt.sh
cdn02.nativeroll.tv
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
ysa-static.passport.yandex.net
Yandex CA		 2021-08-21 -
2022-02-19		 6 months crt.sh
*.ops.beeline.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-06-23 -
2022-06-24		 2 years crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
*.hbrd.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-03 -
2022-07-04		 a year crt.sh
*.frontend.weborama.fr
Go Daddy Secure Certificate Authority - G2		 2021-02-20 -
2022-03-24		 a year crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
statsb.nativeroll.tv
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
vtg1.rktch.com
R3		 2021-11-16 -
2022-02-14		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
*.playreplay.me
AlphaSSL CA - SHA256 - G2		 2021-02-11 -
2022-03-15		 a year crt.sh
*.thesame.tv
AlphaSSL CA - SHA256 - G2		 2021-06-09 -
2022-07-11		 a year crt.sh
*.playreplay.net
AlphaSSL CA - SHA256 - G2		 2021-10-08 -
2022-11-09		 a year crt.sh
www.eda.video
GlobalSign GCC R3 DV TLS CA 2020		 2021-10-12 -
2022-11-13		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.sape.ru
R3		 2021-10-15 -
2022-01-13		 3 months crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2020-11-10 -
2021-12-12		 a year crt.sh
*.moe.video
AlphaSSL CA - SHA256 - G2		 2021-01-15 -
2022-02-16		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
ssp.bidvol.com
R3		 2021-09-30 -
2021-12-29		 3 months crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.acint.net
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh
tag.digitaltarget.ru
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
sync.1dmp.io
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
new-programmatic.com
R3		 2021-10-24 -
2022-01-22		 3 months crt.sh
fcgi4.gnezdo.ru
R3		 2021-11-08 -
2022-02-06		 3 months crt.sh
*.bumlam.com
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
advarkads.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
statsa.nativeroll.tv
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.advarkads.com
GlobalSign GCC R3 DV TLS CA 2020		 2020-12-03 -
2022-01-04		 a year crt.sh
dmg.digitaltarget.ru
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
bs.serving-sys.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh

This page contains 71 frames:

Primary Page: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Frame ID: 6D2525DB0E714A80C580573688A63F8D
Requests: 377 HTTP requests in this frame

Frame: https://relap.io/v7/relap.js
Frame ID: 0A4E0CF995A61A522636BA7E9447F27B
Requests: 25 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=59b3de82-cb25-534a-b279-9971d3d9e34d&CACHEBUSTER=740372
Frame ID: FEDF425A5671465F08C4E3B977DB9F2D
Requests: 7 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: D35FAC38F4D51DB130DFD84054F4FF53
Requests: 23 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: E8282633DFF1AB7650E60212B08C8D1F
Requests: 8 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: D4C31BB0D64DA01D0A369C24C1DE9494
Requests: 21 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: F8FB97123E97237223A8CAEA660B388E
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 79917C8A5B02DBD822677176DCF9E435
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 9842E56091E019DAB4D19FDB4FF45EE3
Requests: 8 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Frg.ru
Frame ID: 64CD768A10B0FBE0816481C9690F7F37
Requests: 1 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637907005528
Frame ID: D3777CEC4EDD7E5C43B08AF6199DDF05
Requests: 9 HTTP requests in this frame

Frame: https://cdn.viadata.store/js/player/211015.js
Frame ID: D42DA308914EB8F83F42B809B088F9B3
Requests: 21 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
Frame ID: 1B5370E78E51F3CBFBD66A63763F795A
Requests: 20 HTTP requests in this frame

Frame: https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4E5D570BB14983726B6357E2C889A578
Requests: 1 HTTP requests in this frame

Frame: https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1753311CBF1B6919FE73537CBB1BEC43
Requests: 1 HTTP requests in this frame

Frame: https://542c324d60275ff1d95c45e141b7fb7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C8CAF887C4AA74BD5DDD6359EA451C9C
Requests: 1 HTTP requests in this frame

Frame: https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CA874B948747D55876260DA7C282165A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 8C4BC3A88854B9FF10D03ACF68CC5BA2
Requests: 14 HTTP requests in this frame

Frame: https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: ED9D309B3D2A969AA63080BB2D9D48FC
Requests: 1 HTTP requests in this frame

Frame: https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2A7C4AC63C345BB57884FEA084027553
Requests: 14 HTTP requests in this frame

Frame: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Frame ID: 265FC9123F51938E03E2B9B1F2E6C741
Requests: 16 HTTP requests in this frame

Frame: https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: EF47ABD64E1A7B43DA0E3B92F1B68A0F
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0FF8A187AD2C6ED7A88221830C2CDED1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 995008C6091EC388E1F0FD591650FFA5
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 170469192BBBE4185553CAC44CFDAC07
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F794DA2D4E886778FF54EA7948B04494
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E181132DD186D6D36C3C4A8BBC0EF2C4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3571A0237045CB6843164F7019B2E534
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D852B5744BA0DD51FC2C8F779379D8A5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 690532B7342F70EC30DA1706B73C1753
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDCD9A161E680D8970576D428286D50F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY4sHdrAEwAQ&v=APEucNXg4T_gRbbo9A09ExwkXrZTLx9preBx12mDLNZB8j5cr5eYVTUgbrfCNg1SyBCnP-ZJD1d2GhIyyrgLiJi_uuolFzb8wDVEN98z2qGz11V4hd7nrmNx7Dl5q7VI6gTolSXMAtX04YGuOHjkP2CTO19ZgWziQDh_xGfNEE8Uh4FUyQSOu50
Frame ID: A74FBED7508EFA8E712A40B69D25B143
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFw7Gw8n8fTOOsNp4EPEtQWcKKVrkxfB1bf-Ixar7N8jeuN6D6zaCY7H0EJ_pfgnzLPdL-3OXnq_ersU5PXzd7Op5532xNP5tqtQFJDKL5_PNlZOqTJmGkQT0VKh_qpMIgMD-v-yGGhr6GxaaE1ASya3FbjQ&dbm_d=AKAmf-CyXxyr2A3XU3QkGHxwRZNuFVJeLe3ZiC6VKJVuqX_xUMUk859Bfh7TNfqjh2QQeg9wT0hfapFZFn5d3F1JtKCmSbALv8j7CtAPMW_Ja4q5Wx9nOMlHvaQbJLGVkXY-Ac1Q40qLDhNPOeBOORGqLCHTA0MaeuVwzBVxt7wqztFkoUHGDTSA503XiXFpk2YsStUKTMk9TC6BGDbxIo8wRXe2xDgTuDGQ6tKbn-C2Ix75jkna2mx9mZpqqwKu7slGmfninznQelvIoap0diNY8WQhJJsZIiqqQ2jKwwBfQWu9Y1fM3J6rFQwdGTHyhKMkmhUwXxLPqi0lGGQGv3ywelAmNEbdMS9EaVuZ5jUuui6smuIlFjWb_48QDFYCHDAmOKrB2aG7A6OjQlQPdGz7asUMv3Wrw583jcRAry77dLm76Yz7S9HwdPm4lTsY3j7xG3i7zBVMD6zXHf1b44dHDLN5Nb8fjm6BEq1YjDPpyXD7tBwpir2QqZpCy0NVcW0z5ZbBpeYs4lqXq_ygDgU389bduEqDMI9Wl2rpVTnNTFLHClcNnU7hurfIfS7gdKoFH80-Ux97c5X7TKHdmZWE_fOesJZ7yDT1wv3BMzjWunQNZd5kwVPnVMvl4zRudPl17yPF1t1LcKar3IuRrMiNlJFFMoi17_R1uyLEqJDa9bC-wc-_vhxn-Fpgvtf6BKrVoN1f2SL45yyqDO-agR345i2TaKbLht8VMv7UZ0L-5vBwRKO13obzE3lxjzoS1DqoXZJqDo2P84Gj_dUiSgeDCCajND_gNBnC_NVTYtpvCuB__TtUHpkAKSr7RA2Ay_Nnu7ko-_keNTKpVUpL_GmeMXS41E7ss-3kTZHyDDQcCvvfVjSSeAQJfpNX8xZyUl7erigXUXt4J6aHAd16AVev6-pgT8fKCny3OY313D4JvhEriYPwViOR8gegHXxv46WGaIarbx08oBbQUCys9jZVl0h1qaeBdgpWj41AER5tlrQoDrF0T4KTaW1OtZ2lBS3cX8rvAE6G2cy8ejEcg6KhTXiNUvqRgysd_ksp9Eo65N6-FIj_LiiDDUB8V0t9wLpirCZP0eUpyHGx9PxkkKtd-eG1vQWDjhuM--dwiLrO7glgEWt6KS-cZ2UF01k5-G8QIr26umb5uTGAfk40A0eU3Xh6WrXNkUa5xYstcVpB3Zo9oqG0ZbBiI79rNrIaEmMFVd23pHTImfNyHWYJcpKRMDr3AwrGncC9aPfk3Qza2Ae21LthtHRJXV7bflNLBHeBl7eO8bWkfTvIx4qkE5ljvQnvEcgjsb4lUOHQTDkJdyHGt9fcvP-eAXvMmnhAHmdgPYEl5483Vyno3eQU0MPJkxouGMY6q9T7sVuCGcy4znrmNbP-nC1N6QhG_Fl2k1A8skmnv9lSq7HVbUYsX5wNxZxnclE53U14wGKKX3gwOHhjeKp9vMoatOdeZO7ZCmBQbpd1CUDwyP9AhW-E8EOQCSQHkcQBcg6JOeQC6JcuaGY33lSKgLbvrDm84YREd_oeqMHzS2g2XC4L5kBtAbsiVtGr-65FOm465Wk6triIRchTNKzfpImElJYpWS9ypzk1pAVmfKF5Tu4KDYmbyHHrjlGFWE_aAVOipnvou7d8sRFkcS9ayRUvfJGw75XlIz15rJRMdpZwH6ysMzaAZz7QJg5WhJpXrPujoJcrhqAi4HbPVCWDf9rodygxLWAr9MswobGJyNDjh_YBNguLs3E-t1pi_4nBpJdQA8U7gMBhIMkUYskhSOmJWFGRQJEQW2T9zt19bMBlaQiW7FqMJZNPYh0tYgs5o4RINu96-LdsB13ICoV68KTKxLfDOuBRHNYNLDGixdhKeEy4Yj_khYnEkWR9aPTL2SRqugdfzmhOVU8cQsFZNpKc1v6eLC7sHd9aRaKMwtXF3YDgR09h9Dtq-McyUL6LMjCW-ht8DMvZhky5BXx-q4cQQMN4p4ijoqguwgdLJTAfOLmQFRnpwqZJqoUVW49x-AG0QUsXGlgPfouu393mgHQfFaAoNApyAsXGE1kJanRSbGGYRyrzhXyEO_C3Tp7EtTfYILVRAMETh4GCEebNSbCTYW1uiN6YWpM-SYhXsLrj2dMbpjF_7bY8d0iOVLfejnwnsit5LiSDfZGRJZE2FoA8Bwid-O-Fdo3soYaUXbGP2qJrFmNq9UH2XvKdRP6PQ8xDorMq4VRpHktPVEW_BQr4sJdi31yzbtXdvHlWsApcNSRaUjCBnouYUxEwtPpgsvL-E5g7Mv8KFt0-b1bFREBeQ705nAk_UufsGr8jIKr5T3brWlk79Vu1t9ld5ZIu78o0WlJJXqu35x9f1plJTST4gcLLwXTBgtjrXkxlRz4_S_MW_KVYLOokAcXiuglcH_KTmk1CcYwxt7nXiy2pvf0OIvS306irDLXsP9pj_yjbz_dOf7F2T6S9fPWhzW9k1Nkf6V-wCNK8xZOOGdoeOB30nAHZnCDE6Mn_3bOWrkM6O0T6ILFbNSpm6sgyZGwjuGogvD7hxpMIGxzKHDxlbIcBi27JSx08BgVktovbpD1gkFWVsejkxdIMmkHNZShnUuqpAYKwK2OOYGn9ikF4DCMWAJ_tq5J9PpCH4QbJicD3PnNeFTgLcGA3UhPCnx0hGw6F61KcEc33DrnSbBp7buXJqIz2JBSOU2NwsxFfG7JHXnhqaURPCxmJMTCJ44WGZnSxcr7emFYisjul-a-b1uiyEUhtaeicQG6h9CnlABYNCF3nx-feJgyIVTOEx_ll5cyBJh5JHhhBAQgHU4aUApdRTDXTTHD8-2hAjbgO6RGsqw7tqDJYIJnunqSWd73umG9tvv5X9g9BGOB4Jtc91NOGxLd8mxwzaeh9irG5bPrdcqHZ0W-EoDgFPeGzRHxjZ0KApQyLW9_JGCQnDFgYNFuukpfrN0k7jxR9rLwnpuJajH7WNcSvze_cifObPo1vwQKrqPmF_kvjLfq7HE_UHM9ZM-bYA9VKc5d0Z8TAakyxUI2X412Khw5tCxQxCUCSfQJ-UsWZGYWJbjP35asAf-JoJGfBd3yvAZ05YEBDLGAXwSTh7Ybs6touyt6bEGlK0RMGdqbnWmXGdVlx96aPGZDsNSyPIQxpEdMWBuDPYm3wYBi1BJHEYPOWYK_hRKAvSAqHUfGDkAJ9sjNSolVaMvU4yuoNat7jIJFcRIKpbKFPvQPiBcgBaCuPstvc1I3k_VQI6b5csD1IPMpWoUoBkk40cN7GJxkGX8oyvFgOZZevlwue0H9xqBvjV2aa6kCCBAE-Kyx-74B-7dUeWNqViFzKTmzSzTnwN90mzzVYPJpcSqmZa1_wLYdVOr2-SBrgVLOQyml35u_tZN-dE-W1cbl7OywlWwY3WGjgiQ35X_YEmaIQriFwP3E7PxMfKGfArQ&cid=CAASFeRoMoa072lJeh2e8zyv4f5oNebMGA&rfl=3%2Chttps%253A%252F%252Frg.ru%242%2Chttps%253A%252F%252Frg.ru%252F%240
Frame ID: FF18007988201B93525FD08AFBDFEE16
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKtKRDw4roCGKPbkroBMAE&v=APEucNWTMQkWMb5Tmg5ad4BS8vPNqShqiJUQ00BdWoHmmh0JWL0e8OO1CtizeJ9clpgM7GnLRv5O7zPy1h6C60JhvDOmKcu5N_5PIwu49715n_2le0iixBB5EN6xJo61s4xzQI5Ohiwx1qPOgnGQqPvimpX2dy62-MRPHI8fXo3GPPWxHC146yw
Frame ID: E1162F1677DEE7BEA2341BA075017AB4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDgonwYup2ZvAEwAQ&v=APEucNW4DtW-EFpNcfEqZFLECxB8xSzjYA2HxJQm_V1JU8FuUYBJduwu1cUU8ckXadaesopiAPz1HBUa0ZlCs5M1KU1llsnmOLZ0e2bUWuasWCMOV7enff5rojvQLhF0N_tfyfL44D8X3W6JWNODOAkNWSEr0aVfPf9CT3jwz-DErWcR3PW4qVM
Frame ID: A3BA8781FCFFBCEFE88EA85FFD0F2751
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/index.html
Frame ID: E42C8C5B3F7C9A1EF879BAEB6D4C3E0F
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
Frame ID: 3C9DC80379E8AAF83403BA93C3E9311E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ABAA8711D231856C6357E9198334785F
Requests: 3 HTTP requests in this frame

Frame: https://cm.lentainform.com/i-noref.js?cbuster=163790700750441186682
Frame ID: 9BFC2E22A3C7C589C981D8EC3D0E9798
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2798CC9A7C407BB2875DFFC4355F7E45
Requests: 3 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: F55AB1EAFF415D4F1FA53A311394B06D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BC72A57AEDC75F9CA3D41536E88DFC57
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6147111354051370868/300x250/index.html
Frame ID: A99B76D7916165C7DA14D6324B9C315A
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: DC4CC0FD0C2DAF446C096F9A155F430C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: C969B6D6C85A336D84EFFEDE28CF4BC3
Requests: 4 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 8029E1D497B26140886AD40250F5A96A
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 2A428CAB8FBBA41A565D634242B26839
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: EF8BDFB9926858EC1C0C7C193AB27574
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: E920F6074F3B518E718185B478DD4DF9
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2DF86B960358A0CDDFB26DB90F26A30A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0CBFCB525EE799CAA4D1F168E864DDC3
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: E4CF7A71A4EDA2500D17FBDE4514B047
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 6C2A62424BFC1C87846B35FC3E9FE59D
Requests: 1 HTTP requests in this frame

Frame: https://cdn-rtb.sape.ru/js/vast/vpaid-ssp.min.js
Frame ID: 95898CB6DE80BA97B681F6B21F7F5BDC
Requests: 5 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=131&tc=1
Frame ID: C1DE1C6285A1CEFBDCEADF303117369E
Requests: 34 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: 82F5369745B590E60E451FB40B8C5AF9
Requests: 12 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Frg.ru
Frame ID: AFE3DFCBE98F29506CF0D0EAA1514EF9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_ru.html
Frame ID: 49A75ACC31A1E16C193BD1163A31EAD3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3C71AD8EA6B6433EA8349E27DBFE4382
Requests: 1 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F427AA0619F04021F02B06930
Frame ID: F2ED8687032768681BDA0ECE6B0FA5E8
Requests: 3 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637907010157
Frame ID: CDCE1EA5DAA9EB19CE07C38DF4AB544B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: BBAC2B12B148BDADCEF7684C5DAD1071
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 64A5D64C9FE3B2ABBD050F4611887ED3
Requests: 8 HTTP requests in this frame

Frame: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C52BFFC4AA217166F3B5386AE5BB01F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BCB203CAD758D78A2F9F00E35FD6B219
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91C07476E3175E9A4249D71A1CF37C64
Requests: 2 HTTP requests in this frame

Frame: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DA86A8F77C1F8B2B81C80D52025EC58B
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIY8NGJqgEwAQ&v=APEucNUBh1cO9nrg196HZRzAOdQCpJGseJLKpg2RWIOOyQqx7qprumxMX-LcjtT7A0KZtDdPNCPdgIZieZvgWooOWUUaQFt5RuIPzfy95dvtxPC5o59VCt17fN54rT_9bLwLK_dEFiIZQiUMpmNUk3-XeGJ9e-uZFZuPFPTMPFC5gHcV7Gfuth8
Frame ID: 229F7FF4C154F656984C97DF2EF9D326
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C3618000A1583CDEB1168DB71B7F0FD4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 82894C389ECEE8F8E7B9E03ED11C1713
Requests: 9 HTTP requests in this frame

Frame: https://z.moatads.com/fallback/ad.js
Frame ID: 4F99E10C363758D7120141B2A33B32B7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Число атак на бизнес с помощью программ-вымогателей выросло втрое — Российская газетаbackViads Video Advertising

Page Statistics

818
Requests

88 %
HTTPS

25 %
IPv6

109
Domains

197
Subdomains

143
IPs

13
Countries

10259 kB
Transfer

26748 kB
Size

199
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
  • https://yandex.ru/ads/system/header-bidding.js
Request Chain 8
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://yandex.ru/ads/system/context.js
Request Chain 22
  • https://ads.adfox.ru/5906/getCode?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=3952818883&ptrc=b HTTP 302
  • https://ads.adfox.ru/5906/getCodeTest?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=3952818883&ptrc=b
Request Chain 23
  • https://ads.adfox.ru/5906/getCode?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=3952818883 HTTP 302
  • https://ads.adfox.ru/5906/getCodeTest?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=3952818883
Request Chain 24
  • https://ads.adfox.ru/5906/getCode?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=3952818883&ptrc=b HTTP 302
  • https://ads.adfox.ru/5906/getCodeTest?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=3952818883&ptrc=b
Request Chain 49
  • https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=6838283708 HTTP 302
  • https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=6838283708&crf=1
Request Chain 61
  • https://top-fwz1.mail.ru/counter?id=11659;t=409;l=1 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=11659;t=409;l=1
Request Chain 62
  • https://counter.yadro.ru/hit?t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043E%20%u0430%u0442%u0430%u043A%20%u043D%u0430%20%u0431%u0438%u0437%u043D%u0435%u0441%20%u0441%20%u043F%u043E%u043C%u043E%u0449%u044C%u044E%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C-%u0432%u044B%u043C%u043E%u0433%u0430%u0442%u0435%u043B%u0435%u0439%20%u0432%u044B%u0440%u043E%u0441%u043B%u043E%20%u0432%u0442%u0440%u043E%u0435%20%u2014%20%u0420%u043E%u0441%u0441%u0438%u0439%u0441%u043A%u0430%u044F%20%u0433;0.8662617088435476 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043E%20%u0430%u0442%u0430%u043A%20%u043D%u0430%20%u0431%u0438%u0437%u043D%u0435%u0441%20%u0441%20%u043F%u043E%u043C%u043E%u0449%u044C%u044E%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C-%u0432%u044B%u043C%u043E%u0433%u0430%u0442%u0435%u043B%u0435%u0439%20%u0432%u044B%u0440%u043E%u0441%u043B%u043E%20%u0432%u0442%u0440%u043E%u0435%20%u2014%20%u0420%u043E%u0441%u0441%u0438%u0439%u0441%u043A%u0430%u044F%20%u0433;0.8662617088435476
Request Chain 63
  • https://counter.yadro.ru/hit;RGINTERNET?r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9358503832210456 HTTP 302
  • https://counter.yadro.ru/hit;RGINTERNET?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9358503832210456
Request Chain 64
  • https://counter.yadro.ru/hit;RGRU?r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.25765960833328605 HTTP 302
  • https://counter.yadro.ru/hit;RGRU?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.25765960833328605
Request Chain 65
  • https://www.tns-counter.ru/V13a***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/ HTTP 302
  • https://www.tns-counter.ru/V13b***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
Request Chain 123
  • https://exchange.buzzoola.com/ssp/adfox HTTP 307
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Request Chain 161
  • https://mc.yandex.ru/watch/22322746?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A2563%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1402480680008%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601004%3Aet%3A1637907004%3Ac%3A1%3Arn%3A880293018%3Arqn%3A1%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637907000762%3Ads%3A7%2C166%2C1777%2C74%2C1%2C0%2C%2C630%2C36%2C%2C%2C%2C3142%3Adsn%3A7%2C166%2C1777%2C73%2C0%2C0%2C%2C564%2C35%2C%2C%2C%2C3142%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1637907004%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/22322746/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A2563%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1402480680008%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601004%3Aet%3A1637907004%3Ac%3A1%3Arn%3A880293018%3Arqn%3A1%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637907000762%3Ads%3A7%2C166%2C1777%2C74%2C1%2C0%2C%2C630%2C36%2C%2C%2C%2C3142%3Adsn%3A7%2C166%2C1777%2C73%2C0%2C0%2C%2C564%2C35%2C%2C%2C%2C3142%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1637907004%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
Request Chain 168
  • https://mediatoday.ru/core/code.js?pid=9119&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24 HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9tZWRpYXRvZGF5LnJ1L2NvcmUvY29kZS5qcz9waWQ9OTExOSZyaWQ9Nzg5OTQ5JnJsPSZsbD1odHRwcyUzQS8vcmcucnUvMjAyMS8xMS8yNS9rb2xpY2hlc3R2by1hdGFrLW5hLWJpem5lcy1zLXBvbW9zaGNoaXUtcHJvZ3JhbW0tdnltb2dhdGVsZWotdXZlbGljaGlsb3MtbmEtMjAwLmh0bWwmb3c9MTYwMCZvaD0xMjAwJnN3PTE2MDAmc2g9MTIwMCZwZD0yNCZ2aWRzZXR1cD0x&p=idntfy&n=otclick HTTP 302
  • https://mediatoday.ru/core/code.js?pid=9119&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOMqvlLrvAHC3Ei
Request Chain 170
  • https://mediatoday.ru/core/code.js?pid=8493&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24 HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9tZWRpYXRvZGF5LnJ1L2NvcmUvY29kZS5qcz9waWQ9ODQ5MyZyaWQ9Nzg5OTQ5JnJsPSZsbD1odHRwcyUzQS8vcmcucnUvMjAyMS8xMS8yNS9rb2xpY2hlc3R2by1hdGFrLW5hLWJpem5lcy1zLXBvbW9zaGNoaXUtcHJvZ3JhbW0tdnltb2dhdGVsZWotdXZlbGljaGlsb3MtbmEtMjAwLmh0bWwmb3c9MTYwMCZvaD0xMjAwJnN3PTE2MDAmc2g9MTIwMCZwZD0yNCZ2aWRzZXR1cD0x&p=idntfy&n=otclick HTTP 302
  • https://mediatoday.ru/core/code.js?pid=8493&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
Request Chain 182
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d9472326-3f72-43ef-915b-ee22abeb2c51 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d9472326-3f72-43ef-915b-ee22abeb2c51 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=fc382313-402e-4cbd-bf8a-a8783a2021b6&ssp=between&expires=30&user_group=5&bsw_param=d9472326-3f72-43ef-915b-ee22abeb2c51 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9472326-3f72-43ef-915b-ee22abeb2c51
Request Chain 183
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usLbcellYKCe.AikABlF9Wt1_QA
Request Chain 184
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=99cffbe32fc8061e1cfec5ce
Request Chain 185
  • https://sync.bumlam.com/?src=bw1&uid=59b3de82-cb25-534a-b279-9971d3d9e34d HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi99IGNBlIFvp7KygpiJDU5YjNkZTgyLWNiMjUtNTM0YS1iMjc5LTk5NzFkM2Q5ZTM0ZA** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi99IGNBlIFvp7KygpiJDU5YjNkZTgyLWNiMjUtNTM0YS1iMjc5LTk5NzFkM2Q5ZTM0ZKIBEH_kmR5OfxHspukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABi99IGNBmIkNTliM2RlODItY2IyNS01MzRhLWIyNzktOTk3MWQzZDllMzRkogEQf-SZHk5_Eeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARi99IGNBmIkNTliM2RlODItY2IyNS01MzRhLWIyNzktOTk3MWQzZDllMzRkogEQf-SZHk5_Eeym6QAlkMgkNw** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=7fe4991e-4e7f-11ec-a6e9-002590c82437
Request Chain 222
  • https://cm.p.altergeo.ru/relap?aid=fd4UhV6S&nc=0fxyk2lG&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
  • https://relap.io/partners/altergeocs?uid=CMMXcFNCezR9Gt6b+yYnYmjg==
Request Chain 260
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=d9472326-3f72-43ef-915b-ee22abeb2c51 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=d9472326-3f72-43ef-915b-ee22abeb2c51 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=63ad473b-2880-49f7-b50b-cc6a9e3c4a8c&user_group=1&ssp=between&bsw_param=d9472326-3f72-43ef-915b-ee22abeb2c51 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9472326-3f72-43ef-915b-ee22abeb2c51
Request Chain 287
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5723262&bn=5723262&rnd=789949 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5723262&bn=5723262&rnd=789949&tuid=-5179052920 HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=2&id=AHRegIF2TTmeIn0mf66KH2Q HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MiZpZD1BSFJlZ0lGMlRUbWVJbjBtZjY2S0gyUSZ2aWRzZXR1cD0x&p=idntfy&n=otclick HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=2&id=AHRegIF2TTmeIn0mf66KH2Q&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
Request Chain 289
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D15%26id%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D15%26id%3D%7BWEBO_CID%7D&bounce=1&random=469689059 HTTP 302
  • https://mediatoday.ru/core/match.gif?s=15&id=I4jPe4gWdVO/6iZWsKBbOO
Request Chain 290
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOMqvlLrvAHC3Ei&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOMqvlLrvAHC3Ei&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D&cs=1 HTTP 302
  • https://mediatoday.ru/core/match.gif?s=16&id=80548a80-4e7f-11ec-ae6b-901b0ea4a41b
Request Chain 291
  • https://relap.io/api/partners/instrv.gif?uid=VOMqvlLrvAHC3Ei HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MTcmaWQ9ZmQ0VWhWNlMmdmlkc2V0dXA9MQ==&p=idntfy&n=otclick HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
Request Chain 293
  • https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=mediatoday&ru=https%3A%2F%2Finstreamvideo.ru%2Fcore%2Fmatch.gif%3Fs%3D23%26id%3D[UID] HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=23&id=o6P8AmHRSGyFDHDSZFV2wQ HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MjMmaWQ9bzZQOEFtSFJTR3lGREhEU1pGVjJ3USZ2aWRzZXR1cD0x&p=idntfy&n=otclick HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=23&id=o6P8AmHRSGyFDHDSZFV2wQ&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
Request Chain 294
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOMqvlLrvAHC3Ei HTTP 302
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOMqvlLrvAHC3Ei&bounce=1 HTTP 302
  • https://mediatoday.ru/core/match.gif?s=24&id=JwdxZQVMOAtU7LWemJm5qg
Request Chain 298
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOta5ik8v8t2Dmu&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOta5ik8v8t2Dmu&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D&cs=1 HTTP 302
  • https://mediatoday.ru/core/match.gif?s=16&id=80548a80-4e7f-11ec-ae6b-901b0ea4a41b
Request Chain 299
  • https://relap.io/api/partners/instrv.gif?uid=VOta5ik8v8t2Dmu HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MTcmaWQ9ZmQ0VWhWNlMmdmlkc2V0dXA9MQ==&p=idntfy&n=otclick HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
Request Chain 300
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOta5ik8v8t2Dmu HTTP 302
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOta5ik8v8t2Dmu&bounce=1 HTTP 302
  • https://mediatoday.ru/core/match.gif?s=24&id=D6YpWSpK7WcfeZqUD%2BFAjw
Request Chain 337
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=7fe4991e-4e7f-11ec-a6e9-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=7fe4991e-4e7f-11ec-a6e9-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=D6YpWSpK7WcfeZqUD%2BFAjw& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=D6YpWSpK7WcfeZqUD+FAjw&extra2=aidata HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=D6YpWSpK7WcfeZqUD+FAjw&extra2=aidata&google_tc= HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=D6YpWSpK7WcfeZqUD+FAjw&extra2=aidata&google_gid=CAESEOCsvQUug0Atln4YqLNq2x8&google_cver=1
Request Chain 353
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsa.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D6%26rand%3D271698 HTTP 302
  • https://statsa.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=I4jPe4gWdVO/6iZWsKBbOO&gt=6&rand=271698
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
  • https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEPvNB4WJA1OqpekghOpqlqQ&google_cver=1 HTTP 301
  • https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEPvNB4WJA1OqpekghOpqlqQ&google_gid=CAESEPvNB4WJA1OqpekghOpqlqQ&google_cver=1
Request Chain 391
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=S81SHH7s9QNL HTTP 302
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=S81SHH7s9QNL&bounce=1&random=2920377024
Request Chain 392
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=S81SHH7s9QNL HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=S81SHH7s9QNL
Request Chain 393
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=STRqUGU0Z1dkVk8vNmlaV3NLQmJPTw HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=STRqUGU0Z1dkVk8vNmlaV3NLQmJPTw&dcc=t
Request Chain 394
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=28931708-65E3-4CF2-B0AD-C66C1735255F
Request Chain 397
  • https://ssp.hbrd.io/metrics/init?name=start_of_metrics HTTP 307
  • https://ssp.hybrid.ai/?jMwh/HEzJoAnz9KzS0FKY+Tib+TONz8fpSRgq3Yh39uKVHikRp2TPp2JbVz56b4+
Request Chain 398
  • https://ssp.hbrd.io/matching/urls HTTP 307
  • https://ssp.hybrid.ai/?SI3/J3nkVIzDCkyLW0NNkI5WyllE6z2hrq0RPwAA0Pg=
Request Chain 441
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 470
  • https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&cbb=7907006997 HTTP 302
  • https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&rolltype=content-roll&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&vpaid=false
Request Chain 473
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&i=1637907007 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&i=1637907007
Request Chain 475
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&__user_check__=1&sync_id=812f4080-4e7f-11ec-9614-1bce7de30206
Request Chain 497
  • https://ssp.hbrd.io/metrics/save?name=ssp_script_loaded HTTP 307
  • https://ssp.hybrid.ai/?OZOskJhKDeVs+9Yyl+wrh0n97Bgfj3h4We1FPNER+EmNPQWBi7k1QfCyLzj6Jyg6VQ6LfEcrVb3yThwiQmohTw==
Request Chain 524
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
Request Chain 525
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaB6P22zOleo0tMOV6DJyQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
Request Chain 526
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO5Itt1yz0H4KMCjEj2c19Q&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO5Itt1yz0H4KMCjEj2c19Q%26google_cver%3D1
Request Chain 527
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM5ODcxMDQzMTEyOTc5MTgz
Request Chain 528
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
Request Chain 529
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaB6P22zOleo0tMOV6DJyQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO5Itt1yz0H4KMCjEj2c19Q&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO5Itt1yz0H4KMCjEj2c19Q%26google_cver%3D1
Request Chain 531
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg2Mzc0MzI5MjMyMzgyMjM4NQ%3D%3D
Request Chain 532
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
Request Chain 533
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaB6P22zOleo0tMOV6DJyQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
Request Chain 534
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO5Itt1yz0H4KMCjEj2c19Q&google_cver=1
Request Chain 535
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1OTQwOTc0MDY2NDMyODczNQ%3D%3D
Request Chain 539
  • https://ssp.hbrd.io/metrics/save?name=ad_container_init HTTP 307
  • https://ssp.hybrid.ai/?M7U9wbMcHW/Hg6fXJ7DHd72M6z9Iy1J86BarCwrskOp3lpRXOQio49A3H410vCIZ
Request Chain 554
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QHqgYZLGAbCrx_APs4izoAg&random=1178524008&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1178524008&crd=&is_vtc=1&random=2438830475 HTTP 302
  • https://www.google.co.uk/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1178524008&crd=&is_vtc=1&random=2438830475&ipr=y
Request Chain 555
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QHqgYeDJAZKqx_AP2NGwwAk&random=398314855&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=398314855&crd=&is_vtc=1&random=1453033947 HTTP 302
  • https://www.google.co.uk/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=398314855&crd=&is_vtc=1&random=1453033947&ipr=y
Request Chain 593
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=59b3de82-cb25-534a-b279-9971d3d9e34d&expires=60 HTTP 302
  • https://ad.mox.tv/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51 HTTP 302
  • https://ad.mediawayss.com/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
  • https://ad.outstream.today/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
  • https://ad.adopx.net/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.invamia.com/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidverto.io/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=YWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidver.to/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=
Request Chain 595
  • https://ssp.hbrd.io/metrics/save?name=banner_not_returned HTTP 307
  • https://ssp.hybrid.ai/?SSnd7N94OcuB24DXqp+8Ob/ZNPPJT4Fu4HAIBR5iiP66qVjbCea5337do6o9LbDSwZC+00oUwd4altU7P/AnfQ==
Request Chain 671
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F59b3de82-cb25-534a-b279-9971d3d9e34d HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/59b3de82-cb25-534a-b279-9971d3d9e34d
Request Chain 674
  • https://www.acint.net/mc/?dp=131 HTTP 302
  • https://www.acint.net/mc/?dp=131&tc=1
Request Chain 708
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/match?dp=14&euid=0100007F427AA0611800D92B023B9782
Request Chain 709
  • https://px.adhigh.net/p/cm/sape?u=0100007F427AA0619F04021F02B06930 HTTP 302
  • https://acint.net/match?dp=17&euid=usLbcellYKCe.AikABlF9Wt1_QA
Request Chain 711
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
  • https://www.acint.net/rmatch?dp=45&euid=AHRegIF2TTmeIn0mf66KH2Q&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F427AA0619F04021F02B06930
Request Chain 713
  • https://sync.republer.com/match?dsp=sape HTTP 307
  • https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
  • https://sync.bumlam.com/?src=rp1&uid=9d442c0b-cd38-4941-8941-bcde7a536ada
Request Chain 717
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf0J6oGGfBAIfArBpMA HTTP 302
  • https://www.acint.net/match?dp=77&euid=
Request Chain 718
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F427AA0619F04021F02B06930 HTTP 302
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F427AA0619F04021F02B06930
Request Chain 721
  • https://adx.com.ru/sape-sync?uid=0100007F427AA0619F04021F02B06930 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=61a07a3ff0e015867d94ab7d&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D61a07a3ff0e015867d94ab7d%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D61a07a3ff0e015867d94ab7d%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61a07a3ff0e015867d94ab7d%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D61a07a3ff0e015867d94ab7d%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61a07a3ff0e015867d94ab7d%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61a07a3ff0e015867d94ab7d%2526dest%253D&webouid=I4jPe4gWdVO/6iZWsKBbOO HTTP 302
  • https://prodmp.ru/yabbi.gif?uid=61a07a3ff0e015867d94ab7d&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D61a07a3ff0e015867d94ab7d%26dest%3D HTTP 302
  • https://x01.aidata.io/0.gif?pid=9712851&id=61a07a3ff0e015867d94ab7d&dest=
Request Chain 723
  • https://sape-sync.rutarget.ru/sync HTTP 302
  • https://www.acint.net/match?dp=104&euid=OOb-B9bI6hFl
Request Chain 724
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/match?dp=107&euid=48d4807e-4c47-534a-8f44-d55ceee4af60
Request Chain 725
  • https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
  • https://acint.net/match?dp=110&euid=050c84141f294b11b300ecc278801d81
Request Chain 726
  • https://0100007f427aa0619f04021f02b06930-sp.ops.beeline.ru/p?ssp=sp&id=0100007F427AA0619F04021F02B06930 HTTP 301
  • https://www.acint.net/match?dp=111&euid=38c84868-d1fe-46bd-a4c1-6a1591e4df8b
Request Chain 727
  • https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F427AA0619F04021F02B06930 HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
  • https://ut.rktch.com/matchspm?pi=1000006&pui=I4jPe4gWdVO/6iZWsKBbOO&noredirect
Request Chain 728
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F427AA0619F04021F02B06930 HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F427AA0619F04021F02B06930 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=9251fb2a-963b-4026-9860-f159e9d39aaf&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
  • https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Request Chain 729
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
  • https://www.acint.net/match?dp=126&euid=cfa6ae27-0e17-4700-7e49-578f587154bb
Request Chain 730
  • https://s.uuidksinc.net/match/396/0100007F427AA0619F04021F02B06930 HTTP 302
  • https://www.acint.net/match?dp=127&euid=HsOASYgJtSpEvso8KLl6
Request Chain 731
  • https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
  • https://www.acint.net/match?dp=129&euid=no6hpg57we
Request Chain 734
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F427AA0619F04021F02B06930 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=D6YpWSpK7WcfeZqUD%2BFAjw HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=D6YpWSpK7WcfeZqUD%2BFAjw HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=c7a1d0e5-80fa-4586-b2d3-eb75e8c3d0d8&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fx6HQ5YD6RYay0-t16MPQ2A%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D0%2526exu%253DD6YpWSpK7WcfeZqUD%25252BFAjw%26sign%3D632206556 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/x6HQ5YD6RYay0-t16MPQ2A?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DD6YpWSpK7WcfeZqUD%252BFAjw&sign=632206556
Request Chain 749
  • https://gcdn.2mdn.net/videoplayback/id/6b887c4ae109b12a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669443010/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/79EFF3316D1DE27AC862D6F5D77E3A557524F35A.67927FE5B37CFED9310966D75FECDE80CEA98CB9/key/ck2/file/file.mp4?cpn=pAJGAx4yOodAnOX7 HTTP 302
  • https://r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/6b887c4ae109b12a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669443010/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/285567BBC278C92AC81CBCB6957634ED02D8A563.48E9BF645A5800C590C7DDF547F7A5C663CCFDB2/key/cms1/cms_redirect/yes/mh/Oq/mip/2001:ac8:21:23:2d9::1/mm/42/mn/sn-aigzrn7z/ms/onc/mt/1637906682/mv/m/mvi/2/pl/48?cpn=pAJGAx4yOodAnOX7&file=file.mp4
Request Chain 810
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMT9YjYm-awCLLJSiT8xlT8&google_cver=1
Request Chain 812
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEMF_qxa_AwXtT2QBUBsYw8g&google_cver=1
Request Chain 821
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB1n739qgJHGK15kgNjNcgY&google_cver=1&google_push=AYg5qPIGhTvNPJOCwI2wdxfRWjxMGCO7LPnJ2BlRGtkESRRrNX3f0UA5TZ10FoTqb6FxkePdDSXixbhUkKoJLhoubXj4ACp0-xx8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIGhTvNPJOCwI2wdxfRWjxMGCO7LPnJ2BlRGtkESRRrNX3f0UA5TZ10FoTqb6FxkePdDSXixbhUkKoJLhoubXj4ACp0-xx8
Request Chain 822
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEO5QzLRMgJlfjLyPGWlD_p8&google_cver=1&google_push=AYg5qPKGpTAw9qJtJzW7pI2GTrSzIG_taYCjTeZKfHNtNGlPzzMdlPCQMR7WvwFAyL0MbK3PwuB2ysjfRWeTLHT5PL8uZ-p4rtUKYg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKGpTAw9qJtJzW7pI2GTrSzIG_taYCjTeZKfHNtNGlPzzMdlPCQMR7WvwFAyL0MbK3PwuB2ysjfRWeTLHT5PL8uZ-p4rtUKYg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO5QzLRMgJlfjLyPGWlD_p8&google_cver=1&google_push=AYg5qPKGpTAw9qJtJzW7pI2GTrSzIG_taYCjTeZKfHNtNGlPzzMdlPCQMR7WvwFAyL0MbK3PwuB2ysjfRWeTLHT5PL8uZ-p4rtUKYg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKGpTAw9qJtJzW7pI2GTrSzIG_taYCjTeZKfHNtNGlPzzMdlPCQMR7WvwFAyL0MbK3PwuB2ysjfRWeTLHT5PL8uZ-p4rtUKYg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 823
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEL2m8otl-3P50O8OeGjmqws&google_cver=1&google_push=AYg5qPJxt6pxO2jChtFpt_XYkaQpU99tOknbK0Z0EPOF9rHwP5mywsk5Ofxbod6QlcSciS6wTbO4EIuCfsvgdR_LT9dmcO4uS1y2hg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNDc1NzA1MDQ0MDM0OTg0OA%3D%3D&google_push=AYg5qPJxt6pxO2jChtFpt_XYkaQpU99tOknbK0Z0EPOF9rHwP5mywsk5Ofxbod6QlcSciS6wTbO4EIuCfsvgdR_LT9dmcO4uS1y2hg
Request Chain 825
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIP6BEBXkkw3gUeLr7BqcMA&google_cver=1&google_push=AYg5qPJDsW29VCRQEvVNpCAMGe064t6JiLnr15lbL1PuSnky5wnO-jIsFTvhAHzvJDMtPo421yGpocwRjwbhGXnMYf7x9p2xDHScVw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dGWkpORUstMS1EVlVE&google_push=AYg5qPJDsW29VCRQEvVNpCAMGe064t6JiLnr15lbL1PuSnky5wnO-jIsFTvhAHzvJDMtPo421yGpocwRjwbhGXnMYf7x9p2xDHScVw
Request Chain 826
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE2tkwGGU7ObPVV5-bv2MMo&google_cver=1&google_push=AYg5qPKJ351xrh-c348kh9V2WVVwaqy7pERvy2g6awI4ADtn64htZIImZZkJ5l41ZgR6wM6XjvrTLLNCjMMIHFvysORWuq2btU4x HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b8675657-4c03-447d-98e4-aa17a0469e85-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKJ351xrh-c348kh9V2WVVwaqy7pERvy2g6awI4ADtn64htZIImZZkJ5l41ZgR6wM6XjvrTLLNCjMMIHFvysORWuq2btU4x%26google_hm%3DA7hnVldMA0R9mOSqF6BGnoU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKJ351xrh-c348kh9V2WVVwaqy7pERvy2g6awI4ADtn64htZIImZZkJ5l41ZgR6wM6XjvrTLLNCjMMIHFvysORWuq2btU4x&google_hm=A7hnVldMA0R9mOSqF6BGnoU

818 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
rg.ru/2021/11/25/ 		237 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.190.37.226 , Russian Federation, ASN64409 (TELESTAR, RU),
Reverse DNS
sport.rg.ru
Software
nginx /
Resource Hash
28b1ecd782783d2b7167933b3cfc16ccdad2efabafaab59fd7370c47e81f17a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Fri, 26 Nov 2021 06:10:03 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
access-control-allow-credentials
true
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding
gzip
firebase-app.js
www.gstatic.com/firebasejs/5.5.4/ 		34 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.4/firebase-app.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9061f372e65347081ccc226f73a3c961fdf266629e5f4490cea8fa4fb8637582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 21:25:26 GMT
x-content-type-options
nosniff
age
290677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34844
x-xss-protection
0
last-modified
Thu, 11 Oct 2018 22:40:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="firebase-js"
expires
Tue, 22 Nov 2022 21:25:26 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.4/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.4/firebase-messaging.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 03:23:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10045
x-xss-protection
0
last-modified
Thu, 11 Oct 2018 22:40:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="firebase-js"
expires
Thu, 24 Nov 2022 03:23:21 GMT
css
fonts.googleapis.com/ 		9 KB
950 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba21fbb46af1680aa5753e8bb57d998f3b3a450b89b1497307a3852a82c3e01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 06:10:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 06:10:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 06:10:03 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0fa17907e1c98d916e515dcaa207c77aab5846ad2b9417fdb95ff721fb00dbd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 06:05:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 06:10:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 06:10:03 GMT
lib.css
cdnimg.rg.ru/res/styles/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/styles/lib.css?802353a9aa3c
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
7adee2bef3d5d2fd7ea4af71b6a81df494c0a61cd3a920b572df22d04c427128

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Thu, 21 Dec 2017 09:30:50 GMT
server
nginx
etag
W/"5a3b7f4a-106df"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
expires
Sat, 09 Apr 2022 14:10:38 GMT
1.11.3_jquery.min.js
cdnimg.rg.ru/res/scripts/vendors/jquery/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 15:00:05 GMT
server
nginx
etag
W/"61435bf5-176f8"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Fri, 16 Sep 2022 15:00:10 GMT
header-bidding.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/header-bidding.js
  • https://yandex.ru/ads/system/header-bidding.js
166 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
50423be0fdb7c8bcbb86b9a82e8f0cef0955c550dd9901f63af80262eb397b76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag
2048937979
x-yandex-req-id
1637907004100769-17985762036395136971-man1-4525-man-l7-balancer-8080-BAL-7496
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 26 Nov 2021 07:10:04 GMT

Redirect headers

date
Fri, 26 Nov 2021 06:10:03 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
location
https://yandex.ru/ads/system/header-bidding.js
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
content-length
0
publishertag.js
cdn.rutarget.ru/static/publishertag/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rutarget.ru/static/publishertag/publishertag.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.141.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz-s-fr60.rutarget.ru
Software
nginx /
Resource Hash
bbb2bfc125999f8bc8fa4b38d2aceebec032d94f1021769d0bb339621979f31a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Fri, 26 Jul 2019 11:52:27 GMT
server
nginx
etag
W/"5d3ae97b-f77"
access-control-allow-methods
OPTIONS
content-type
application/x-javascript
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
context.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://yandex.ru/ads/system/context.js
303 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
4f224927fbdfc9c0703d628bf79842d60e91ec66c9a3f4291704b70ec964ec5f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag
2718461962
x-yandex-req-id
1637907004163521-8682402737668525087-man0-8384-1a5-man-l7-balancer-8080-BAL-5215
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 26 Nov 2021 07:10:04 GMT

Redirect headers

date
Fri, 26 Nov 2021 06:10:03 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
location
https://yandex.ru/ads/system/context.js
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
content-length
0
lib.js
cdnimg.rg.ru/res/scripts/ 		667 KB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/lib.js?1ec59e9e4374
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
5cafbcb1e043b6a9425bdaf283a64a6ecec632424e9258e6fa72788e40714a7c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 10:17:52 GMT
server
nginx
etag
W/"607029d0-a6a63"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Sat, 09 Apr 2022 14:10:46 GMT
global.js
cdnimg.rg.ru/res/scripts/ 		342 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/global.js?3b3d89d2c912
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
af60a09556b9e71cf5cc0770144436fc1b68fa23da3709d766bb36b57d0ff92d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 11:36:30 GMT
server
nginx
etag
W/"6182743e-55702"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Thu, 03 Nov 2022 11:37:02 GMT
global.js
cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/global.js?ad0797be7e0f
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
b093eca41085ec21a15f7151356b7356f71c5f893ac9b46e8015581143c0e36e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Mon, 23 Mar 2020 14:46:11 GMT
server
nginx
etag
W/"5e78cbb3-15bb"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Sat, 09 Apr 2022 14:12:16 GMT
2215_t_100x67.png
cdnimg.rg.ru/img/content/221/63/73/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnimg.rg.ru/img/content/221/63/73/2215_t_100x67.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf9943b3977b82cf600a6f65fa5d70980f7c2d23f44131bdb3d46aa77c342763

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Thu, 25 Nov 2021 12:06:47 GMT
server
nginx
etag
W/"619f7c57-3522"
x-ngenix-cache
HIT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
image/png
expires
Fri, 25 Nov 2022 12:22:58 GMT
2215_d_850.png
cdnimg.rg.ru/img/content/221/63/73/ 		1021 KB
1022 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnimg.rg.ru/img/content/221/63/73/2215_d_850.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
855d4fa8ec1f110f2023edb51eb9c5d4c0038c3aa426fc3812bf2ae9cc1d9ed0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Thu, 25 Nov 2021 12:06:54 GMT
server
nginx
etag
W/"619f7c5e-ff21f"
x-ngenix-cache
HIT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
image/png
expires
Fri, 25 Nov 2022 12:22:57 GMT
yandex-zen-widget.js
cdnimg.rg.ru/res/scripts/ 		570 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/yandex-zen-widget.js?a0203e2d96f5
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
bcfd5d5aace781ae593dfcaf873d1579fbb8aed914585c9aef7356dc97d66645

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
last-modified
Thu, 26 Mar 2020 09:21:32 GMT
server
nginx
etag
"5e7c741c-23a"
x-ngenix-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript
content-length
570
expires
Sat, 09 Apr 2022 14:10:46 GMT
logo-to-footer.png
cdnimg.rg.ru/res/images/custom/projects/rgdigital/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnimg.rg.ru/res/images/custom/projects/rgdigital/logo-to-footer.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
8d7cfdaf66eda543cf5bf782ab6d7948addc68be67302b29f26b4140d7fe44b0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 09:36:46 GMT
server
nginx
etag
W/"5bdc1aae-1121"
x-ngenix-cache
HIT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
access-control-allow-credentials
true
content-type
image/png
expires
Fri, 26 Nov 2021 06:33:40 GMT
noto.woff.min.css
rg.ru/res/fonts/rg/ 		501 KB
379 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rg.ru/res/fonts/rg/noto.woff.min.css
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.190.37.226 , Russian Federation, ASN64409 (TELESTAR, RU),
Reverse DNS
sport.rg.ru
Software
nginx /
Resource Hash
6278f4711d008b11899f4240e23c61abbacd4957d938309d686917d43e4c0cf4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2016 12:19:10 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
access-control-allow-credentials
true
expires
Sat, 26 Nov 2022 06:10:03 GMT
material.js
cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/material.js?93f1197e2260
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
bfa163fa09b200dd716a31c1e08c15174d921ae1052001d465c4fb2760c39bf8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 07:34:45 GMT
server
nginx
etag
W/"6110da95-1b901"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Tue, 09 Aug 2022 07:38:27 GMT
article.css
cdnimg.rg.ru/res/styles/custom/projects/rgdigital/ 		120 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/styles/custom/projects/rgdigital/article.css?c74af337fd7f
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
e159793d0995ec33447cd89926dc1d44b9e8fb080cf3a6e114b9ff89f7fe6820

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 10:41:25 GMT
server
nginx
etag
W/"61486555-1e000"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
expires
Tue, 20 Sep 2022 11:06:45 GMT
relap.js
relap.io/v7/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/relap.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
28136aa193424d3e563327e7f8ee30cc0bcd5f08a413c080bda978dcecd679bb
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
last-modified
Thu, 25 Nov 2021 14:43:02 GMT
server
nginx
etag
"619fa0f6-11f7"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=60
content-length
4599
expires
Fri, 26 Nov 2021 06:11:04 GMT
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js?_=1637907003206
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
296725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-ad3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbqawBJExWOFeXxVmn39eq%2FTi1zMl3K%2B0k%2Bz0Anih3q%2FDqbPL9jBcMScQgXiwt2%2Fd%2BXuD8u8ANwgx4cFbAiJxkKP4cGCDnVbS%2BNmj0e4BpeBY7s8OTX32eKQ%2BMVdVJUNFUbk7CNrc5qQFA2bgPBpSUg8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b40f396afb959e9-MXP
expires
Wed, 16 Nov 2022 06:10:03 GMT
b-news-inner.html
cdnimg.rg.ru/res/templates/ 		2 KB
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/templates/b-news-inner.html
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
7e0ce8e821f7865d4f65debe643e8021f634367f48b9d3fb9bc7d83bdcea0db2

Request headers

Accept
*/*
Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Thu, 21 Nov 2019 09:32:28 GMT
server
nginx
etag
W/"5dd659ac-6fd"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://rg.ru
cache-control
max-age=3600
access-control-allow-credentials
true
content-type
text/html
expires
Fri, 26 Nov 2021 06:56:06 GMT
getCodeTest
ads.adfox.ru/5906/
Redirect Chain
  • https://ads.adfox.ru/5906/getCode?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=3952818883&ptrc=b
  • https://ads.adfox.ru/5906/getCodeTest?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=3952818883&ptrc=b
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/getCodeTest?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=3952818883&ptrc=b
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
timing-allow-origin
*

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
location
/5906/getCodeTest?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=3952818883&ptrc=b
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
expires
Mon, 04 Dec 1999 21:29:02 GMT
getCodeTest
ads.adfox.ru/5906/
Redirect Chain
  • https://ads.adfox.ru/5906/getCode?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=3952818883
  • https://ads.adfox.ru/5906/getCodeTest?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=3952818883
880 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/getCodeTest?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=3952818883
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
location
/5906/getCodeTest?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=3952818883
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
expires
Mon, 04 Dec 1999 21:29:02 GMT
getCodeTest
ads.adfox.ru/5906/
Redirect Chain
  • https://ads.adfox.ru/5906/getCode?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=3952818883&ptrc=b
  • https://ads.adfox.ru/5906/getCodeTest?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=3952818883&ptrc=b
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/getCodeTest?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=3952818883&ptrc=b
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
timing-allow-origin
*

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:03 GMT
x-content-type-options
nosniff
location
/5906/getCodeTest?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=3952818883&ptrc=b
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
expires
Mon, 04 Dec 1999 21:29:02 GMT
rgdigital_logo_x2.png
cdnimg.rg.ru/res/images/custom/projects/rgdigital/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnimg.rg.ru/res/images/custom/projects/rgdigital/rgdigital_logo_x2.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
2bf767ddbfabd1c25f0abcf9f4416cab55034e773d37d274fb6eba0505cf009c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:03 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 09:36:46 GMT
server
nginx
etag
W/"5bdc1aae-1dac"
x-ngenix-cache
HIT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
access-control-allow-credentials
true
content-type
image/png
expires
Fri, 26 Nov 2021 06:33:10 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 23:27:36 GMT
x-content-type-options
nosniff
age
196947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:43:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 23:27:36 GMT
ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v16/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f9ab9c8edd798835473b909862ab62d984d6c6e8a939665842124bf86d2a28d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 10:57:57 GMT
x-content-type-options
nosniff
age
241926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 10:57:57 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 20:26:37 GMT
x-content-type-options
nosniff
age
121406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:44:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 20:26:37 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v16/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 20:11:11 GMT
x-content-type-options
nosniff
age
122332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27412
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 20:11:11 GMT
o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
fonts.gstatic.com/s/notosans/v21/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc06e0839b8c3e8054a4daaba2fa9ed5a4d0d509a3ffbe3799cc749f7bc4720c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 11:08:01 GMT
x-content-type-options
nosniff
age
241322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10812
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:43:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 11:08:01 GMT
ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v16/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 23:27:38 GMT
x-content-type-options
nosniff
age
196945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24036
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 23:27:38 GMT
o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
fonts.gstatic.com/s/notosans/v21/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:34:27 GMT
x-content-type-options
nosniff
age
174936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10504
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:44:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 05:34:27 GMT
ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
fonts.gstatic.com/s/notoserif/v16/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17cca1ca98461fed6c8f14c2ea54c8291ede3a8962df8ce7a3450c255ba32126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 11:17:22 GMT
x-content-type-options
nosniff
age
240761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18328
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 11:17:22 GMT
o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
fonts.gstatic.com/s/notosans/v21/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0042d508c0caeb7dc0fe620937e0edd5ec719587315f3cfe76d020341d2a9cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:42:48 GMT
x-content-type-options
nosniff
age
174435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15312
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:43:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 05:42:48 GMT
/
front.rg.ru/geo/ 		27 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://front.rg.ru/geo/
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.190.23.28 , Russian Federation, ASN64409 (TELESTAR, RU),
Reverse DNS
front.rg.ru
Software
nginx / PHP/5.6.23-1+deprecated+dontuse+deb.sury.org~trusty+1
Resource Hash
cb3454f90458ee2f2abe7da33680bbffa9869baf7a6e6e39783947fb5db31b16

Request headers

Accept
*/*
Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
X-Powered-By
PHP/5.6.23-1+deprecated+dontuse+deb.sury.org~trusty+1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, PATCH, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
max-age=86400, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
origin, content-type, accept
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4136
date
Fri, 26 Nov 2021 05:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 26 Nov 2021 07:01:07 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7039329-20&cid=370508847.1637907004&jid=2061500646&gjid=92578828&_gid=2046267680.1637907004&_u=YGBAgAABAAAAAE~&z=2009027601
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 26 Nov 2021 06:10:04 GMT
content-type
text/plain
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2055337514&t=pageview&_s=1&dl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ul=en-us&de=UTF-8&dt=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=2061500646&gjid=92578828&cid=370508847.1637907004&tid=UA-7039329-20&_gid=2046267680.1637907004&cd5=Ivan-Chernousov&z=59382497
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Nov 2021 16:44:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48328
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-20&cid=370508847.1637907004&jid=2061500646&_u=YGBAgAABAAAAAE~&z=601364643
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-20&cid=370508847.1637907004&jid=2061500646&_u=YGBAgAABAAAAAE~&z=601364643
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
relap.js
relap.io/v7/ Frame 0A4E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/relap.js
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
28136aa193424d3e563327e7f8ee30cc0bcd5f08a413c080bda978dcecd679bb
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
last-modified
Thu, 25 Nov 2021 14:43:02 GMT
server
nginx
etag
"619fa0f6-11f7"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=60
content-length
4599
expires
Fri, 26 Nov 2021 06:11:04 GMT
getcookie
matchid.adfox.yandex.ru/ 		87 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ee2e167f91d27769c2aa549ed9efff18d28eae96a7eef2601aca17c9c53f5cd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
87
x-content-type-options
nosniff
content-type
application/json
4e51507e3b3fc8f9151b.js
yastatic.net/partner-code-bundles/49422/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/4e51507e3b3fc8f9151b.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d9c9b9f80c7fbdcc2ef6abe5d2182e9891d6f273830b00a744d05552a21b896f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4454
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"4e5871d7ef3811951d665e56ae812382"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 12:41:33 GMT
df68bffbff5ae367a9a6.js
yastatic.net/partner-code-bundles/49422/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/df68bffbff5ae367a9a6.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
42f778eacf147663de14a5a700f83fef31c1dbdf56001b1f71478145c9391369
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17116
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"2ed5bd1577fc37a67ec058623af0437f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 12:41:38 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 12:44:13 GMT
394f92cef988f11256c8.js
yastatic.net/partner-code-bundles/49422/ 		639 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/394f92cef988f11256c8.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
93c047f6bcfb7f7e8173521abe23a3f2ef3e31424ef5e4d27bef44cf5297d72c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
131576
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"4411cc5ea4047a827feebd9b94c0f945"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 12:41:34 GMT
widget-loader
zen.yandex.ru/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://zen.yandex.ru/widget-loader
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/yandex-zen-widget.js?a0203e2d96f5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::211 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
photoreport-component.js
cdnimg.rg.ru/res/scripts/components/ 		161 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/components/photoreport-component.js?v=8
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/material.js?93f1197e2260
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
e25de9aa65b33a5ff0b079694d5de44784e77ac4d1967ebf0fed6c5ce04bbcd2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Mon, 06 Jul 2020 15:30:59 GMT
server
nginx
etag
W/"5f0343b3-285ef"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Sat, 09 Apr 2022 14:10:45 GMT
sspmatch-js
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=6838283708
  • https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=6838283708&crf=1
882 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=6838283708&crf=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
17b96d67dbd77d0fa20d6f83b56d8ad6e3cdd45f5a14d8c755e9a3a83f6a8e8f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
882
content-type
text/javascript

Redirect headers

location
/sspmatch-js?p=43097&randsalt=6838283708&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
tm.js
static.1dmp.io/ 		0
0
sprinkle.js
widgets.sprinklecontent.com/v2/ 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.sprinklecontent.com/v2/sprinkle.js
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/global.js?3b3d89d2c912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-32.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
365069116bc27694af2acc83cab0226a89f97517038d52752873155dabeef5d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:05:07 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 09:44:39 GMT
server
AmazonS3
age
298
etag
W/"70d0f8bb33a284e2061c511acd27c56f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control
public, max-age=1800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
XbU4XLpAkka7tNnKUp4oHmyhNgRk7Lov9GpT3hNnVmy2Ih3NOEuuJw==
rg.ru.1140036.js
jsc.lentainform.com/r/g/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.lentainform.com/r/g/rg.ru.1140036.js
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/material.js?93f1197e2260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b5320c7ee495ef362d6eec85659531382dd2b993fa5154d12bfec51a6296e9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
cf-cache-status
HIT
age
5550
last-modified
Thu, 25 Nov 2021 11:22:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
617QHAR64FDGXBXK
x-amz-id-2
yk7YxJZw32jFeWfOI1Hxa82dkUDA/6QrhYSgju10MLzpOXWkht3nAoWLJIXBdg8L12ze4XKckTs=
cf-bgj
minify
server
cloudflare
etag
W/"dee24a8d57fcfd5bd9fb9a5d7f85bd2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6b40f39a2d1b3607-MAN
expires
Fri, 26 Nov 2021 09:10:04 GMT
98332.js
smi2.ru/data/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smi2.ru/data/js/98332.js
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/material.js?93f1197e2260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.162.95.86 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
ads5-1.smir11.imcmdb.net
Software
nginx /
Resource Hash
b0017a15904e3a25bb4c70e7e335cb8f0f8e0a5e038f80050ad815836e0f11b4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Content-Encoding
gzip
Last-Modified
Friday, 26-Nov-2021 06:10:04 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
close
analytics.js
www.google-analytics.com/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js?_=1637907003207
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
date
Fri, 26 Nov 2021 06:10:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17857
expires
Fri, 26 Nov 2021 08:10:04 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2055337514&t=pageview&_s=1&dl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ul=en-us&de=UTF-8&dt=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAAABAAAAAG~&jid=782289479&gjid=609807008&cid=370508847.1637907004&tid=UA-7039329-20&_gid=2046267680.1637907004&_r=1&_slc=1&z=744307222
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7039329-2&cid=370508847.1637907004&jid=1548844979&gjid=109495502&_gid=2046267680.1637907004&_u=aGDAgAABAAAAAG~&z=1022068684
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 26 Nov 2021 06:10:04 GMT
content-type
text/plain
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2055337514&t=pageview&_s=1&dl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ul=en-us&de=UTF-8&dt=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAAABAAAAAG~&jid=1367722913&gjid=98336211&cid=370508847.1637907004&tid=UA-7039329-43&_gid=2046267680.1637907004&_r=1&_slc=1&cd2=tema-digital%2Finternet%2C%20tema-ekonomika%2Fbusiness&cd4=project-rgdigital&cd6=Ivan-Chernousov&cd7=sujet-4040&cd9=2094&z=2087666113
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2055337514&t=pageview&_s=1&dl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ul=en-us&de=UTF-8&dt=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAABAAAAAG~&jid=1548844979&gjid=109495502&cid=370508847.1637907004&tid=UA-7039329-2&_gid=2046267680.1637907004&cd2=tema-digital%2Finternet%2C%20tema-ekonomika%2Fbusiness&cd4=project-rgdigital&cd6=Ivan-Chernousov&cd7=sujet-4040&cd9=2094&cd8=desktop&z=1925286934
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Nov 2021 21:15:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
code.js
top-fwz1.mail.ru/js/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/global.js?3b3d89d2c912
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Thu, 15 Jul 2021 18:35:46 GMT
server
nginx
etag
W/"60f08002-64db"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Fri, 26 Nov 2021 07:10:04 GMT
tag.js
mc.yandex.ru/metrika/ 		189 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/global.js?3b3d89d2c912
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
66f5ad12b678679a1b9ea08d55d40e65640bbedf632bfb8299780d77ad18598a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-1019b"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65947
expires
Fri, 26 Nov 2021 07:10:04 GMT
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=11659;t=409;l=1
  • https://top-fwz1.mail.ru/counter2?id=11659;t=409;l=1
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=11659;t=409;l=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
5ce50030d5f36790254a4ec5325ce051848fa702c563e28899027e517e8438ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
1515
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
location
https://top-fwz1.mail.ru/counter2?id=11659;t=409;l=1
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043E%...
  • https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043...
275 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043E%20%u0430%u0442%u0430%u043A%20%u043D%u0430%20%u0431%u0438%u0437%u043D%u0435%u0441%20%u0441%20%u043F%u043E%u043C%u043E%u0449%u044C%u044E%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C-%u0432%u044B%u043C%u043E%u0433%u0430%u0442%u0435%u043B%u0435%u0439%20%u0432%u044B%u0440%u043E%u0441%u043B%u043E%20%u0432%u0442%u0440%u043E%u0435%20%u2014%20%u0420%u043E%u0441%u0441%u0438%u0439%u0441%u043A%u0430%u044F%20%u0433;0.8662617088435476
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
699e2b32f73c89ae3245e97c97aa96bba425f756e946b2015507c78510fa0665
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
275
Expires
Wed, 25 Nov 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043E%20%u0430%u0442%u0430%u043A%20%u043D%u0430%20%u0431%u0438%u0437%u043D%u0435%u0441%20%u0441%20%u043F%u043E%u043C%u043E%u0449%u044C%u044E%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C-%u0432%u044B%u043C%u043E%u0433%u0430%u0442%u0435%u043B%u0435%u0439%20%u0432%u044B%u0440%u043E%u0441%u043B%u043E%20%u0432%u0442%u0440%u043E%u0435%20%u2014%20%u0420%u043E%u0441%u0441%u0438%u0439%u0441%u043A%u0430%u044F%20%u0433;0.8662617088435476
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 25 Nov 2020 21:00:00 GMT
hit;RGINTERNET
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;RGINTERNET?r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9358503832210456
  • https://counter.yadro.ru/hit;RGINTERNET?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9358503832210456
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;RGINTERNET?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9358503832210456
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 25 Nov 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;RGINTERNET?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9358503832210456
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 25 Nov 2020 21:00:00 GMT
hit;RGRU
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;RGRU?r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.25765960833328605
  • https://counter.yadro.ru/hit;RGRU?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.25765960833328605
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;RGRU?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.25765960833328605
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 25 Nov 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;RGRU?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.25765960833328605
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 25 Nov 2020 21:00:00 GMT
/
www.tns-counter.ru/V13b***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
Redirect Chain
  • https://www.tns-counter.ru/V13a***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
  • https://www.tns-counter.ru/V13b***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.14/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.14/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
server
ms-counter-3.2.14/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		171 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A03.985%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1656009232&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A288.1875%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A667%2C%22top%22%3A78%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=288.1875&availableHeight=0&pp=kjx&screenType=desktopFull&p2=fjgg&ps=cgiu&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e81023cb3137de9f13fb10f1fc27523d0fbaf12b21b7f2db4ebf37a596f21cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907004704373-936606777706563791800273-production-app-host-vla-pcode-154
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:04 GMT
publishertag.js
static.criteo.net/js/ld/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:13 GMT
server
nginx
etag
W/"618cb9a1-1d4ec"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 27 Nov 2021 06:10:04 GMT
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ 		11 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
11301
content-length
31
expires
-1
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
yhb
yhb.p.otm-r.com/ 		11 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.9.22 Ballenstedt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.9.251.148.clients.your-server.de
Software
nginx/1.17.2 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
server
nginx/1.17.2
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adjson
ads.betweendigital.com/ 		11 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
10402
content-length
31
expires
-1
v2
an.yandex.ru/adfox/5906/getBulk/ 		170 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.009%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=634003492&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685738517&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A0%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A430%2C%22top%22%3A604%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=0&pp=bqrp&ps=cgiu&p2=fjgg&slotNumber=4&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
2ced3122d79655bf0d60bd5a2b84a7ad9772737ef3cc367c838ff61dfde6e06b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907004791050-360809399004457784100274-production-app-host-vla-pcode-203
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:04 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.013%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3312708236&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A0%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A430%2C%22top%22%3A1098%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=0&pp=bimv&ps=cgiu&screenType=mobile%20desktop%20desktopFull&p2=fjgg&slotNumber=5&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
add19a7278a49ece665979ffa5510bb4902b99e15f6130570796ab5e16016b12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907004797559-1464708868581973856500240-production-app-host-sas-pcode-304
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:04 GMT
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
yhb
yhb.p.otm-r.com/ 		11 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.9.22 Ballenstedt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.9.251.148.clients.your-server.de
Software
nginx/1.17.2 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
server
nginx/1.17.2
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adjson
ads.betweendigital.com/ 		11 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
12001
content-length
31
expires
-1
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ 		11 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
10502
content-length
31
expires
-1
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
adjson
ads.betweendigital.com/ 		11 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
yhb
yhb.p.otm-r.com/ 		11 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.9.22 Ballenstedt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.9.251.148.clients.your-server.de
Software
nginx/1.17.2 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
server
nginx/1.17.2
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adjson
ads.betweendigital.com/ 		11 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
10902
content-length
31
expires
-1
v2
an.yandex.ru/adfox/5906/getBulk/ 		171 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.026%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1912397408&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1120%2C%22top%22%3A826%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=0&pp=ijp&p2=fkqy&screenType=desktop%20desktopFull&ps=cgiu&slotNumber=13&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
248110270bdff27930d92c3947525114f7e690150242fac2e955a5304a059ed2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907004792653-14814860014879711600273-production-app-host-man-pcode-95
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:04 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.030%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3352740916&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1120%2C%22top%22%3A826%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=0&pp=ijq&p2=fkqy&screenType=desktop%20desktopFull&ps=cgiu&slotNumber=14&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
9af93a284e8e0277c164297cae960fba85af4e34f4d98ce7c4001886a31e6351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907004801341-601161298771618935400243-production-app-host-man-pcode-123
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:04 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		168 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.034%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=6269934&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1120%2C%22top%22%3A826%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A5%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=0&pp=ijr&p2=fkqy&screenType=desktop%20desktopFull&ps=cgiu&slotNumber=15&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
535524c55391dda20a27f50944978ec4306ee8666bf5e997a554b67af6a6a113
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907004760235-663615854609257736500275-production-app-host-vla-pcode-30
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:04 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.038%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=2317917098&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1120%2C%22top%22%3A826%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A6%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=0&pp=ijz&p2=fkqy&screenType=desktop%20desktopFull&ps=cgiu&slotNumber=16&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
823df63b722983994088d6b84cbae95a8c3b7d0c99182c072653ed5348c6350d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907004740558-1143719311119318762200243-production-app-host-vla-pcode-9
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:04 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		171 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.042%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3003678577&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1120%2C%22top%22%3A826%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A7%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=0&pp=ika&p2=fkqy&screenType=desktop%20desktopFull&ps=cgiu&slotNumber=17&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
65a30a3960fa6e35f0c5ddea3691b3737f0eff4433166971fd0448b0de639887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907004750149-1376698381075768563300240-production-app-host-sas-pcode-181
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:04 GMT
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
yhb
yhb.p.otm-r.com/ 		11 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.9.22 Ballenstedt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.9.251.148.clients.your-server.de
Software
nginx/1.17.2 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
server
nginx/1.17.2
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adjson
ads.betweendigital.com/ 		11 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
11302
content-length
31
expires
-1
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ 		11 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
11601
content-length
31
expires
-1
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ 		11 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
11001
content-length
31
expires
-1
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.053%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3805180645&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1240%2C%22h%22%3A0%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A180%2C%22top%22%3A3248%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A8%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=1240&availableHeight=0&pp=ikr&screenType=tablet%20tabletLandscape%20desktop%20desktopFull&p2=fjgg&ps=cgiu&slotNumber=21&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6269438a7b3bf142f2126a5a9512b81167d495e7d654a5a386eae9d1c8a50830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907004746575-743429741372860447400275-production-app-host-man-pcode-17
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:04 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.057%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3232583045&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685738517&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1240%2C%22h%22%3A0%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A180%2C%22top%22%3A3248%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A9%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=1240&availableHeight=0&pp=vsm&p2=fjgg&ps=cgiu&slotNumber=22&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8c7b82324fd79ec22d7666b0f2f93b8553125fc17d5885f220a1dfab817aac05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907004783474-324117503556758740900244-production-app-host-sas-pcode-72
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:04 GMT
adfox
exchange.buzzoola.com/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/ssp/adfox
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
11 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
168.119.8.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.212.8.119.168.clients.your-server.de
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
server
nginx
serverid
TODO
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://rg.ru
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
11

Redirect headers

date
Fri, 26 Nov 2021 06:10:04 GMT
server
nginx
access-control-allow-origin
https://rg.ru
etag
W/"34c574765bf2094e08c65ca80ccfc0edfb63da5155e54e4e768f0b2754be9456"
serverid
TODO
location
/ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
0
adjson
ads.betweendigital.com/ 		11 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
yhb
yhb.p.otm-r.com/ 		11 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.9.22 Ballenstedt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.9.251.148.clients.your-server.de
Software
nginx/1.17.2 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
server
nginx/1.17.2
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
11102
content-length
31
expires
-1
app_index.2f6ac421e88b6ba64f98.js
relap.io/v7/ Frame 0A4E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/app_index.2f6ac421e88b6ba64f98.js
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
9009e7ab169a443db49c625bb9888a8c422546b2a71fa75962d10bf248d155e1
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
last-modified
Thu, 25 Nov 2021 14:43:02 GMT
server
nginx
etag
"619fa0f6-1fcd"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
8141
expires
Sun, 26 Dec 2021 06:10:04 GMT
init
relap.io/api/v7/ Frame 0A4E 		97 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/init?token=pNykDooO6qdayklM&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
cf276a61f2d823c333ac93fe53be7a63f6db731eeab62358d61e7c180b6b9786
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
x-relap-cookie
rlprp=eZJFUg:SFTu2g
cache-control
max-age=1, no-cache
x-server
web01
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
ext_cfgs
relap.io/api/v7/ Frame 0A4E 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/ext_cfgs?token=pNykDooO6qdayklM&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
08c708c8c10055875df8a95bfa487326945b3444a1af798b7703b46a3c39f570
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
max-age=1, no-cache
x-server
back12
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
2216373
front.rg.ru/comments/list/ 		31 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://front.rg.ru/comments/list/2216373
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.190.23.28 , Russian Federation, ASN64409 (TELESTAR, RU),
Reverse DNS
front.rg.ru
Software
nginx / PHP/5.6.23-1+deprecated+dontuse+deb.sury.org~trusty+1
Resource Hash
96a44a9d7d9ffd05d1fb1de1994d4769fad6bed09b641097447dec156305fd49

Request headers

Accept
*/*
Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:04 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.23-1+deprecated+dontuse+deb.sury.org~trusty+1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, PATCH, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
origin, content-type, accept
expires
-1
init
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/init?token=pNykDooO6qdayklM&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
date
Fri, 26 Nov 2021 06:10:04 GMT
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-origin
https://rg.ru
x-content-type-options
nosniff
access-control-max-age
1728000
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server
back21
strict-transport-security
max-age=5184000; includeSubdomains;
ext_cfgs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/ext_cfgs?token=pNykDooO6qdayklM&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
x-server
back09
access-control-allow-origin
https://rg.ru
access-control-allow-credentials
true
access-control-max-age
1728000
date
Fri, 26 Nov 2021 06:10:04 GMT
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
vary
Origin
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
b-partners.html
cdnimg.rg.ru/res/templates/ 		616 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/templates/b-partners.html
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.41.109.15 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
6b4425b521fda664af1b90d0aa7223670c33a653bebeef1981617bff727110bc

Request headers

Accept
*/*
Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
last-modified
Fri, 20 Jan 2017 11:38:53 GMT
server
nginx
etag
"5881f6cd-268"
x-ngenix-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://rg.ru
cache-control
max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
content-type
text/html
content-length
616
expires
Fri, 26 Nov 2021 06:56:07 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7039329-20&cid=370508847.1637907004&jid=782289479&gjid=609807008&_gid=2046267680.1637907004&_u=aGDAAAABAAAAAG~&z=1000102498
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 26 Nov 2021 06:10:04 GMT
content-type
text/plain
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-2&cid=370508847.1637907004&jid=1548844979&_u=aGDAgAABAAAAAG~&z=1036430607
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-2&cid=370508847.1637907004&jid=1548844979&_u=aGDAgAABAAAAAG~&z=1036430607
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rg.ru.1140036.es6.js
jsc.lentainform.com/r/g/ 		246 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63bb61d126715cdabe020cf5c4831788a1eba333985b55a72c68bed3be8057c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
cf-cache-status
HIT
age
6641
last-modified
Thu, 25 Nov 2021 11:22:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
PWAJXV0GFB41H34A
x-amz-id-2
uokc6tXFpF9WQaL3EmRJhM/0n8RwaCA5Kx5DVCTr8Yjr1Z4mrV5IMfchHCZfSP3Fmyl3O0hlPDg=
cf-bgj
minify
server
cloudflare
etag
W/"187b81f28bf3abd9c093d5be4f02378c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6b40f39b1f58188f-MAN
expires
Fri, 26 Nov 2021 09:10:04 GMT
hb
ads.adfox.ru/ 		206 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
558d5e336c2f88720f789156903043cc4f620d3bae21da7675fbd5deaca3ead0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		206 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
908e2e45f6fb0f0435b8cc5500f819fdb19b72d242e455da0e0797b7e49e767f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		203 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
f7175332826ca375adc125ae4d8fb2cffd336d1acb99bb790549c8dde9b76273
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		203 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
7a82a77b5c4272c2d8aeb7207cf8a7c02fd38eac2ecdcb968459d9371ad6bc90
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		202 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
d1dd79e82ca704a6b280382838e579204ca7ca3726b1852ff6099e4c7b138b35
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		206 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
64056396a58baedf6266d92983a55f236236901516ae77113cca60290b32b5a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		206 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
9d28761f3c06a4b2e289a5a15bd874ca02a00a19528da39be7d5940f1b98bbcb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		201 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
a702a22c5c00227fd32f7c4cf5acda196fd32ffe7da435de7a9df2040e14abce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		206 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
43a9774f63e4b1a14e80add9da838fc9ce199599f5422931442469947b50c5cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-20&cid=370508847.1637907004&jid=782289479&_u=aGDAAAABAAAAAG~&z=1036597060
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-20&cid=370508847.1637907004&jid=782289479&_u=aGDAAAABAAAAAG~&z=1036597060
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5.json
front.rg.ru/api/partners/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://front.rg.ru/api/partners/5.json?callback=callbackPartners&_=1637907003208
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.190.23.28 , Russian Federation, ASN64409 (TELESTAR, RU),
Reverse DNS
front.rg.ru
Software
nginx /
Resource Hash
e863ef88e253283730e5d59e7440ec4f81011798a9bf08a4a8b6d415020c4579

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Nov 2021 06:05:05 GMT
Server
nginx
ETag
W/"61a07911-1d41"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Content-Type
application/json
Connection
keep-alive
jsapi.v5.5.3.ru_RU.js
static.smi2.net/static/jsapi/ 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smi2.net/static/jsapi/jsapi.v5.5.3.ru_RU.js
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/98332.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.52 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser3.imcmdb.net
Software
nginx /
Resource Hash
ddfb872eca3ef18e312ddb7986b7b0b68bf1ab057461430e16d398b02ac47898

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Nov 2021 11:08:02 GMT
Server
nginx
ETag
W/"619f6e92-3e863"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
sm.js
stat.media/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/sm.js
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/98332.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Aug 2021 20:46:02 GMT
Server
nginx
ETag
W/"610afc8a-133b9"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
smi2.svg
static.smi2.net/static/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.smi2.net/static/logo/smi2.svg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.52 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser3.imcmdb.net
Software
nginx /
Resource Hash
752b584142bd8ce13218ba3a53bf07a89b9cff2f0cf001d6b396b35df335c5a6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Last-Modified
Wed, 14 Nov 2018 15:52:47 GMT
Server
nginx
ETag
"5bec44cf-a66"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2662
/
target.smi2.ru/init/ 		95 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://target.smi2.ru/init/?blockid=98332&siteid=37846&bw=1600&bh=1200&rnd=9647515348409
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.195.92 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
target2-1.ssel25.imcmdb.net
Software
nginx / HHVM/3.9.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Target-Version
2
Date
Fri, 26 Nov 2021 06:10:05 GMT
X-Target-Final
20211126091005-0
Server
nginx
X-Target-Host
target2-1.ssel25
X-Powered-By
HHVM/3.9.1
X-Time-Request
0.00032
Content-Type
image/png
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
95
Expires
Fri, 26 Nov 2021 06:10:04 GMT
vendor.70a5e16820b6b0a388e3.js
relap.io/v7/ Frame 0A4E 		373 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.2f6ac421e88b6ba64f98.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
4efc7bae0f267c675c4cce712fd7b6dd7d69528899330340228259013376ba64
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
last-modified
Thu, 25 Nov 2021 14:43:02 GMT
server
nginx
etag
"619fa0f6-18678"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
99960
expires
Sun, 26 Dec 2021 06:10:04 GMT
common_core.9d088340d7cfe344cddc.js
relap.io/v7/ Frame 0A4E 		252 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.2f6ac421e88b6ba64f98.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
6823dea10949344170cc602ab77daa8e267c3939427e6956318aa4cea3b5b36d
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
last-modified
Thu, 25 Nov 2021 14:43:02 GMT
server
nginx
etag
"619fa0f6-dd64"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
56676
expires
Sun, 26 Dec 2021 06:10:04 GMT
app.443b72c76e8761dcbe23.js
relap.io/v7/ Frame 0A4E 		69 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/app.443b72c76e8761dcbe23.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.2f6ac421e88b6ba64f98.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
696847d4fee1e6e28b4687a7c113f1f20067af307bf90b491ac114f3b5bf2f44
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
content-encoding
br
last-modified
Thu, 25 Nov 2021 14:43:02 GMT
server
nginx
etag
"619fa0f6-1df6"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
7670
expires
Sun, 26 Dec 2021 06:10:04 GMT
truncated
/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3224976f57868dc3d4dbfceddfc956fbd9e7760431e74b4a25323ae06f7ce4c7

Request headers

Referer
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
v2
an.yandex.ru/adfox/5906/getBulk/ 		100 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.256%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=2412340281&pr=2502037459&prr=&pv=6&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A0%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A430%2C%22top%22%3A3095%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A10%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=0&pp=zkb&p2=fjgg&screenType=desktop%20desktopFull&services=%5Bobject%20Object%5D&ps=cgiu&slotNumber=10&bids=W3siY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MTkzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiODAyMzkzIn1d&utf8=%E2%9C%93&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
c3dbc35e1a53fc5d8c653aadc46378484ee90314e32a22d5ef3e53f2749f6625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
ssr
true
x-yandex-req-id
1637907004821549-1384383027698028289500241-production-app-host-sas-pcode-213
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 26 Nov 2021 06:10:05 GMT
counter
top-fwz1.mail.ru/ 		43 B
986 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=11659;u=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;st=1637907003350;title=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=a827efa4193adadf;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1637907004290%3A1637907004308%3A1%3Ae57a94c0f85227f3fc2fecbf6e4b5b3a;visible=true;_=0.45042046947552516
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://rg.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://rg.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://rg.ru
access-control-allow-headers
*
1
mc.yandex.ru/watch/22322746/
Redirect Chain
  • https://mc.yandex.ru/watch/22322746?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browse...
  • https://mc.yandex.ru/watch/22322746/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&brow...
364 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/22322746/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A2563%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1402480680008%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601004%3Aet%3A1637907004%3Ac%3A1%3Arn%3A880293018%3Arqn%3A1%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637907000762%3Ads%3A7%2C166%2C1777%2C74%2C1%2C0%2C%2C630%2C36%2C%2C%2C%2C3142%3Adsn%3A7%2C166%2C1777%2C73%2C0%2C0%2C%2C564%2C35%2C%2C%2C%2C3142%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1637907004%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
057090af1ce176b28f05a1f3ae3a5b7d7ba8e4fbc2ddb3a0a4c6a9a7627c5f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Nov-2021 06:10:05 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
364
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
last-modified
Fri, 26-Nov-2021 06:10:04 GMT
location
/watch/22322746/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A2563%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1402480680008%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601004%3Aet%3A1637907004%3Ac%3A1%3Arn%3A880293018%3Arqn%3A1%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637907000762%3Ads%3A7%2C166%2C1777%2C74%2C1%2C0%2C%2C630%2C36%2C%2C%2C%2C3142%3Adsn%3A7%2C166%2C1777%2C73%2C0%2C0%2C%2C564%2C35%2C%2C%2C%2C3142%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1637907004%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:04 GMT
jstracer
an.yandex.ru/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
optimize.webp
avatars.mds.yandex.net/get-adfox-content/2765366/211123_adfox_1752850_4802797.083dca7f2c7c4f9f2cca47b02e5c51c0.jpg/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-adfox-content/2765366/211123_adfox_1752850_4802797.083dca7f2c7c4f9f2cca47b02e5c51c0.jpg/optimize.webp
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
958a47a7c00818c5f32210c743ccf6c3b011689f46d55edfb83a94852aa7a0ad

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Tue, 23 Nov 2021 08:02:37 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
11704
x-request-id
21307c493f09034f
advert.gif
mc.yandex.ru/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif?t=ti(4)
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:04 GMT
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 26 Nov 2021 07:10:04 GMT
seedr-player.min.js
cdn01.nativeroll.tv/js/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/seedr-player.min.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6c8f12934769d44db458b48918c6a3b8d77a808fc280eb0dd849edebdc637398

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
server
nginx
etag
W/"6197b962-5e3a"
vary
Accept-Encoding
x-cached-since
2021-11-26T05:27:39+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Fri, 19 Nov 2021 17:21:58 GMT
event
ads.adfox.ru/5906/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?hash=8fd1c863624973f6&pm=cyz&p5=juxbv&rand=kcgvdts&sj=5e6E5SGFQIGucmaWyjNXAs2QWbl8SIBM_JGlOfUjrKfAuNFWDpwnbZGu4OtnQQ%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjg&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvovy&rqs=PL5v3E1xlmc8eqBh1QFnmBDYjRqPd0VX&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:04 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
optimize.webp
avatars.mds.yandex.net/get-adfox-content/2765366/211123_adfox_1723679_4802811.84720a133852208df94d872de1352299.jpg/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-adfox-content/2765366/211123_adfox_1723679_4802811.84720a133852208df94d872de1352299.jpg/optimize.webp
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
81a04c3c7061efcff4ab4eea7e4ff975fb56341aab0f0596047ff40a2ad00c7a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Tue, 23 Nov 2021 08:11:07 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
18992
x-request-id
f2ae6b7f837ba546
code.js
mediatoday.ru/core/
Redirect Chain
  • https://mediatoday.ru/core/code.js?pid=9119&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600...
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9tZWRpYXRvZGF5LnJ1L2NvcmUvY29kZS5qcz9waWQ9OTExOSZyaWQ9Nzg5OTQ5JnJsPSZsbD1odHRwcyUzQS8vcmcucnUvMjAyMS8xMS8yNS9rb2xpY2hlc3R2by1hdGFrLW5hLWJpem5lcy1z...
  • https://mediatoday.ru/core/code.js?pid=9119&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediatoday.ru/core/code.js?pid=9119&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOMqvlLrvAHC3Ei
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ac79745b4d6eb28edb5bf1eac3c074dfd8773c68ba8609b1660aaffe5e313be4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
br
referrer-policy
origin-when-cross-origin
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
text/javascript
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://mediatoday.ru/core/code.js?pid=9119&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOMqvlLrvAHC3Ei
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?hash=9a3545665bde0cbd&pm=cyz&p5=jjssc&rand=hvdeixr&sj=VeU__UyATuGuIknIwS782zafdbuES0mW6IIJxWN3C19b3rGwgtLrqWk7Nel6jQ%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjg&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=cnxai&rqs=PJ6WgEOqjjY8eqBhP6p3E35pAd98NMao&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
code.js
mediatoday.ru/core/
Redirect Chain
  • https://mediatoday.ru/core/code.js?pid=8493&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600...
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9tZWRpYXRvZGF5LnJ1L2NvcmUvY29kZS5qcz9waWQ9ODQ5MyZyaWQ9Nzg5OTQ5JnJsPSZsbD1odHRwcyUzQS8vcmcucnUvMjAyMS8xMS8yNS9rb2xpY2hlc3R2by1hdGFrLW5hLWJpem5lcy1z...
  • https://mediatoday.ru/core/code.js?pid=8493&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediatoday.ru/core/code.js?pid=8493&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e8f0156e57f05e8eb114725faba399da09d3706afb1e867ae5e6014c77490127

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
br
referrer-policy
origin-when-cross-origin
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
text/javascript
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://mediatoday.ru/core/code.js?pid=8493&rid=789949&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?hash=2ec34046d7e6a66c&pm=cyz&p5=igcly&rand=mavxnpn&sj=Nhc8DEi0rgcaPFrNhSuLjPE3yC1zxYLe3Re41ZXun3MZvucmNAvnq5pZddCxAA%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjg&ytt=148435685738517&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=chfif&rqs=PPahGs_-5Fw8eqBhckx_6aRygXUZ1Gvr&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=10420529253
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=41601887317
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=9178435080
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=45052561869
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=62170774691
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=89084993988
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=25763618080
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=30024147958
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=31460278571
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
bidder_18.html
cache.betweendigital.com/code/ Frame FEDF 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=59b3de82-cb25-534a-b279-9971d3d9e34d&CACHEBUSTER=740372
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=6838283708
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.82 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

server
nginx
date
Fri, 26 Nov 2021 06:10:05 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
match
ads.betweendigital.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d9472326-3f72-43ef-915b-ee22abeb2c51
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d9472326-3f72-43ef-915b-ee22abeb2c51
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=fc382313-402e-4cbd-bf8a-a8783a2021b6&ssp=between&expires=30&user_group=5&bsw_param=d9472326-3f72-43ef-915b-ee22abeb2c51
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9472326-3f72-43ef-915b-ee22abeb2c51
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9472326-3f72-43ef-915b-ee22abeb2c51
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=d9472326-3f72-43ef-915b-ee22abeb2c51
Date
Fri, 26 Nov 2021 06:10:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usLbcellYKCe.AikABlF9Wt1_QA
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usLbcellYKCe.AikABlF9Wt1_QA
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f1-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usLbcellYKCe.AikABlF9Wt1_QA
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=99cffbe32fc8061e1cfec5ce
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=99cffbe32fc8061e1cfec5ce
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=99cffbe32fc8061e1cfec5ce
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
match
ads.betweendigital.com/
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=59b3de82-cb25-534a-b279-9971d3d9e34d
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi99IGNBlIFvp7KygpiJDU5YjNkZTgyLWNiMjUtNTM0YS1iMjc5LTk5NzFkM2Q5ZTM0ZA**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi99IGNBlIFvp7KygpiJDU5YjNkZTgyLWNiMjUtNTM0YS1iMjc5LTk5NzFkM2Q5ZTM0ZKIBEH_kmR5OfxHspukAJZDIJDc*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABi99IGNBmIkNTliM2RlODItY2IyNS01MzRhLWIyNzktOTk3MWQzZDllMzRkogEQf-SZHk5_Eeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARi99IGNBmIkNTliM2RlODItY2IyNS01MzRhLWIyNzktOTk3MWQzZDllMzRkogEQf-SZHk5_Eeym6QAlkMgkNw**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=7fe4991e-4e7f-11ec-a6e9-002590c82437
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=7fe4991e-4e7f-11ec-a6e9-002590c82437
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=7fe4991e-4e7f-11ec-a6e9-002590c82437
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
v2
an.yandex.ru/adfox/5906/getBulk/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.492%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=118445332&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685738517&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A400%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A430%2C%22top%22%3A1850%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A11%2C%22ad_no%22%3A5%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=400&pp=qcg&services=%5Bobject%20Object%5D&pk=media-26%3Apage-1&p2=fjgg&ps=cgiu&slotNumber=24&bids=W3siY2FtcGFpZ25faWQiOjEyMjQzNTksInJlc3BvbnNlX3RpbWUiOjIxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjU2MzczNyJ9LHsiY2FtcGFpZ25faWQiOjg3Mzk4MSwicmVzcG9uc2VfdGltZSI6MzExLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzk0NTgwNiJ9LHsiY2FtcGFpZ25faWQiOjk5ODQ3NCwicmVzcG9uc2VfdGltZSI6NDMwLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNDM6cmdfaW5wYWdlX3Zhc3QifSx7ImNhbXBhaWduX2lkIjoxNDIxNDQzLCJyZXNwb25zZV90aW1lIjoxMzIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2NDQwIn0seyJjYW1wYWlnbl9pZCI6MTU5NzM0NiwicmVzcG9uc2VfdGltZSI6MzIxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjA1YmUwMmIzZDVhMmRhYjI0ZDZhNThkIn1d&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
b4b78a3fa9eb97f009e7359c963fcc645bb25fc2b030d713788ec8478d0d2529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907005049367-1573708875191679644600237-production-app-host-man-pcode-91
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:05 GMT
metrics
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-server
back14
date
Fri, 26 Nov 2021 06:10:05 GMT
vary
Origin
x-content-type-options
nosniff
access-control-allow-origin
https://rg.ru
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-credentials
true
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
strict-transport-security
max-age=5184000; includeSubdomains;
metrics
relap.io/api/v7/ Frame 0A4E 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
access-control-max-age
1728000
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
max-age=1, no-cache
x-server
back04
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
abp.gif
relap.io/ Frame 0A4E 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/abp.gif?ch=1&rn=4.063505909654703
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Wed, 21 Apr 2021 09:31:42 GMT
server
nginx
etag
"607ff0fe-2b"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
accept-ranges
bytes
content-length
43
abp.gif
relap.io/ Frame 0A4E 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/abp.gif?ch=2&rn=4.063505909654703
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Wed, 21 Apr 2021 09:31:42 GMT
server
nginx
etag
"607ff0fe-2b"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
accept-ranges
bytes
content-length
43
1
mc.yandex.ru/watch/22322746/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/22322746/1?page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A1%3Als%3A1402480680008%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601004%3Aet%3A1637907005%3Ac%3A1%3Arn%3A1014151177%3Arqn%3A2%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637907000762%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637907005&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Fri, 26-Nov-2021 06:10:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:05 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 21 Nov 2022 06:10:05 GMT
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 21 Nov 2022 06:10:05 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.646%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1822416373&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1240%2C%22h%22%3A250%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A180%2C%22top%22%3A146%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A12%2C%22ad_no%22%3A5%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=1240&availableHeight=250&pp=ibg&screenType=tablet%20tabletLandscape%20desktop%20desktopFull&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=2&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NTgzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5MTgxOSJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MTg1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzM2MDM0In0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjozNjEsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ185NzB4MjUwIn0seyJjYW1wYWlnbl9pZCI6ODczOTgxLCJyZXNwb25zZV90aW1lIjoyMTAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNzY5Njk4In0seyJjYW1wYWlnbl9pZCI6MTM1MjEzMywicmVzcG9uc2VfdGltZSI6MTY3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoicGFYTW5EV0gyRVZiaUl0c2VEemMifSx7ImNhbXBhaWduX2lkIjoxNzI5MTk3LCJyZXNwb25zZV90aW1lIjoxNjksImVycm9yIjp7ImNvZGUiOjF9fSx7ImNhbXBhaWduX2lkIjoxNTk3MzQ2LCJyZXNwb25zZV90aW1lIjozMDgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2MDViZGI0MzNkNWEyZGFiMjRkNmE1ODcifV0%3D&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
db923b93614b59e0f141b53683cf626bbdca17612564017c18166dddf290b349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907005212156-1749646305590845026900243-production-app-host-vla-pcode-221
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:05 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.652%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3766208668&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A630%2C%22h%22%3A300%2C%22width%22%3A630%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A445%2C%22top%22%3A2642%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A13%2C%22ad_no%22%3A5%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=630&availableHeight=300&pp=ijk&screenType=tablet%20tabletLandscape%20desktop%20desktopFull&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=6&bids=W3siY2FtcGFpZ25faWQiOjExOTU3MTAsInJlc3BvbnNlX3RpbWUiOjIxNywiZXJyb3IiOnsiY29kZSI6MX19LHsiY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NTg5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5MTgxNyJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MTkyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzM2MDM2In0seyJjYW1wYWlnbl9pZCI6MTQyMTQ0MywicmVzcG9uc2VfdGltZSI6MTM0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjg3OSJ9LHsiY2FtcGFpZ25faWQiOjg3Mzk4MSwicmVzcG9uc2VfdGltZSI6MjA5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjc2OTY5OSJ9LHsiY2FtcGFpZ25faWQiOjEzNTIxMzMsInJlc3BvbnNlX3RpbWUiOjE2OCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IkUwSmhXVWkzWEk3eUx0dTR5Y0NZIn0seyJjYW1wYWlnbl9pZCI6MTU5NzM0NiwicmVzcG9uc2VfdGltZSI6MzA1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjA1YmRjMjNkMjcyYjkyNGU4MDg2NWE1In1d&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
bf1a39dc6f9d3ad6ca8c54847e874d59f3672a49d47e761cab2b1d6c7b2778ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907005216238-106515166156948884700244-production-app-host-sas-pcode-194
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:05 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.657%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=312788355&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1120%2C%22top%22%3A1983%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A14%2C%22ad_no%22%3A5%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=600&pp=vsn&screenType=desktop%20desktopFull&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=20&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NTk1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTUwMDcxMiJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MzQxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNzMyNDg1In0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjo0MjIsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ18zMDDRhTYwMCJ9LHsiY2FtcGFpZ25faWQiOjg3Mzk4MSwicmVzcG9uc2VfdGltZSI6MjA5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjk0ODMwOSJ9LHsiY2FtcGFpZ25faWQiOjEzNTIxMzMsInJlc3BvbnNlX3RpbWUiOjE1MywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6ImRpTlRGME1JT0luUXNKUXE1ekEyIn0seyJjYW1wYWlnbl9pZCI6MTU5NzM0NiwicmVzcG9uc2VfdGltZSI6MzIyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjA1YmRjYjAzZDVhMmRhYjI0ZDZhNThiIn1d&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
c36f3b593590af94724cf5ff439dcc4c41a329b4b2250edde7616c9dffd3fdef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907005224167-1576006107442358674500238-production-app-host-sas-pcode-165
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:05 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.663%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1726554982&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A250%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1120%2C%22top%22%3A1713%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A15%2C%22ad_no%22%3A5%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=250&pp=ikm&screenType=desktop%20desktopFull&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=19&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NjAwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTUwMDcxMCJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MzIyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNzMyNDg3In0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjozOTYsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ18zMDB4MjUwXzEifSx7ImNhbXBhaWduX2lkIjo4NzM5ODEsInJlc3BvbnNlX3RpbWUiOjIxMCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI5NDgzMTAifSx7ImNhbXBhaWduX2lkIjoxMzUyMTMzLCJyZXNwb25zZV90aW1lIjoxNjMsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiJDS2N1cm5jdzVsaHVmMDRPRWM1NSJ9LHsiY2FtcGFpZ25faWQiOjEyODgyNDMsInJlc3BvbnNlX3RpbWUiOjIxMiwiZXJyb3IiOnsiY29kZSI6MX19LHsiY2FtcGFpZ25faWQiOjE1OTczNDYsInJlc3BvbnNlX3RpbWUiOjM0MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjYwNWJkYjYyZDI3MmI5MjRlODA4NjVhMyJ9XQ%3D%3D&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
47214152fc864c783c927c1ca30530660999899403e834050320edc868186681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907005225592-596225160575705434400256-production-app-host-vla-pcode-175
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:05 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.671%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=2334263278&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435686000661&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1150%2C%22top%22%3A1309%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A16%2C%22ad_no%22%3A5%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=400&pp=ijo&screenType=desktop%20desktopFull&appear=true&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=18&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NjA4LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5MTgxNCJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MzE0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNzMyNDkxIn0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjo0MTcsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ18yNDB4NDAwX3JpZ2h0In0seyJjYW1wYWlnbl9pZCI6MTQyMTQ0MywicmVzcG9uc2VfdGltZSI6MTMyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTg4NiJ9LHsiY2FtcGFpZ25faWQiOjg3Mzk4MSwicmVzcG9uc2VfdGltZSI6MjEwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjk0ODMwNiJ9LHsiY2FtcGFpZ25faWQiOjEzNTIxMzMsInJlc3BvbnNlX3RpbWUiOjE1NCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6ImVaYnhEd1VHZW1LbXBMUUJqTnR4In0seyJjYW1wYWlnbl9pZCI6MTU5NzM0NiwicmVzcG9uc2VfdGltZSI6MzQ0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjA1YmRjOWFkMjcyYjkyNGU4MDg2NWE3In1d&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
48581726df10d7afd2016b10a136d43d23908885aff7e41cae6a45ceea7ae8f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907005236520-1584241858963636976300273-production-app-host-vla-pcode-88
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:05 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A04.676%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3979887670&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1150%2C%22top%22%3A432%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A17%2C%22ad_no%22%3A5%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=400&pp=ibf&screenType=tablet%20desktop%20desktopFull&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=12&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NjE0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5MTgxMyJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MzA1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzM1ODA4In0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjozOTIsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ18yNDB4NDAwX2xlZnQifSx7ImNhbXBhaWduX2lkIjoxNDIxNDQzLCJyZXNwb25zZV90aW1lIjoxMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxODg3In0seyJjYW1wYWlnbl9pZCI6ODczOTgxLCJyZXNwb25zZV90aW1lIjozMTIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNzY5NzAxIn0seyJjYW1wYWlnbl9pZCI6MTM1MjEzMywicmVzcG9uc2VfdGltZSI6MTY4LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiUVFCY2hwZnNscFJ5MHpoeXdldm8ifSx7ImNhbXBhaWduX2lkIjoxNzI5MTk3LCJyZXNwb25zZV90aW1lIjoyMTIsImVycm9yIjp7ImNvZGUiOjF9fSx7ImNhbXBhaWduX2lkIjoxNTk3MzQ2LCJyZXNwb25zZV90aW1lIjozNDUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2MDViZGJmNjNkNWEyZGFiMjRkNmE1ODgifV0%3D&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8950a028f4996e05de73bf7eb50ea18749dcc0f3bb3986b062f8170a8737c5e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907005232395-91614947479923637700243-production-app-host-man-pcode-109
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:05 GMT
advert.js
cdn01.seedr.com/js/ 		24 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.seedr.com/js/advert.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
360c6ce9cde0594ceacc3fb178293b41a9df002b66e4532f62fce02ab924df3b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Fri, 26 Nov 2021 06:10:04 GMT
last-modified
Mon, 26 Jul 2021 15:37:20 GMT
server
nginx
etag
"60fed6b0-18"
x-cached-since
2021-11-26T05:26:08+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
content-length
24
expires
Mon, 27 Sep 2021 18:20:09 GMT
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=94872750857
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=27430822384
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=75755310345
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=57261450052
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=41482234565
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
ad.mail.ru/adq/ 		119 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?q=166310&cpm_floor=5000&sitename=rg.ru&count=1&topics=!13194250225664&callback=window.relapCbRegistry.relapCb9555569921
Requested by
Host: relap.io
URL: https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
f3b466b1d0993ee0b4e97a5385e0c9a35c4808300c59b104fbd57e1be09a9237

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
/
ad.mail.ru/hbid_yandex/ Frame 0A4E 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
/
ad.mail.ru/hbid_yandex/ Frame 0A4E 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ 		118 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?q=45459&cpm_floor=100&sitename=rg.ru&count=4&topics=!13194250225664&callback=window.relapCbRegistry.relapCb7171722707
Requested by
Host: relap.io
URL: https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
0cc977ac733b360ff4bb7f4ee86723a854a8d43d3d998878b675d891ff738cfc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
/
ad.mail.ru/adp/ Frame 0A4E 		33 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adp/?q=893287&cpm_floor=100&sitename=rg.ru&count=1&topics=!13194250225664
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
b1a95e7a7dc4c998b846be9c71cdb4109305ed6628d1da4ebe5607bbd9c228d9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
cookie_checker
relap.io/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/cookie_checker?_s=Se8ZOg&callback=window.relapCbRegistry.relapCb3726436645
Requested by
Host: relap.io
URL: https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
counter
top-fwz1.mail.ru/ Frame 0A4E 		43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?id=3136989;js=na
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
altergeocs
relap.io/partners/ Frame 0A4E
Redirect Chain
  • https://cm.p.altergeo.ru/relap?aid=fd4UhV6S&nc=0fxyk2lG&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
  • https://relap.io/partners/altergeocs?uid=CMMXcFNCezR9Gt6b+yYnYmjg==
43 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/partners/altergeocs?uid=CMMXcFNCezR9Gt6b+yYnYmjg==
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-server
web09
content-length
43
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:05 GMT
Server
nginx/1.16.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://relap.io/partners/altergeocs?uid=CMMXcFNCezR9Gt6b+yYnYmjg==
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
855.933b1f3f94eb4cb36515.js
relap.io/v7/ Frame 0A4E 		2 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/855.933b1f3f94eb4cb36515.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.2f6ac421e88b6ba64f98.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
f12903e34288b0d00155509c6613edeac90845f72477db0f41046662f79a63aa
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
br
last-modified
Thu, 25 Nov 2021 14:43:02 GMT
server
nginx
etag
"619fa0f6-311"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
785
expires
Sun, 26 Dec 2021 06:10:05 GMT
settings
stat.media/counter/ 		672 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/settings?payload=CNanAhIkNjhlMDkyNWEtYjc3ZC00NmRlLWJjMWMtNmE5N2U5OGFkNjA1GOb59dbVLyIkZjhhY2VjZDMtMWUwYi00NTA0LTgwNjEtZDhkMzk1ZjQxMDJl&cb=_callbacks____0kwfzjhae
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
46fbbeb3845050309de5701a63f9117444971193188cecf84b8e22bf02b9ecd4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/javascript
29789
mc.yandex.ru/watch/ 		167 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/29789?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1614363154354%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601004%3Aet%3A1637907005%3Ac%3A1%3Arn%3A614060867%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637907000762%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637907005%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
115efdeb351fcfa7961fe34ca2ad4919c88cbd5a92cd4a0c6f8af8ec749896d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Nov-2021 06:10:05 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:05 GMT
y300
avatars.mds.yandex.net/get-direct/221816/VmwRht7M7Zjdu7King3MEQ/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/221816/VmwRht7M7Zjdu7King3MEQ/y300
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
bb8152d6157a6d5b3b1a71429b9b3d71af5a5c375616feb09b9281feff1d19f5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Tue, 17 Dec 2019 15:31:12 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
20344
x-request-id
ad68e4e0e0e9ecef
xn--80aklgjdc4ahc3h.xn--p1ai
favicon.yandex.net/favicon/ 		447 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/xn--80aklgjdc4ahc3h.xn--p1ai?size=32&stub=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
eaece72a7fee3c7ca65305b9d8c14e19c81ffe68c00251b0e2c1d1f14509453f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
wy300
avatars.mds.yandex.net/get-direct/4694892/JiyZiZygBRDmwTpUO3J7IA/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/4694892/JiyZiZygBRDmwTpUO3J7IA/wy300
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
401f5e7f64fda24c05805debde3bdf484592e7f00ff616a198eda5409e97284a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Thu, 01 Apr 2021 17:37:23 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
34474
x-request-id
9ee68cca1784f786
cyprus-real-estate.ru
favicon.yandex.net/favicon/ 		783 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/cyprus-real-estate.ru?size=32&stub=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
20fda92f80716527a18dc4e6542c3465c0577d2c26df2c385a009679e2b065f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
x300
avatars.mds.yandex.net/get-direct/4969180/M00R_NYSwl6CubPvQMrefQ/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/4969180/M00R_NYSwl6CubPvQMrefQ/x300
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
0483649b6a0fdaab8c2ec74f373b38c32800ca61bbdd89d4af9536ada154f8b4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Tue, 21 Sep 2021 11:23:03 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
12116
x-request-id
fae1d100d92a3a30
udivitelniimir.ru
favicon.yandex.net/favicon/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/udivitelniimir.ru?size=32&stub=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
eeb583c9e691ceabf7118c7370dac201a09e0db5c680ff2534712bf6203bb79b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
load.js
viadata.store/tag/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viadata.store/tag/load.js?sid=101752&tag_id=via_101752
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
27d95c533d5095fbe93d49f258734b6b59358d88f1ed6628e529fbaf12471475

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=c304a94c33939735&duid=1637907004608927935&p5=jnvrv&rand=cdhvejv&sj=OYW3B2wbjeZH_uMkSAg7OXBBzJtGqW8quyRaYGxTc4WS7eppksub9Yrvurba_Q%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685738517&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=cdbup&rqs=PPahGs_-5Fw9eqBhaFWvIBXFwygVRN3J&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
optimize.webp
avatars.mds.yandex.net/get-adfox-content/2788782/200803_adfox_1353003_21447d62fbf4389d89376e15583f40ec_850x400ver-2.png/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-adfox-content/2788782/200803_adfox_1353003_21447d62fbf4389d89376e15583f40ec_850x400ver-2.png/optimize.webp
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
6bbb8190f406c9e4b62506e3b631ee791592a5a9dd3e29bc49f3614801a03102

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Mon, 03 Aug 2020 22:20:30 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
15340
x-request-id
1c7c28e17be81a9
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame D35F 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

server
nginx/1.17.9
date
Fri, 26 Nov 2021 06:10:05 GMT
content-type
text/html
content-length
6262
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Sun, 26 Nov 2051 12:42:26 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
accept-ranges
bytes
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=9b45dcbdd267081e&duid=1637907004608927935&p5=kmgmd&rand=gqkolsa&sj=M3G0RVjuE5mB_I9hlAUEVcq-7MHUeb60VryiC5Gw6G4htIpndj1xHHxqeYO3Mw%3D%3D&ad-session-id=6991771637907003995&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvnei&rqs=POaighaSwEg9eqBhtdTVMMX_MaAbZIuf&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
4785043.6a164324f2eb752c0bd2d83fcc78db12.gif
banners.adfox.ru/211115/adfox/1747717/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banners.adfox.ru/211115/adfox/1747717/4785043.6a164324f2eb752c0bd2d83fcc78db12.gif
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
1c2bfe9d772c7b1180eae8a5d34e74eef4b2f7f1b3eee42efef6bc9ce7148a09

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Mon, 15 Nov 2021 07:01:59 GMT
server
nginx
x-amz-request-id
712983d3af83e318
etag
"6a164324f2eb752c0bd2d83fcc78db12"
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id
null
access-control-allow-origin
*
accept-ranges
bytes
content-type
image/gif
content-length
56316
x-nginx-request-id
f72cd7c91fd1943b
jsapi
smi2.ru/newdata/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://smi2.ru/newdata/jsapi?action=news
Requested by
Host: static.smi2.net
URL: https://static.smi2.net/static/jsapi/jsapi.v5.5.3.ru_RU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.162.95.86 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
ads5-1.smir11.imcmdb.net
Software
nginx /
Resource Hash
87b101bad1a1bc8e2ea4bc03ad383bb723bd9a7c2d35ec83e16a2c32e9dbedda

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
multipart/form-data

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:05 GMT
Content-Encoding
gzip
Last-Modified
Friday, 26-Nov-2021 06:10:05 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
X-Node
ads5-1smir11
1
mc.yandex.ru/watch/29789/ 		43 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/29789/1?page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A2563%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1614363154354%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601004%3Aet%3A1637907005%3Ac%3A1%3Arn%3A483109922%3Arqn%3A1%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637907000762%3Ads%3A7%2C166%2C1777%2C74%2C1%2C0%2C%2C630%2C36%2C%2C%2C%2C3142%3Adsn%3A7%2C166%2C1777%2C73%2C0%2C0%2C%2C564%2C35%2C%2C%2C%2C3142%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637907005&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Fri, 26-Nov-2021 06:10:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:05 GMT
29789
mc.yandex.ru/watch/ 		43 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/29789?page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1614363154354%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601004%3Aet%3A1637907005%3Ac%3A1%3Arn%3A822201939%3Arqn%3A2%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637907000762%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637907005%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
last-modified
Fri, 26-Nov-2021 06:10:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:05 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:04 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
gpt.js
www.googletagservices.com/tag/js/ Frame E828 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71c6ea85dba250b22bc1baaa084572f76dcbb99cb2779e5a603aa867717889a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1055 / 970 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26863
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 06:10:05 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmo&hash=c9a605d2bfb85334&duid=1637907004608927935&pxo=54dDASc59tRXgaORfaq9_04I3kyWD-R9AhEyVoBZqsvko7zlT-9CcZLB_0kBwWKpm6HokDFJAPnBu7W4iIsZAen9lsGTWhalCEF4DcTYXR0yjPN3s6D2nN6yfP9Cns7o8gmjDbEi02DNATeH5mpBGSN3l4m2y6XXdf1JJMLjEKHdq-FRW_4%3D&p5=gdhai&rand=metfloo&sj=aKkj2ZEr38VOPq_VG4muLzxKLsi1NdSIp_IZRlv9L2w5SWKtIT9tj6KaEFqW2Q%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bzqke&rqs=PPahGs_-5Fw9eqBhMxYW9qOLeOkC2ndH&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame D4C3 		536 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9be7d0940cf4957dc46e3255b04c9f75ad8b5fc9eff048bfbf38e54b37ca9917

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
server
nginx
etag
W/"6197b962-85f40"
vary
Accept-Encoding
x-cached-since
2021-11-26T05:11:01+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Fri, 19 Nov 2021 17:08:38 GMT
css
fonts.googleapis.com/ 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:700%7CNoto+Sans:400&subset=cyrillic,cyrillic
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c23814e7b238180ab5d0245f1aa2f19dac5cabfcb8400aee5055449116372cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 04:26:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 06:10:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 06:10:05 GMT
recs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-relap-cookie,x-relap-unique
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
x-server
back19
x-content-type-options
nosniff
access-control-max-age
1728000
access-control-allow-origin
https://rg.ru
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
vary
Origin
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
date
Fri, 26 Nov 2021 06:10:05 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
recs
relap.io/api/v7/ Frame 0A4E 		12 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
d45558a6d103269e24b2cd158398e580a0898145e0dd8cd1b305736f21ced288
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=eZJFUg:SFTu2g
Referer
Accept-Language
en-GB,en;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Relap-Unique
ZTYzYmM0

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
x-relap-cookie
rlprp=eZJFUg:SFTu2g
cache-control
max-age=1, no-cache
x-server
back01
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
mvpt.min.js
moevideo.biz/embed/js/ 		176 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/js/mvpt.min.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.107 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f48.moevideo.net
Software
nginx /
Resource Hash
377c5ed17c5d59840538afd9daca3e942af7ed7af192163682b7a740f5ea20af

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Last-Modified
Wed, 24 Nov 2021 07:12:30 GMT
Server
nginx
X-My-Name
s43
ETag
"619de5de-2be42"
Content-Type
application/javascript
Content-Length
179778
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.081
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=e44368aef91f8717&duid=1637907004608927935&p5=igidj&rand=dmnjhfg&sj=3mEMenDOl8cspHmkbwvFKuYj69ZswXUK_2PHwbcn8oXv9ZiCII-jJHP5oPk4cA%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=chfiz&rqs=POaighaSwEg9eqBh3VfSeWPAH5QJwXjN&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame F8FB 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afc9a2d1cae70809cd71b3b47cfbc044404391d6e6fa76999aa2fa3e1d59c691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1055 / 686 of 1000 / last-modified: 1637708807"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26864
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 06:10:05 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmo&hash=6c45cb2e1d42a215&duid=1637907004608927935&pxo=I_DPdXmKnIROcqFgJTCV8G7CZNGihc9wkeNi-fyZ3PWzlGtnTbm-E4m03tm6fe_bxd5DAwWzoIyxuk705qbYNqzYKm_-ClMjYR0idUnPk6BuKW-lijvCO5Q-qArsQBznEfjCh45pL52Tb6rKMSd9g6zze92vRCNkikdMCSxUzRhUdWkRacY%3D&p5=gdhai&rand=nrhsffl&sj=7VRlxHjgurJTDZMx1d9nh3lDZBGcLjlfq3VAz3vE9IW1iLKo21FzO83rlvOfDA%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvneu&rqs=POaighaSwEg9eqBhpFG9YLbPJc4OCZv4&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 7991 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71c6ea85dba250b22bc1baaa084572f76dcbb99cb2779e5a603aa867717889a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1055 / 808 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26863
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 06:10:05 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmo&hash=aca6b35cf8630528&duid=1637907004608927935&pxo=IAm924wwL7uLi0fVMHOrcqGLLQUlhuSNW5Ys-_2HXhD2o1ynzpw8gwJTB6ZVKhnA8XV-nC2-WTd_QpjLkBz7ZUz96pQqW60PzcR6Evhk3IBTY_bG-I0lOf-fb-49sPz9SrI4tyvnVhWODDDAQ8osYC599FlirS-9NwMju3D_4I3YCsOcp9M%3D&p5=gdhai&rand=ixjaudl&sj=GrVsVdkOJ9U08ZYCWMqJY9MUXREsmfIEGwQhniX7Gl1BAQ04Tigui4jIUB3xOg%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435686000661&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvpww&rqs=POaighaSwEg9eqBh2COz6xqagxemaBrU&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 9842 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71c6ea85dba250b22bc1baaa084572f76dcbb99cb2779e5a603aa867717889a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1055 / 263 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26863
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 06:10:05 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmo&hash=09277eaaf998ac44&duid=1637907004608927935&pxo=xDMYnMcop6_TUj4FbHnalWlNvp2l4IZ_V1ICVRgmOoBACgXrz2yUHDTnr8YJjo99qxNwzKBJfeV11zMhqxUxSsj-gIqmibjI1jmtZIJKDRHQLpZRKl6bmtL3DajZqpZ93Ok61HwY2_heeN-aktEV1Jv71ui4rS0WEy62eLQl54jpEN9Xz5o%3D&p5=gdhai&rand=fmqypvf&sj=_wr7lK1zx1UlgMJa3Zyy4Ly8kNkHLmne4CKLxeOinQth_v5QkhMMOoxtbgpWhw%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvobk&rqs=POaighaSwEg9eqBhPJj61zH5Id4yuY-l&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
match
ads.betweendigital.com/ Frame FEDF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=d9472326-3f72-43ef-915b-ee22abeb2c51
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=d9472326-3f72-43ef-915b-ee22abeb2c51
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=63ad473b-2880-49f7-b50b-cc6a9e3c4a8c&user_group=1&ssp=between&bsw_param=d9472326-3f72-43ef-915b-ee22abeb2c51
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9472326-3f72-43ef-915b-ee22abeb2c51
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9472326-3f72-43ef-915b-ee22abeb2c51
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=d9472326-3f72-43ef-915b-ee22abeb2c51
Date
Fri, 26 Nov 2021 06:10:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
smi2.ru/cookiematching/ 		43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJDY4ZTA5MjVhLWI3N2QtNDZkZS1iYzFjLTZhOTdlOThhZDYwNRoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjM3OTA3MDA0NjQ2Ggguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJGY4YWNlY2QzLTFlMGItNDUwNC04MDYxLWQ4ZDM5NWY0MTAyZRoILnNtaTIucnUiAS8oiA4%3D&rnd=1637907005083
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.162.95.86 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
ads5-1.smir11.imcmdb.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Fri, 26 Nov 2021 06:10:05 GMT
Last-Modified
Friday, 26-Nov-2021 06:10:05 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
close
Content-Length
43
Expires
Fri, 26 Nov 2021 06:10:05 GMT
/
smi2.net/cookiematching/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJDY4ZTA5MjVhLWI3N2QtNDZkZS1iYzFjLTZhOTdlOThhZDYwNRoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTYzNzkwNzAwNDY0NhoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkZjhhY2VjZDMtMWUwYi00NTA0LTgwNjEtZDhkMzk1ZjQxMDJlGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1637907005083
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.202.225.240 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
smi2adm2-1.ssel27.imcmdb.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Fri, 26 Nov 2021 06:10:05 GMT
Server
nginx
Connection
keep-alive
analytics.js
www.google-analytics.com/ Frame D4C3 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4138
date
Fri, 26 Nov 2021 05:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 26 Nov 2021 07:01:07 GMT
wamfactory_dpm.wildcard.min.js
cstatic.weborama.fr/js/wam/customers/ Frame D4C3 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1637907005120
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8DF3) /
Resource Hash
f116b3f716b35000be63c8696a5944572939d85bb21f97672a7eaa1405b543f7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 10:01:32 GMT
server
ECAcc (lha/8DF3)
age
331545
etag
"3372701235"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-type
text/javascript
content-length
5776
expires
Fri, 03 Dec 2021 06:10:05 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame 64CD 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Frg.ru
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fc75311bf80a77f040c7e159661eb5b716ab15938679e4c53570b80438e2f73f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

server
nginx
date
Fri, 26 Nov 2021 06:10:05 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
vary
Accept-Encoding
etag
W/"6197b962-1b7e"
cache
HIT
x-cached-since
2021-11-22T16:25:33+00:00
x-id
fr5-up-gc31
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 26 Nov 2021 06:10:06 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://rg.ru
x-id
fr5-up-gc29
hosts.json
cdn02.nativeroll.tv/player/ Frame D4C3 		301 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c

Request headers

cache-control
no-cache
Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 15:02:35 GMT
server
nginx
etag
W/"6037bc0b-12d"
x-cached-since
2021-11-23T09:55:34+00:00
content-type
application/json
access-control-allow-origin
https://rg.ru
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
css
fonts.googleapis.com/ Frame D4C3 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:700%7CNoto+Sans:400&subset=cyrillic,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c23814e7b238180ab5d0245f1aa2f19dac5cabfcb8400aee5055449116372cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 05:23:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 06:10:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 06:10:05 GMT
css
fonts.googleapis.com/ Frame D4C3 		8 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0fa17907e1c98d916e515dcaa207c77aab5846ad2b9417fdb95ff721fb00dbd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 06:10:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 06:10:05 GMT
css
fonts.googleapis.com/ Frame D4C3 		9 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba21fbb46af1680aa5753e8bb57d998f3b3a450b89b1497307a3852a82c3e01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 06:10:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 06:10:05 GMT
truncated
/ Frame D4C3 		72 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ Frame D4C3 		584 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b80334011e2b10cdb61cb145661e37e99f2b73402e99570e353ee5301c29fc5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D4C3 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0980c84f480a7ce75347815b0e8d7d523158ffa820a75f9aef79c4ead3a1868d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D4C3 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D4C3 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
9597036.jpeg
static1.smi2.net/img/250x165/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.smi2.net/img/250x165/9597036.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.73 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser5.imcmdb.net
Software
nginx /
Resource Hash
4e754b1f4e9d2759981f4f898f2434952ebec34ab17f12e9106e75e2113d85f9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:06 GMT
Server
nginx
ETag
W/"619254b6-e0ce"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20384
Expires
Wed, 15 Nov 2023 12:39:23 GMT
9594930.jpeg
static8.smi2.net/img/250x165/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.smi2.net/img/250x165/9594930.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.243 Fellbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa65.imcmdb.net
Software
nginx /
Resource Hash
e027a11489e8864132df4da6c7ddfc270b1f2298c8e92c01479cdafed3e30c04

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Server
nginx
ETag
W/"6191bd80-9989"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18014
Expires
Wed, 15 Nov 2023 01:55:46 GMT
9609379.jpeg
static5.smi2.net/img/250x165/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static5.smi2.net/img/250x165/9609379.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.248 Fellbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-2.sfa65.imcmdb.net
Software
nginx /
Resource Hash
ce21c21d3ffa1f87a0b48391b639a7a79b26aa02a0d9d79618b4349efb7297f9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:05 GMT
Server
nginx
ETag
W/"6196869e-999f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14389
Expires
Sat, 18 Nov 2023 17:03:18 GMT
9625565.jpeg
static2.smi2.net/img/250x165/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static2.smi2.net/img/250x165/9625565.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.124 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser4.imcmdb.net
Software
nginx /
Resource Hash
8dfeb8f598c707c50c8c765cd5417f5990ca2dc1d26db4f9cb07df669857fc08

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:06 GMT
Server
nginx
ETag
W/"619cdb8c-75bd"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16494
Expires
Thu, 23 Nov 2023 12:17:24 GMT
9633391.jpeg
static3.smi2.net/img/250x165/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/250x165/9633391.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.129.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-4.sfa65.imcmdb.net
Software
nginx /
Resource Hash
6e751ab537394229bcef6eabef21082df904e9a9658a1ec50ca71033172f7401

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:06 GMT
Server
nginx
ETag
W/"619f632f-ab14"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22995
Expires
Sat, 25 Nov 2023 10:20:29 GMT
9585069.jpeg
static6.smi2.net/img/250x165/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.smi2.net/img/250x165/9585069.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.129.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-4.sfa66.imcmdb.net
Software
nginx /
Resource Hash
feaf110392011d08268e5ab7fd6f5fddc372b1974c11f81662bf3d2f1cb046c1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:06 GMT
Server
nginx
ETag
W/"618d46bb-157e4"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28385
Expires
Sat, 11 Nov 2023 16:38:57 GMT
truncated
/ Frame D4C3 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D4C3 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame D35F 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:06 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-RT-IH
0.0002
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Sat, 27 Nov 2021 06:10:06 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2F&date=2021-11-26T06%3A10%3A05.359%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3677438165&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685738517&is-turbo=0&skip-token=yabs.NzIwNTc2MDUzNzc4NjYwMDYKNzIwNTc2MDQ2MTU5NjA2NTgKNzIwNTc2MDUxNzQ3MDA0NDY%3D&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A0%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A430%2C%22top%22%3A1128%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A18%2C%22ad_no%22%3A15%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=0&pp=bimv&ps=cgiu&p2=fjgg&pk=nomediatodayin-image&slotNumber=25&bids=W10%3D&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
abdaaf1a8fd1ca5329112ce5e753b538d8dd110e10c76a82a3625c023a9d1196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907005922674-1729126645635874916300245-production-app-host-sas-pcode-157
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:05 GMT
match.gif
instreamvideo.ru/core/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5723262&bn=5723262&rnd=789949
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5723262&bn=5723262&rnd=789949&tuid=-5179052920
  • https://instreamvideo.ru/core/match.gif?s=2&id=AHRegIF2TTmeIn0mf66KH2Q
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MiZpZD1BSFJlZ0lGMlRUbWVJbjBtZjY2S0gyUSZ2aWRzZXR1cD0x&p=idntfy&n=otclick
  • https://instreamvideo.ru/core/match.gif?s=2&id=AHRegIF2TTmeIn0mf66KH2Q&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instreamvideo.ru/core/match.gif?s=2&id=AHRegIF2TTmeIn0mf66KH2Q&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://instreamvideo.ru/core/match.gif?s=2&id=AHRegIF2TTmeIn0mf66KH2Q&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
p
vomqvllrvahc3ei-mdt.ops.beeline.ru/ 		35 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vomqvllrvahc3ei-mdt.ops.beeline.ru/p?ssp=mdt&amp;id=VOMqvlLrvAHC3Ei
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
x-route
http://upstream_cookiesync
server
nginx
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.36
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT
match.gif
mediatoday.ru/core/
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D15%26id%3D{WEBO_CID}
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D15%26id%3D%7BWEBO_CID%7D&bounce=1&random=469689059
  • https://mediatoday.ru/core/match.gif?s=15&id=I4jPe4gWdVO/6iZWsKBbOO
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediatoday.ru/core/match.gif?s=15&id=I4jPe4gWdVO/6iZWsKBbOO
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.12.0
location
https://mediatoday.ru/core/match.gif?s=15&id=I4jPe4gWdVO/6iZWsKBbOO
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
match.gif
mediatoday.ru/core/
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOMqvlLrvAHC3Ei&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOMqvlLrvAHC3Ei&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D&cs=1
  • https://mediatoday.ru/core/match.gif?s=16&id=80548a80-4e7f-11ec-ae6b-901b0ea4a41b
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediatoday.ru/core/match.gif?s=16&id=80548a80-4e7f-11ec-ae6b-901b0ea4a41b
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

location
https://mediatoday.ru/core/match.gif?s=16&id=80548a80-4e7f-11ec-ae6b-901b0ea4a41b
date
Fri, 26 Nov 2021 06:10:06 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0, 0
match.gif
instreamvideo.ru/core/
Redirect Chain
  • https://relap.io/api/partners/instrv.gif?uid=VOMqvlLrvAHC3Ei
  • https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MTcmaWQ9ZmQ0VWhWNlMmdmlkc2V0dXA9MQ==&p=idntfy&n=otclick
  • https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
invideo
sync.dmp.otm-r.com/match/ 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/invideo?r=https%3A%2F%2Finstreamvideo.ru%2Fcore%2Fmatch.gif%3Fs%3D21%26id%3D%7Bpid%7D
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.107 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.107.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.17.6
match.gif
instreamvideo.ru/core/
Redirect Chain
  • https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=mediatoday&ru=https%3A%2F%2Finstreamvideo.ru%2Fcore%2Fmatch.gif%3Fs%...
  • https://instreamvideo.ru/core/match.gif?s=23&id=o6P8AmHRSGyFDHDSZFV2wQ
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MjMmaWQ9bzZQOEFtSFJTR3lGREhEU1pGVjJ3USZ2aWRzZXR1cD0x&p=idntfy&n=otclick
  • https://instreamvideo.ru/core/match.gif?s=23&id=o6P8AmHRSGyFDHDSZFV2wQ&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instreamvideo.ru/core/match.gif?s=23&id=o6P8AmHRSGyFDHDSZFV2wQ&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://instreamvideo.ru/core/match.gif?s=23&id=o6P8AmHRSGyFDHDSZFV2wQ&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
match.gif
mediatoday.ru/core/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOMqvlLrvAHC3Ei
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOMqvlLrvAHC3Ei&bounce=1
  • https://mediatoday.ru/core/match.gif?s=24&id=JwdxZQVMOAtU7LWemJm5qg
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediatoday.ru/core/match.gif?s=24&id=JwdxZQVMOAtU7LWemJm5qg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://mediatoday.ru/core/match.gif?s=24&id=JwdxZQVMOAtU7LWemJm5qg
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Fri, 26 Nov 2021 06:10:05 GMT
VOMqvlLrvAHC3Ei
an.yandex.ru/mapuid/gpmd/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/gpmd/VOMqvlLrvAHC3Ei
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:05 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2F&date=2021-11-26T06%3A10%3A05.364%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=4128968145&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685738517&is-turbo=0&skip-token=yabs.NzIwNTc2MDUzNzc4NjYwMDYKNzIwNTc2MDQ2MTU5NjA2NTgKNzIwNTc2MDUxNzQ3MDA0NDY%3D&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1240%2C%22h%22%3A0%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A180%2C%22top%22%3A4281%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A19%2C%22ad_no%22%3A15%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=1240&availableHeight=0&pp=vsm&ps=cgiu&p2=fjgg&pk=nomediatodayadbar&slotNumber=26&bids=W10%3D&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
63b4dfd1de3e46da49ddcee1b041c6315efc6c0317770b6e64c0c8f13599e544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907005942916-1122347866514451105600273-production-app-host-vla-pcode-114
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:06 GMT
p
vota5ik8v8t2dmu-mdt.ops.beeline.ru/ 		35 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vota5ik8v8t2dmu-mdt.ops.beeline.ru/p?ssp=mdt&amp;id=VOta5ik8v8t2Dmu
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
x-route
http://upstream_cookiesync
server
nginx
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.36
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT
match.gif
mediatoday.ru/core/
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOta5ik8v8t2Dmu&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOta5ik8v8t2Dmu&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D&cs=1
  • https://mediatoday.ru/core/match.gif?s=16&id=80548a80-4e7f-11ec-ae6b-901b0ea4a41b
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediatoday.ru/core/match.gif?s=16&id=80548a80-4e7f-11ec-ae6b-901b0ea4a41b
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

location
https://mediatoday.ru/core/match.gif?s=16&id=80548a80-4e7f-11ec-ae6b-901b0ea4a41b
date
Fri, 26 Nov 2021 06:10:06 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0, 0
match.gif
instreamvideo.ru/core/
Redirect Chain
  • https://relap.io/api/partners/instrv.gif?uid=VOta5ik8v8t2Dmu
  • https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MTcmaWQ9ZmQ0VWhWNlMmdmlkc2V0dXA9MQ==&p=idntfy&n=otclick
  • https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://instreamvideo.ru/core/match.gif?s=17&id=fd4UhV6S&vidsetup=1&idntfy=VOta5ik8v8t2Dmu
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
match.gif
mediatoday.ru/core/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOta5ik8v8t2Dmu
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOta5ik8v8t2Dmu&bounce=1
  • https://mediatoday.ru/core/match.gif?s=24&id=D6YpWSpK7WcfeZqUD%2BFAjw
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediatoday.ru/core/match.gif?s=24&id=D6YpWSpK7WcfeZqUD%2BFAjw
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.165.171 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://mediatoday.ru/core/match.gif?s=24&id=D6YpWSpK7WcfeZqUD%2BFAjw
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Fri, 26 Nov 2021 06:10:05 GMT
VOta5ik8v8t2Dmu
an.yandex.ru/mapuid/gpmd/ 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/gpmd/VOta5ik8v8t2Dmu
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:05 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:05 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame 9842 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 06:10:06 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame 7991 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 06:10:06 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame F8FB 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 06:10:06 GMT
hls.js
cdn.viadata.store/static/js/ 		235 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/static/js/hls.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 14:39:05 GMT
server
nginx
etag
W/"5ffdb489-3ab3e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
EU
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
code.js
viadata.store/tag/ 		30 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viadata.store/tag/code.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:05 GMT
cache-control
public
content-type
application/javascript
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
expires
Sat, 27 Nov 2021 06:10:05 GMT
site
logs.viadata.store/req/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/req/site?sid=101752&cid=0&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&event=playerLoaded&cb=1637907005407
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame E828 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 06:10:06 GMT
metrics
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
vary
Origin
date
Fri, 26 Nov 2021 06:10:06 GMT
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
x-server
back16
access-control-allow-origin
https://rg.ru
access-control-allow-credentials
true
access-control-max-age
1728000
strict-transport-security
max-age=5184000; includeSubdomains;
metrics
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-credentials
true
access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:06 GMT
vary
Origin
x-server
back01
x-content-type-options
nosniff
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
strict-transport-security
max-age=5184000; includeSubdomains;
Z_HWHw.jpg
cdn.relap.io/Z_/4/ Frame 0A4E 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/Z_/4/Z_HWHw.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
cfead8a31f9c8c62ad37a6e0deaaa3fd6b385f45b267453319f9cac3fea67033
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Wed, 24 Nov 2021 11:23:38 GMT
server
nginx
etag
"619e20ba-52d0"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn07.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
21200
expires
Sat, 27 Nov 2021 06:10:06 GMT
PdDVHw.jpg
cdn.relap.io/Pd/4/ Frame 0A4E 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/Pd/4/PdDVHw.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
5f9d9c3be7d460dcb34637217d85dab0ef07da9dcac954b911ef33b46f6091fe
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Wed, 24 Nov 2021 07:12:08 GMT
server
nginx
etag
"619de5c8-48c9"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn07.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
18633
expires
Sat, 27 Nov 2021 06:10:06 GMT
rZdIUg.jpg
cdn.relap.io/KWjeOg/rZ/4/ Frame 0A4E 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/rZ/4/rZdIUg.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
5da3e68bb30d7e3a867338bace916d245f4dce6b1a8d470c505973bcd1f6adf5
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Fri, 26 Nov 2021 02:14:36 GMT
server
nginx
etag
"61a0430c-3074"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn07.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
12404
expires
Sat, 27 Nov 2021 06:10:06 GMT
TzU_Ug.jpg
cdn.relap.io/KWjeOg/Tz/4/ Frame 0A4E 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/Tz/4/TzU_Ug.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
1eec55342d3c385315e63c367aa6c5fdabbdb33f1ef7a9f0ba3c0df8691576d8
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Fri, 26 Nov 2021 01:34:44 GMT
server
nginx
etag
"61a039b4-4b18"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn07.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
19224
expires
Sat, 27 Nov 2021 06:10:06 GMT
k70oUg.jpg
cdn.relap.io/KWjeOg/k7/4/ Frame 0A4E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/k7/4/k70oUg.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
f714130a5f0c8f66d5df83b9c3104bcf024f146086b51ed78e1d2d6c21c962e2
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Fri, 26 Nov 2021 05:36:35 GMT
server
nginx
etag
"61a07263-2f6d"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn07.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
12141
expires
Sat, 27 Nov 2021 06:10:06 GMT
metrics
relap.io/api/v7/ Frame 0A4E 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
max-age=1, no-cache
x-server
back24
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
metrics
relap.io/api/v7/ Frame 0A4E 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
max-age=1, no-cache
x-server
web07
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
ssp.js
st.hbrd.io/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.hbrd.io/ssp.js?t=1637907005509
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e4168186be7967ce91530be5fbdbef469fce9622f1f93a6e340c7fd8b5d1961d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt
AcO1ryy+Rsz/cQEAAA==
x-accel-expires
@1637910237
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
br
etag
W/"619b69e1-4534"
last-modified
Mon, 22 Nov 2021 09:58:57 GMT
server
CDN77-Turbo
x-77-nzt-ray
+sfT1mL041Y=
x-77-cache
HIT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache
HIT
x-age
369
x-77-pop
frankfurtDE
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=e3ac5b38857ad0c5&duid=1637907004608927935&p5=izkhz&rand=bnkmshz&sj=XBBcpVHDO-DoY9qh_2QExEzgnpw6fEgDoj_cjI_gfBNJYtM9LG9kEfTerm0-cg%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685738517&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2F&pr=icpfivz&p1=cnxae&rqs=POaighaSwEg9eqBhsb3hHV6ZfFvHQxr9&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
tracker
top-fwz1.mail.ru/ 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/tracker?id=3164467;e=RG%3A/announcement
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
AADu8QE2SLvroUtyVMj7EXn39u7ntBtRj6VQAyCLQRNqcdS6v3pZ54JKPkuY6hZRzMvnr7OiluKe7cyg70cbZEFJZ_QHgu2N4nqZc8LAq7hroXfOioHKMwL12n4TaJY8qDqZ3kj9APoiXVqjVMUG6pF9UNOM0E3PLWo7gNOZMdgHQf7I73KUvDHzAQAAWxhiBEgHg...
rs.mail.ru/pixel/ 		43 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.mail.ru/pixel/AADu8QE2SLvroUtyVMj7EXn39u7ntBtRj6VQAyCLQRNqcdS6v3pZ54JKPkuY6hZRzMvnr7OiluKe7cyg70cbZEFJZ_QHgu2N4nqZc8LAq7hroXfOioHKMwL12n4TaJY8qDqZ3kj9APoiXVqjVMUG6pF9UNOM0E3PLWo7gNOZMdgHQf7I73KUvDHzAQAAWxhiBEgHghleUzgKjspfMGJChBmE3cljmGZO6rLg0LdpNompOZwbDBxpUIlAegRllW73TiZVwZSHf8nMDdRisRSJ3CwkZDmNOOfH9G3dgQgzdYQ2XUhQ20S-a9ed5Vzmsc3dxPo-fGfZPIym9tpoL3oR6P7Vhlqci3TE_vVyPb302AdGvsvvy-QYh8LSxocfhgi7vsw0iJbrC8MOFiSGcmioG2ku1NxT0vCFaLVqPDH1DtHYznXAy_VruQOTNw35vqhdJEiCzQqj4HIwRevENaSwwMEnF-J-K0AyVBagFPhiCOuK4HK2vhr4UROX6qwJnANSZFPRDv0KdKL7QoE2bJj_zVtOGm1cNznGpeNqNfTRcWoP3DRu5Dm-Zjdh2NN20Uaf4NW2z53WW9rvihaye8qivxX-yyPoJNM4VqTOtr8f0pM4bSFMO3qtyzosG_1eDrmpKVPb5Jx2ugfmYTT8YYXYL1bBENLdT9WimkfTGXjXfXc1OKxS0Fn8w40breFzaMwg3vmHL2I8x7HzeE08TpzGl2uJZAGHEGi3I-BZRxh7quKX7dZMKFe-elRH1zTVyrq01OvuYnT_7dfQLRbtxMbWtV_XCzbUehavevrv8pZey7dR_09bjphojaoOc7j2uYYSTWFDLN_BkP9WlHCYrucaRpp3UAYVss0llvYvlXc.gif?pulse=promo
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*, *
Content-Length
43
sync.html
cstatic.weborama.fr/iframe/ Frame D377 		336 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637907005528
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1637907005120
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8DB2) /
Resource Hash
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
332284
cache-control
max-age=604800
content-type
text/html
date
Fri, 26 Nov 2021 06:10:06 GMT
etag
"282943589+gzip"
expires
Fri, 03 Dec 2021 06:10:06 GMT
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server
ECAcc (lha/8DB2)
vary
Accept-Encoding
x-cache
HIT
content-length
207
/
wf.frontend.weborama.fr/stream/ Frame D4C3 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22rg.ru%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Frg.ru%252F2021%252F11%252F25%252Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html%22%2C%22ref%22%3A%22%22%7D&d.r=1637907005527
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.223.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.223.244.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT
211015.js
cdn.viadata.store/js/player/ Frame D42D 		180 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/js/player/211015.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
cf5e3e9deaf9e8292c89f99b3490982d17324205434d8af0c876bcf0a82a2f97

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 14:46:22 GMT
server
nginx
etag
W/"6182a0be-2d0cc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
EU
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
external_libs.v2.js
cstatic.weborama.fr/iframe/ Frame D377 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637907005528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8D1A) /
Resource Hash
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637907005528
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
server
ECAcc (lha/8D1A)
age
335449
etag
"3142978827"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-type
text/javascript
content-length
3062
expires
Fri, 03 Dec 2021 06:10:06 GMT
66e80cb8506cc9f3b199.js
yastatic.net/partner-code-bundles/49422/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/66e80cb8506cc9f3b199.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c1fa42f83754d24e2a0d6bfae41cd7ea7719dd873730e064fdc3c7f5d118e1bb
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
5266
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"c51663f2501bcfa7b2de8ce33bcde83a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 12:42:03 GMT
/
c.lentainform.com/pv/ 		0
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lentainform.com/pv/?pv=5&cbuster=1637907005673930250258&uniqId=12f99&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&lu=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&sessionId=61a07a3e-0a58b&pageView=1&pvid=17d5add80ea961eac81&site=706556&implVersion=11&dpr=1
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b40f3a92bcd3607-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ Frame 1B53 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30089
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 19 Nov 2022 13:47:09 GMT
header-bidding.js
yandex.ru/ads/system/ Frame 1B53 		166 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
712550e15b7e1eeb1f48b8ad3670ed0b2c9a52389c1b2e19fc785fcaffe6a813
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag
1420968219
x-yandex-req-id
1637907006234080-12300309743204199483-man1-4525-man-l7-balancer-8080-BAL-7673
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 26 Nov 2021 07:10:06 GMT
context.js
yandex.ru/ads/system/ Frame 1B53 		303 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
471d22432b588e6585a8e5b66d117d11bd9ee20fb0e08f7cbed1e1c53d283a44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag
896219988
x-yandex-req-id
1637907006234453-8542537954151759122-man1-4525-man-l7-balancer-8080-BAL-4474
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 26 Nov 2021 07:10:06 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=e6cd8134744166e7&duid=1637907004608927935&p5=jznmh&rand=jvkllsm&sj=gJKTD3J9OgiiIm7fHqAg9_r8V2qkXKiNZOnjfN0Yeg5O5_dFqK3cuG-wBGOGeg%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685738517&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2F&pr=icpfivz&p1=chfib&rqs=POaighaSwEg9eqBhUMIDCCs1FRa2Ps5A&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
5fa952ef53a3801c4145a468
statsb.nativeroll.tv/nr/aserver/group/ Frame D4C3 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/5fa952ef53a3801c4145a468?event=visit&gid=5fa952ef53a3801c4145a468&v=1.19.10&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&title=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&ref=&block_enabled=0&width=1600&height=0&offset_px=4301&offset_pct=50&lenght_px=4301&cookie_enabled=1&t=2021-11-26T06%3A10%3A05&mode=background&data_saver=false&places=0&nr_f=MTYzNzkwNzAwNTUyNA%3D%3D&ancestor_origins=https%3A%2F%2Frg.ru&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=1017c9ae-89f8-4cf2-b6de-4fab45d6b0b9
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host83.seedr.ru
Software
nginx /
Resource Hash
77c8a804dcee1c93d64824abb6bf00cd6457cfbbd4ce63f82c854636df6d9192

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:06 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
https://rg.ru
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
Content-Type, *
version
moevideo.biz/embed/core/ 		45 B
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/core/version?jsonp=&jsonpCallback=jsonp_1637907005733_14753
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.107 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f48.moevideo.net
Software
nginx /
Resource Hash
691308d822671760ffba7195c2a6c535d46542cab67b0e674ffef449fc4d1a40

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
45
X-My-Reqtime
0.094
Content-Type
application/javascript
logo_lenta.svg
cdn.lentainform.com/images/lentainform/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lentainform.com/images/lentainform/logo_lenta.svg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535ab2f2779b29b6ed18af6aa8fb3ecd2e387bdef80583a2dc8ff6caa31f75a1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
br
cf-cache-status
HIT
age
4714
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
P5X8B9DKCFZF98M7
x-amz-id-2
ICmW/ulZ63SSRfK2O0BAHS4Y+uMR+mnYTGLXfHW2U6FS/G/uFB11JMVf2AZqd3TQw4gwCBD3mVo=
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
etag
W/"7a861a7f846282a54fc99809519c1cac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6b40f3a97c183607-MAN
expires
Fri, 26 Nov 2021 10:10:06 GMT
truncated
/ 		126 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebaaa00d7a0d03e309230bc91cf4b9e6994130b9170786840315da05a04aac94

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 16:13:41 GMT
x-content-type-options
nosniff
age
136585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 16:13:41 GMT
/
sync3.sniperlog.ru/ Frame FEDF
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=7fe4991e-4e7f-11ec-a6e9-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=7fe4991e-4e7f-11ec-a6e9-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=D6YpWSpK7WcfeZqUD%2BFAjw&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=D6YpWSpK7WcfeZqUD+FAjw&extra2=aidata
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=D6YpWSpK7WcfeZqUD+FAjw&extra2=aidata&google_tc=
  • https://sync3.sniperlog.ru/?src=ggl&extra1=D6YpWSpK7WcfeZqUD+FAjw&extra2=aidata&google_gid=CAESEOCsvQUug0Atln4YqLNq2x8&google_cver=1
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync3.sniperlog.ru/?src=ggl&extra1=D6YpWSpK7WcfeZqUD+FAjw&extra2=aidata&google_gid=CAESEOCsvQUug0Atln4YqLNq2x8&google_cver=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync3.sniperlog.ru/?src=ggl&extra1=D6YpWSpK7WcfeZqUD+FAjw&extra2=aidata&google_gid=CAESEOCsvQUug0Atln4YqLNq2x8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
servicer.lentainform.com/1140036/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.lentainform.com/1140036/1?pv=5&cbuster=163790700579986092191&uniqId=12f99&niet=4g&nisd=false&jsv=es6&w=695&h=303&cols=10&ref=&cxurl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&lu=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&sessionId=61a07a3e-0a58b&pageView=1&pvid=17d5add80ea961eac81&implVersion=11&dpr=1
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ecc1911e40ecfd3c2e41f99a0712bedf87eea14e6f89d7b6c232c111c2e2ee8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b40f3a99c3c3607-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
getcookie
matchid.adfox.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
access-control-allow-headers
accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-credentials
true
date
Fri, 26 Nov 2021 06:10:06 GMT
timing-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://rg.ru
x-content-type-options
nosniff
getcookie
matchid.adfox.yandex.ru/ Frame 1B53 		240 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e6bfd9e33349c155f32901ef1936652ec07b4ecd4d3767fba7395ceef77a1f16
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:06 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
240
x-content-type-options
nosniff
content-type
application/json
publishertag.js
static.criteo.net/js/ld/ Frame 1B53 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:13 GMT
server
nginx
etag
W/"618cb9a1-1d4ec"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 27 Nov 2021 06:10:06 GMT
bid.cgi
pb.adriver.ru/cgi-bin/ Frame 1B53 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:06 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ Frame 1B53 		11 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
ad.mail.ru/hbid_yandex/ Frame 1B53 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:06 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
yhb
yhb.p.otm-r.com/ Frame 1B53 		11 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.9.22 Ballenstedt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.9.251.148.clients.your-server.de
Software
nginx/1.17.2 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:06 GMT
access-control-allow-credentials
true
server
nginx/1.17.2
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ Frame 1B53 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:06 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ Frame 1B53 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
12701
content-length
31
expires
-1
4e51507e3b3fc8f9151b.js
yastatic.net/partner-code-bundles/49422/ Frame 1B53 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/4e51507e3b3fc8f9151b.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d9c9b9f80c7fbdcc2ef6abe5d2182e9891d6f273830b00a744d05552a21b896f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4454
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"4e5871d7ef3811951d665e56ae812382"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 12:41:33 GMT
df68bffbff5ae367a9a6.js
yastatic.net/partner-code-bundles/49422/ Frame 1B53 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/df68bffbff5ae367a9a6.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
42f778eacf147663de14a5a700f83fef31c1dbdf56001b1f71478145c9391369
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17116
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"2ed5bd1577fc37a67ec058623af0437f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 12:41:38 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ Frame 1B53 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 12:44:13 GMT
394f92cef988f11256c8.js
yastatic.net/partner-code-bundles/49422/ Frame 1B53 		639 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/394f92cef988f11256c8.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
93c047f6bcfb7f7e8173521abe23a3f2ef3e31424ef5e4d27bef44cf5297d72c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
131576
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"4411cc5ea4047a827feebd9b94c0f945"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 12:41:34 GMT
cdb
bidder.criteo.com/ Frame 1B53 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=70890532916
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:06 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
sync
statsa.nativeroll.tv/nr/ Frame D4C3
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsa.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D6%26rand%3D271698
  • https://statsa.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=I4jPe4gWdVO/6iZWsKBbOO&gt=6&rand=271698
0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsa.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=I4jPe4gWdVO/6iZWsKBbOO&gt=6&rand=271698
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
185.137.232.40 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host40.seedr.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:06 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.12.0
location
https://statsa.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=I4jPe4gWdVO/6iZWsKBbOO&gt=6&rand=271698
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
1017c9ae-89f8-4cf2-b6de-4fab45d6b0b9
an.yandex.ru/mapuid/adfox/ Frame D4C3 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adfox/1017c9ae-89f8-4cf2-b6de-4fab45d6b0b9?jsredir=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:06 GMT
rle.cgi
ad.adriver.ru/cgi-bin/ Frame D4C3 		42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=271698
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.37 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:06 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
image/gif
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
nativeroll-sync.rutarget.ru/ Frame D4C3 		0
0
cm.gif
ad.mail.ru/ Frame D4C3 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=107&id=1017c9ae-89f8-4cf2-b6de-4fab45d6b0b9
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Last-Modified
Fri, 26 Nov 2021 06:10:07 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=21600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Fri, 26 Nov 2021 12:10:07 GMT
pixel.gif
static.criteo.net/images/ Frame 1B53 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 21 Nov 2022 06:10:06 GMT
pixel.gif
static.criteo.net/images/ Frame 1B53 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 21 Nov 2022 06:10:06 GMT
events
bidder.criteo.com/csm/ Frame 1B53 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:05 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ Frame 1B53 		171 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2F&date=2021-11-26T06%3A10%3A06.025%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3360406523&pr=3986870864&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074142741&is-turbo=0&skip-token=&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A728%2C%22win_height%22%3A90%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22quirks%22%3Atrue%2C%22w%22%3A728%2C%22h%22%3A0%2C%22width%22%3A728%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=728&availableHeight=0&pp=i&ps=cgiu&p2=fjgg&slotNumber=1&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6MTM5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5NDUxMSJ9LHsiY2FtcGFpZ25faWQiOjk5ODQ3NCwicmVzcG9uc2VfdGltZSI6MTEzLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNDM6cmdfNzI4eDkwX2JvdHRvbSJ9LHsiY2FtcGFpZ25faWQiOjg3Mzk4MSwicmVzcG9uc2VfdGltZSI6MTIwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNDE0MDkyNyJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MTIwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiOTQ0MzczIn0seyJjYW1wYWlnbl9pZCI6MTQyMTQ0MywicmVzcG9uc2VfdGltZSI6NTAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyODc4In0seyJjYW1wYWlnbl9pZCI6MTM1MjEzMywicmVzcG9uc2VfdGltZSI6NjQsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI5ZE94ZHRkaUdqbmY0TWM2WVZiUiJ9LHsiY2FtcGFpZ25faWQiOjE1OTczNDYsInJlc3BvbnNlX3RpbWUiOjExMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjYxMjhkY2QwZWEwZTVkNDJjMDFhZDI3NSJ9XQ%3D%3D&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C65%3B462596%2C0%2C20%3B443805%2C0%2C0%3B426975%2C0%2C19%3B460723%2C0%2C13%3B452125%2C0%2C90%3B461570%2C0%2C27%3B452186%2C0%2C85%3B456228%2C0%2C30%3B457748%2C0%2C5%3B457304%2C0%2C98%3B457667%2C0%2C19%3B457474%2C0%2C51%3B400735%2C0%2C52%3B451373%2C0%2C52%3B461829%2C0%2C61%3B&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22NO%22%2C%22testId%22%3A%22462596%22%7D%5D%2C%22SMALL_VERTICAL_SD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22443805%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452186%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_MOSAIC_VISIBILITY%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457748%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457304%22%7D%5D%2C%22REMOVE_DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457667%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22400735%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=jtJ5VVBPLVepW5%2Fi4eWbLya1Oavn87M7VV%2Fcvz4p%2Fqr9Rc5VU8pHcXTdGcwk93cadTYgRtSuzFJkxO7iAaGcgtiQIVk%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6e785b6ec22145a7e43d7b72cb2ad512987f62aeb9fcdd64835f8e50a633f726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907006597029-357755953500291515000239-production-app-host-sas-pcode-93
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:06 GMT
stat
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/stat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-relap-cookie,x-relap-unique
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
date
Fri, 26 Nov 2021 06:10:06 GMT
vary
Origin
x-server
web12
x-content-type-options
nosniff
access-control-allow-origin
https://rg.ru
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-max-age
1728000
access-control-allow-credentials
true
strict-transport-security
max-age=5184000; includeSubdomains;
stat
relap.io/api/v7/ Frame 0A4E 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/stat
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=eZJFUg:SFTu2g
Referer
Accept-Language
en-GB,en;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Relap-Unique
ZTYzYmM0

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
x-relap-cookie
rlprp=eZJFUg:SFTu2g; rlpvp=eZJFUg:NkYkJw
cache-control
max-age=1, no-cache
x-server
back17
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
integrator.js
adservice.google.co.uk/adsid/ Frame F8FB 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F8FB 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F8FB 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=632773660835248&correlator=172826935779262&output=ldjh&impl=fifs&eid=31063377%2C31063798%2C31063810%2C21065724%2C31063246&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21770387747%2C630x240&enc_prev_ius=%2F0%2F1&prev_iu_szs=630x240%7C2x1&cust_params=630x240%3Drg.ru_630x240_14&cookie_enabled=1&cdm=rg.ru&bc=31&abxe=1&lmt=1637907006&dt=1637907006089&dlt=1637907005029&idt=1037&ea=0&frm=23&biw=1600&bih=1200&isw=630&ish=240&oid=2&adxs=428&adys=2645&adks=4133831003&ucis=hoyh67gsizs6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&top=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=630x240&msz=630x-1&ga_vid=370508847.1637907004&ga_sid=1637907006&ga_hid=1013023455&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9e2abc68d9dfa011ee08129e29f4990bfbddac2ef230bbebb8c7b5ad409cc8d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8385
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F8FB 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcfcbc9781b6440d4957fb3a1e6ccd6706095357dbe5e648c6752bb55a27f764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9248
x-xss-protection
0
container.html
f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E5D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 06:10:06 GMT
expires
Sat, 26 Nov 2022 06:10:06 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.co.uk/adsid/ Frame 9842 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9842 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9842 		80 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=916402354270510&correlator=3178310817042915&output=ldjh&impl=fifs&eid=31063811%2C31061690&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21770387747%2C300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C2x1&cust_params=300x250_desktop%3Drg.ru_300x250_desktop_10&cookie_enabled=1&cdm=rg.ru&bc=31&abxe=1&lmt=1637907006&dt=1637907006133&dlt=1637907005063&idt=1049&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1120&adys=2400&adks=500895534&ucis=iaoefhf7z7kh&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&top=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=370508847.1637907004&ga_sid=1637907006&ga_hid=2097645608&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5c13d724b8085425cd5185d134fd27abeb80f2c6640186dff20b32acd284f32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33267
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9842 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e9d31178fe3b7702946fa35728ca6e0d41f44bb710ce9638813c8fbbe7ee4ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9124
x-xss-protection
0
container.html
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1753 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 06:10:06 GMT
expires
Sat, 26 Nov 2022 06:10:06 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync
ds.frontend.weborama.fr/ Frame D377 		664 B
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ds.frontend.weborama.fr/sync?key=ids_sync&src=wamf.wildcard.js&wamid=3336&v=2021091401&callback=Utils.handleDataSync&ref=rg.ru
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.231.117.34.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e6c5f03061e87abb87df7e24965955b3162a2ed61e7a4d7a18030a087db944c6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
664
expires
Tue, 03 Jul 2001 06:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame 7991 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7991 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7991 		53 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2727461949966619&correlator=2787967637631739&output=ldjh&impl=fifs&eid=31063811%2C31063257&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21770387747%2Cdm_240x400_right&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400%7C2x1&cust_params=key_value_dm2%3D10&cookie_enabled=1&cdm=rg.ru&bc=31&abxe=1&lmt=1637907006&dt=1637907006193&dlt=1637907005046&idt=1124&ea=0&frm=23&biw=1600&bih=1200&isw=240&ish=400&oid=2&adxs=1150&adys=1980&adks=3868662635&ucis=fs2dlipybc5z&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&top=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=240x400&msz=240x-1&ga_vid=370508847.1637907004&ga_sid=1637907006&ga_hid=658978692&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
91243a795858fc025e7866c38de057bdf13441aec6992b302cfb58cfef772bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12191
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rg.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7991 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15a9a894edb144de090cefb13a365c185860e462310de2f379c20fc0bb8a1f6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9313
x-xss-protection
0
container.html
542c324d60275ff1d95c45e141b7fb7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C8CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://542c324d60275ff1d95c45e141b7fb7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 06:10:06 GMT
expires
Sat, 26 Nov 2022 06:10:06 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.co.uk/adsid/ Frame E828 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E828 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E828 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=988008847758990&correlator=2948064588763909&output=ldjh&impl=fifs&eid=44752541%2C31063182&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21770387747%2Cdm_970x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C2x1&cust_params=key_value_dm2%3D40&cookie_enabled=1&cdm=rg.ru&bc=31&abxe=1&lmt=1637907006&dt=1637907006234&dlt=1637907004911&idt=1300&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=2&adxs=315&adys=166&adks=428226366&ucis=thw9xj4sfuh3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&top=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x-1&ga_vid=370508847.1637907004&ga_sid=1637907006&ga_hid=268890214&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
bfb69cf6747dfa5c252ef25e86e6e2c3180d27ae6de9b7ec00e453d963d7f523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7526
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E828 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4eac72adfb58e629829e2569a475eddb0fcbe0d3c3dc95c395c58da8acdb59e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9317
x-xss-protection
0
container.html
09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA87 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 06:10:06 GMT
expires
Sat, 26 Nov 2022 06:10:06 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F8FB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 26 Nov 2021 06:10:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9842 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 26 Nov 2021 06:10:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7991 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 26 Nov 2021 06:10:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E828 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 26 Nov 2021 06:10:07 GMT
ids
idsync.frontend.weborama.fr/ Frame D377
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
  • https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEPvNB4WJA1OqpekghOpqlqQ&google_cver=1
  • https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEPvNB4WJA1OqpekghOpqlqQ&google_gid=CAESEPvNB4WJA1OqpekghOpqlqQ&google_cver=1
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEPvNB4WJA1OqpekghOpqlqQ&google_gid=CAESEPvNB4WJA1OqpekghOpqlqQ&google_cver=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEPvNB4WJA1OqpekghOpqlqQ&google_gid=CAESEPvNB4WJA1OqpekghOpqlqQ&google_cver=1
date
Fri, 26 Nov 2021 06:10:07 GMT
server
Apache
content-length
354
content-type
text/html; charset=iso-8859-1
401736.gif
idsync.rlcdn.com/ Frame D377 		42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/401736.gif?partner_uid=I4jPe4gWdVO/6iZWsKBbOO
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:06 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
collect
dx.frontend.weborama.com/ Frame D377
Redirect Chain
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=S81SHH7s9QNL
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=S81SHH7s9QNL&bounce=1&random=2920377024
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=S81SHH7s9QNL&bounce=1&random=2920377024
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Server
35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
102.80.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:06 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 06:10:06 GMT
server
nginx/1.12.0
location
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=S81SHH7s9QNL&bounce=1&random=2920377024
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame D377
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=S81SHH7s9QNL
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=S81SHH7s9QNL
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=S81SHH7s9QNL
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=S81SHH7s9QNL
date
Fri, 26 Nov 2021 06:10:06 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
dcm
aax-eu.amazon-adsystem.com/s/ Frame D377
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=STRqUGU0Z1dkVk8vNmlaV3NLQmJPTw
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=STRqUGU0Z1dkVk8vNmlaV3NLQmJPTw&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=STRqUGU0Z1dkVk8vNmlaV3NLQmJPTw&dcc=t
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
00BFE9661X8GKZXBWQBM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:06 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KEPX87B847FYQYNYAQJ0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=STRqUGU0Z1dkVk8vNmlaV3NLQmJPTw&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ids
idsync.frontend.weborama.fr/ Frame D377
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=28931708-65E3-4CF2-B0AD-C66C1735255F
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=28931708-65E3-4CF2-B0AD-C66C1735255F
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=28931708-65E3-4CF2-B0AD-C66C1735255F
date
Fri, 26 Nov 2021 06:10:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
bobid.js
fp.hybrid.ai/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp.hybrid.ai/bobid.js
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637907005509
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7170b733d833751c5a054598db93cb06aa3573194556a1adfd242e6c271632c4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt
AcO1ry8P8W3/bgEAAA==
x-accel-expires
@1637910241
date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
etag
W/"616ea8f6-7ff9"
last-modified
Tue, 19 Oct 2021 11:16:06 GMT
server
CDN77-Turbo
x-77-nzt-ray
R5//QrcE2NE=
x-77-cache
HIT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache
HIT
x-age
366
x-77-pop
frankfurtDE
prebid.js
st.hbrd.io/ 		0
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://st.hbrd.io/prebid.js
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637907005509
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt
AcO1ryxcOWH/bgEAAA==
x-accel-expires
@1637910240
date
Fri, 26 Nov 2021 06:10:06 GMT
etag
"619b69e0-0"
last-modified
Mon, 22 Nov 2021 09:58:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
+uaRcSzEGTg=
x-77-cache
HIT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache
HIT
x-age
366
accept-ranges
bytes
x-77-pop
frankfurtDE
content-length
0
/
ssp.hybrid.ai/
Redirect Chain
  • https://ssp.hbrd.io/metrics/init?name=start_of_metrics
  • https://ssp.hybrid.ai/?jMwh/HEzJoAnz9KzS0FKY+Tib+TONz8fpSRgq3Yh39uKVHikRp2TPp2JbVz56b4+
32 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?jMwh/HEzJoAnz9KzS0FKY+Tib+TONz8fpSRgq3Yh39uKVHikRp2TPp2JbVz56b4+
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
60d19ba6b114c80a735d2294a070c7e4ea87138005b622385f1e3e104e8b1a51

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
null
date
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
content-type
text/plain; charset=utf-8
content-length
32
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

Redirect headers

location
https://ssp.hybrid.ai/?jMwh/HEzJoAnz9KzS0FKY+Tib+TONz8fpSRgq3Yh39uKVHikRp2TPp2JbVz56b4+
date
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
access-control-allow-origin
https://rg.ru
content-length
0
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
/
ssp.hybrid.ai/
Redirect Chain
  • https://ssp.hbrd.io/matching/urls?
  • https://ssp.hybrid.ai/?SI3/J3nkVIzDCkyLW0NNkI5WyllE6z2hrq0RPwAA0Pg=
0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?SI3/J3nkVIzDCkyLW0NNkI5WyllE6z2hrq0RPwAA0Pg=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
null
date
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

Redirect headers

location
https://ssp.hybrid.ai/?SI3/J3nkVIzDCkyLW0NNkI5WyllE6z2hrq0RPwAA0Pg=
date
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
access-control-allow-origin
https://rg.ru
content-length
0
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
Z_HWHw.jpg
cdn.relap.io/Z_/4/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/Z_/4/Z_HWHw.jpg
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
cfead8a31f9c8c62ad37a6e0deaaa3fd6b385f45b267453319f9cac3fea67033
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Wed, 24 Nov 2021 11:23:38 GMT
server
nginx
etag
"619e20ba-52d0"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn07.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
21200
expires
Sat, 27 Nov 2021 06:10:06 GMT
rZdIUg.jpg
cdn.relap.io/KWjeOg/rZ/4/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/rZ/4/rZdIUg.jpg
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
5da3e68bb30d7e3a867338bace916d245f4dce6b1a8d470c505973bcd1f6adf5
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:06 GMT
last-modified
Fri, 26 Nov 2021 02:14:36 GMT
server
nginx
etag
"61a0430c-3074"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn07.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
12404
expires
Sat, 27 Nov 2021 06:10:06 GMT
12_news_eng.m3u8
cdn.viadata.store/media/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/media/12_news_eng.m3u8
Requested by
Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
45f0f17894ab482b67a6d7f5fa80bd19fb44da017e93a2df668311c9409c0970

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
last-modified
Fri, 26 Feb 2021 14:49:33 GMT
server
nginx
etag
"60390a7d-513"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
EU
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
1299
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
TzU_Ug.jpg
cdn.relap.io/KWjeOg/Tz/4/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/Tz/4/TzU_Ug.jpg
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
1eec55342d3c385315e63c367aa6c5fdabbdb33f1ef7a9f0ba3c0df8691576d8
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
last-modified
Fri, 26 Nov 2021 01:34:44 GMT
server
nginx
etag
"61a039b4-4b18"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn07.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
19224
expires
Sat, 27 Nov 2021 06:10:07 GMT
viads-player-logo-50.png
cdn.viadata.store/static/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viadata.store/static/viads-player-logo-50.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
last-modified
Wed, 26 Feb 2020 10:23:58 GMT
server
nginx
etag
"5e56473e-26d1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
EU
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
9937
k70oUg.jpg
cdn.relap.io/KWjeOg/k7/4/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/k7/4/k70oUg.jpg
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
f714130a5f0c8f66d5df83b9c3104bcf024f146086b51ed78e1d2d6c21c962e2
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
last-modified
Fri, 26 Nov 2021 05:36:35 GMT
server
nginx
etag
"61a07263-2f6d"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn07.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
12141
expires
Sat, 27 Nov 2021 06:10:07 GMT
PdDVHw.jpg
cdn.relap.io/Pd/4/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/Pd/4/PdDVHw.jpg
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
5f9d9c3be7d460dcb34637217d85dab0ef07da9dcac954b911ef33b46f6091fe
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
last-modified
Wed, 24 Nov 2021 07:12:08 GMT
server
nginx
etag
"619de5c8-48c9"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn07.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
18633
expires
Sat, 27 Nov 2021 06:10:07 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 8C4B 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
226866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Tue, 23 Nov 2021 15:09:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 15:09:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 8C4B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
295072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 22 Nov 2021 20:12:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Nov 2022 20:12:15 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 8C4B 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
290460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 22 Nov 2021 21:29:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Nov 2022 21:29:07 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 8C4B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
289669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 22 Nov 2021 21:42:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Nov 2022 21:42:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 8C4B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
216596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Tue, 23 Nov 2021 18:00:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 18:00:11 GMT
css
fonts.googleapis.com/ Frame 8C4B 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 05:51:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 06:10:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 06:10:07 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8C4B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 05:59:37 GMT
x-content-type-options
nosniff
server
cafe
age
630
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Sat, 27 Nov 2021 05:59:37 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8C4B 		344 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Nov 2021 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
84233
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 26 Nov 2021 06:46:14 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8C4B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPpEVPnqgYc_SLpLXgQfivI_YBJ7mjO9d8uyPqOAHv-EeEAEg15TCbmC7ts-D4AqgAYu-lvwCyAEJqQLqF2Kur9GyPuACAKgDAcgDCqoEtAJP0FNR7R8xZiHyjJeHuTBvDAOQFAW-AYVg8QeSqnHk8ATlPnJt4cw6Rpxvhk4Di9kxdyl4p8BN9Lkb0flIrchCzr1tq7gfxTyALrD0MNGSCa0_Jode5aj7eRgntF_JYeFpe_qtyS2Gw00MS6zPHZnNtPkVVaBEJwzQxj4VyBeU9X4KkRTHmuZZM23YXl4bozvyUa1haAWdgbpT0zPa0bIIqZO_FQlQ3XI7UqbfuUQGbXhTtaEeI5OZCoWA2sF_mKrgMkc1HSUI2yqgtagkA924_FG4wx0vaHcoP-hlhvAEtlPJHm8qrajHI8FsDLYstcK9cgwacFu31a9j0MdVdfiIjCf2b4qlo-8nmkFCu0dGEP1eHgSCBEibEzX_OeSKt3OvbQZzPL2OaT41U2D0bhuqQynVgcAEt7SKuukB4AQBoAYugAfdwemDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEO3uENIICQiI4YAQEAEYHYAKA8gLAbgTiCfYEwOIFAfQFQGAFwGyFx4KHAgAEhRwdWItOTk1MjY0NTE2MDcyMTQzOBi7lW8&sigh=Br9tgIrTJ0s&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmu&hash=d836902f68514656&duid=1637907004608927935&pxo=IAm924wwL7uLi0fVMHOrcqGLLQUlhuSNW5Ys-_2HXhD2o1ynzpw8gwJTB6ZVKhnA8XV-nC2-WTd_QpjLkBz7ZUz96pQqW60PzcR6Evhk3IBTY_bG-I0lOf-fb-49sPz9SrI4tyvnVhWODDDAQ8osYC599FlirS-9NwMju3D_4I3YCsOcp9M%3D&p5=gdhai&rand=fktzrms&sj=GrVsVdkOJ9U08ZYCWMqJY9MUXREsmfIEGwQhniX7Gl1BAQ04Tigui4jIUB3xOg%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435686000661&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvpww&rqs=POaighaSwEg9eqBh2COz6xqagxemaBrU&rtb-si=b&p2=fjgg&resp-time=1537
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/18138231381697250103/ Frame 8C4B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18138231381697250103/downsize_200k_v1?w=400&h=209
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af3735fcd4fbda0ad5e196976b386b8f269f3b6b72a51f9547db44b20622eb34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 07:33:45 GMT
x-content-type-options
nosniff
age
254182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16312
x-xss-protection
0
last-modified
Fri, 28 May 2021 11:08:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 23 Nov 2022 07:33:45 GMT
truncated
/ Frame 8C4B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8C4B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64effeec521ec90fad1591e96a260fb49e06a70dae2e1967bf6ff8f5ec62add4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cza&hash=8c9204d184f61c2c&duid=1637907004608927935&p5=kmgmd&rand=jjspbab&sj=M3G0RVjuE5mB_I9hlAUEVcq-7MHUeb60VryiC5Gw6G4htIpndj1xHHxqeYO3Mw%3D%3D&ad-session-id=6991771637907003995&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvnei&rqs=POaighaSwEg9eqBhtdTVMMX_MaAbZIuf&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
/
pl.viadata.store/export/101752/ Frame D42D 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.viadata.store/export/101752/?secured=1&language=en&page_url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pub_sid=101752&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=rg.ru&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=6479&VIA_WIDTH=656&VIA_HEIGHT=369&imp=false&rc=1&cb=1637907006607
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
363aea9da29163ae57b4a4d14447fd6dfdf50f270463c1116fef60d9612c6565

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
server
nginx/1.19.5
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
access-control-allow-credentials
true
access-control-allow-headers
sentry-trace
container.html
f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ED9D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 06:10:06 GMT
expires
Sat, 26 Nov 2022 06:10:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmu&hash=5b79bbd925de4d46&duid=1637907004608927935&pxo=I_DPdXmKnIROcqFgJTCV8G7CZNGihc9wkeNi-fyZ3PWzlGtnTbm-E4m03tm6fe_bxd5DAwWzoIyxuk705qbYNqzYKm_-ClMjYR0idUnPk6BuKW-lijvCO5Q-qArsQBznEfjCh45pL52Tb6rKMSd9g6zze92vRCNkikdMCSxUzRhUdWkRacY%3D&p5=gdhai&rand=mipeqfr&sj=7VRlxHjgurJTDZMx1d9nh3lDZBGcLjlfq3VAz3vE9IW1iLKo21FzO83rlvOfDA%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvneu&rqs=POaighaSwEg9eqBhpFG9YLbPJc4OCZv4&rtb-si=b&p2=fjgg&resp-time=1601
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
container.html
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A7C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 06:10:06 GMT
expires
Sat, 26 Nov 2022 06:10:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmu&hash=9aa71aa50213b8b3&duid=1637907004608927935&pxo=xDMYnMcop6_TUj4FbHnalWlNvp2l4IZ_V1ICVRgmOoBACgXrz2yUHDTnr8YJjo99qxNwzKBJfeV11zMhqxUxSsj-gIqmibjI1jmtZIJKDRHQLpZRKl6bmtL3DajZqpZ93Ok61HwY2_heeN-aktEV1Jv71ui4rS0WEy62eLQl54jpEN9Xz5o%3D&p5=gdhai&rand=lklbxjo&sj=_wr7lK1zx1UlgMJa3Zyy4Ly8kNkHLmne4CKLxeOinQth_v5QkhMMOoxtbgpWhw%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvobk&rqs=POaighaSwEg9eqBhPJj61zH5Id4yuY-l&rtb-si=b&p2=fjgg&resp-time=1596
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 8C4B 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 10:56:24 GMT
x-content-type-options
nosniff
age
242023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 10:56:24 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 8C4B 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 20:07:29 GMT
x-content-type-options
nosniff
age
208958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 20:07:29 GMT
native
moevideo.biz/ Frame 265F 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.107 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f48.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
35da8089f027ddbf8127e0603a619dd63f790f3f45d59c65638d203f680dbd2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

Server
nginx
Date
Fri, 26 Nov 2021 06:10:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.38
X-My-Adv-Time
0.000946998596191
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Fri, 26 Nov 2021 06:10:07 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.007
X-Mv-Embed-Version
1397
X-My-Name
s12
X-My-Reqtime
0.094
Access-Control-Allow-Origin
*
Content-Encoding
gzip
container.html
09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF47 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 06:10:06 GMT
expires
Sat, 26 Nov 2022 06:10:06 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmu&hash=a987c82d5a3d31fe&duid=1637907004608927935&pxo=54dDASc59tRXgaORfaq9_04I3kyWD-R9AhEyVoBZqsvko7zlT-9CcZLB_0kBwWKpm6HokDFJAPnBu7W4iIsZAen9lsGTWhalCEF4DcTYXR0yjPN3s6D2nN6yfP9Cns7o8gmjDbEi02DNATeH5mpBGSN3l4m2y6XXdf1JJMLjEKHdq-FRW_4%3D&p5=gdhai&rand=zyefcy&sj=aKkj2ZEr38VOPq_VG4muLzxKLsi1NdSIp_IZRlv9L2w5SWKtIT9tj6KaEFqW2Q%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bzqke&rqs=PPahGs_-5Fw9eqBhMxYW9qOLeOkC2ndH&rtb-si=b&p2=fjgg&resp-time=1817
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0FF8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 25 Nov 2021 20:35:24 GMT
expires
Fri, 25 Nov 2022 20:35:24 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
34483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9950 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a0213f98a13917ee3a0aab8e3425802c80bbb60a633387ff05b5f47658afa62
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LRVeSAlUhz4OLxdHM2wKxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 26 Nov 2021 06:10:07 GMT
date
Fri, 26 Nov 2021 06:10:07 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-LRVeSAlUhz4OLxdHM2wKxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.html
eus.rubiconproject.com/ Frame 1704
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=59b3de82-cb25-534a-b279-9971d3d9e34d&CACHEBUSTER=740372
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Nov 2021 06:10:07 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Fri, 26 Nov 2021 06:10:07 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F794 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 25 Nov 2021 20:35:24 GMT
expires
Fri, 25 Nov 2022 20:35:24 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
34483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E181 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
723960244d90684211579c828dcf959d686b6632c71c428feff20fb729992987
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BafhjzYKa0ej9lDssaY1DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 26 Nov 2021 06:10:07 GMT
date
Fri, 26 Nov 2021 06:10:07 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-BafhjzYKa0ej9lDssaY1DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3571 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 25 Nov 2021 20:35:24 GMT
expires
Fri, 25 Nov 2022 20:35:24 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
34483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D852 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
901372bd76d8f0c047f3e5806f5aa690afebd9c2174c5a1579ef44819370585f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AS/OAttwNL4qVf8yjn7bsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 26 Nov 2021 06:10:07 GMT
date
Fri, 26 Nov 2021 06:10:07 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AS/OAttwNL4qVf8yjn7bsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6905 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 25 Nov 2021 20:35:24 GMT
expires
Fri, 25 Nov 2022 20:35:24 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
34483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame EDCD 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
06017f88e4ad82823dee96e0cfa038604f18ceacc9805dbfc6742c84a4fddb98
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7JF6tbvyHFvs923TCvof7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 26 Nov 2021 06:10:07 GMT
date
Fri, 26 Nov 2021 06:10:07 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-7JF6tbvyHFvs923TCvof7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
12_news_eng000.ts
cdn.viadata.store/media/ 		242 KB
242 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/media/12_news_eng000.ts
Requested by
Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a75fe9acfb784bda910aec728288489aed0d6afcd101c109af4d9726e32da7a6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
last-modified
Fri, 26 Feb 2021 14:46:45 GMT
server
nginx
etag
"603909d5-3c670"
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp2t
access-control-allow-origin
*
access-control-allow-credentials
true
x-continent
EU
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
247408
features
dm.hybrid.ai/bobid/ 		0
0
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame D35F 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 11:19:01 GMT
server
nginx/1.17.9
etag
W/"82bdc8db563d3e71c35534315f8a9fd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Sun, 28 Nov 2021 18:08:34 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
b45b461a55d0d367
e8642d92-6df5-4068-a8f9-afcb2b874c96
https://rg.ru/ 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://rg.ru/e8642d92-6df5-4068-a8f9-afcb2b874c96
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
62028
Content-Type
text/javascript
pixel
googleads.g.doubleclick.net/xbbe/ Frame A74F 		624 B
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY4sHdrAEwAQ&v=APEucNXg4T_gRbbo9A09ExwkXrZTLx9preBx12mDLNZB8j5cr5eYVTUgbrfCNg1SyBCnP-ZJD1d2GhIyyrgLiJi_uuolFzb8wDVEN98z2qGz11V4hd7nrmNx7Dl5q7VI6gTolSXMAtX04YGuOHjkP2CTO19ZgWziQDh_xGfNEE8Uh4FUyQSOu50
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 26 Nov 2021 06:10:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 26 Nov 2021 06:10:07 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FF18 		71 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFw7Gw8n8fTOOsNp4EPEtQWcKKVrkxfB1bf-Ixar7N8jeuN6D6zaCY7H0EJ_pfgnzLPdL-3OXnq_ersU5PXzd7Op5532xNP5tqtQFJDKL5_PNlZOqTJmGkQT0VKh_qpMIgMD-v-yGGhr6GxaaE1ASya3FbjQ&dbm_d=AKAmf-CyXxyr2A3XU3QkGHxwRZNuFVJeLe3ZiC6VKJVuqX_xUMUk859Bfh7TNfqjh2QQeg9wT0hfapFZFn5d3F1JtKCmSbALv8j7CtAPMW_Ja4q5Wx9nOMlHvaQbJLGVkXY-Ac1Q40qLDhNPOeBOORGqLCHTA0MaeuVwzBVxt7wqztFkoUHGDTSA503XiXFpk2YsStUKTMk9TC6BGDbxIo8wRXe2xDgTuDGQ6tKbn-C2Ix75jkna2mx9mZpqqwKu7slGmfninznQelvIoap0diNY8WQhJJsZIiqqQ2jKwwBfQWu9Y1fM3J6rFQwdGTHyhKMkmhUwXxLPqi0lGGQGv3ywelAmNEbdMS9EaVuZ5jUuui6smuIlFjWb_48QDFYCHDAmOKrB2aG7A6OjQlQPdGz7asUMv3Wrw583jcRAry77dLm76Yz7S9HwdPm4lTsY3j7xG3i7zBVMD6zXHf1b44dHDLN5Nb8fjm6BEq1YjDPpyXD7tBwpir2QqZpCy0NVcW0z5ZbBpeYs4lqXq_ygDgU389bduEqDMI9Wl2rpVTnNTFLHClcNnU7hurfIfS7gdKoFH80-Ux97c5X7TKHdmZWE_fOesJZ7yDT1wv3BMzjWunQNZd5kwVPnVMvl4zRudPl17yPF1t1LcKar3IuRrMiNlJFFMoi17_R1uyLEqJDa9bC-wc-_vhxn-Fpgvtf6BKrVoN1f2SL45yyqDO-agR345i2TaKbLht8VMv7UZ0L-5vBwRKO13obzE3lxjzoS1DqoXZJqDo2P84Gj_dUiSgeDCCajND_gNBnC_NVTYtpvCuB__TtUHpkAKSr7RA2Ay_Nnu7ko-_keNTKpVUpL_GmeMXS41E7ss-3kTZHyDDQcCvvfVjSSeAQJfpNX8xZyUl7erigXUXt4J6aHAd16AVev6-pgT8fKCny3OY313D4JvhEriYPwViOR8gegHXxv46WGaIarbx08oBbQUCys9jZVl0h1qaeBdgpWj41AER5tlrQoDrF0T4KTaW1OtZ2lBS3cX8rvAE6G2cy8ejEcg6KhTXiNUvqRgysd_ksp9Eo65N6-FIj_LiiDDUB8V0t9wLpirCZP0eUpyHGx9PxkkKtd-eG1vQWDjhuM--dwiLrO7glgEWt6KS-cZ2UF01k5-G8QIr26umb5uTGAfk40A0eU3Xh6WrXNkUa5xYstcVpB3Zo9oqG0ZbBiI79rNrIaEmMFVd23pHTImfNyHWYJcpKRMDr3AwrGncC9aPfk3Qza2Ae21LthtHRJXV7bflNLBHeBl7eO8bWkfTvIx4qkE5ljvQnvEcgjsb4lUOHQTDkJdyHGt9fcvP-eAXvMmnhAHmdgPYEl5483Vyno3eQU0MPJkxouGMY6q9T7sVuCGcy4znrmNbP-nC1N6QhG_Fl2k1A8skmnv9lSq7HVbUYsX5wNxZxnclE53U14wGKKX3gwOHhjeKp9vMoatOdeZO7ZCmBQbpd1CUDwyP9AhW-E8EOQCSQHkcQBcg6JOeQC6JcuaGY33lSKgLbvrDm84YREd_oeqMHzS2g2XC4L5kBtAbsiVtGr-65FOm465Wk6triIRchTNKzfpImElJYpWS9ypzk1pAVmfKF5Tu4KDYmbyHHrjlGFWE_aAVOipnvou7d8sRFkcS9ayRUvfJGw75XlIz15rJRMdpZwH6ysMzaAZz7QJg5WhJpXrPujoJcrhqAi4HbPVCWDf9rodygxLWAr9MswobGJyNDjh_YBNguLs3E-t1pi_4nBpJdQA8U7gMBhIMkUYskhSOmJWFGRQJEQW2T9zt19bMBlaQiW7FqMJZNPYh0tYgs5o4RINu96-LdsB13ICoV68KTKxLfDOuBRHNYNLDGixdhKeEy4Yj_khYnEkWR9aPTL2SRqugdfzmhOVU8cQsFZNpKc1v6eLC7sHd9aRaKMwtXF3YDgR09h9Dtq-McyUL6LMjCW-ht8DMvZhky5BXx-q4cQQMN4p4ijoqguwgdLJTAfOLmQFRnpwqZJqoUVW49x-AG0QUsXGlgPfouu393mgHQfFaAoNApyAsXGE1kJanRSbGGYRyrzhXyEO_C3Tp7EtTfYILVRAMETh4GCEebNSbCTYW1uiN6YWpM-SYhXsLrj2dMbpjF_7bY8d0iOVLfejnwnsit5LiSDfZGRJZE2FoA8Bwid-O-Fdo3soYaUXbGP2qJrFmNq9UH2XvKdRP6PQ8xDorMq4VRpHktPVEW_BQr4sJdi31yzbtXdvHlWsApcNSRaUjCBnouYUxEwtPpgsvL-E5g7Mv8KFt0-b1bFREBeQ705nAk_UufsGr8jIKr5T3brWlk79Vu1t9ld5ZIu78o0WlJJXqu35x9f1plJTST4gcLLwXTBgtjrXkxlRz4_S_MW_KVYLOokAcXiuglcH_KTmk1CcYwxt7nXiy2pvf0OIvS306irDLXsP9pj_yjbz_dOf7F2T6S9fPWhzW9k1Nkf6V-wCNK8xZOOGdoeOB30nAHZnCDE6Mn_3bOWrkM6O0T6ILFbNSpm6sgyZGwjuGogvD7hxpMIGxzKHDxlbIcBi27JSx08BgVktovbpD1gkFWVsejkxdIMmkHNZShnUuqpAYKwK2OOYGn9ikF4DCMWAJ_tq5J9PpCH4QbJicD3PnNeFTgLcGA3UhPCnx0hGw6F61KcEc33DrnSbBp7buXJqIz2JBSOU2NwsxFfG7JHXnhqaURPCxmJMTCJ44WGZnSxcr7emFYisjul-a-b1uiyEUhtaeicQG6h9CnlABYNCF3nx-feJgyIVTOEx_ll5cyBJh5JHhhBAQgHU4aUApdRTDXTTHD8-2hAjbgO6RGsqw7tqDJYIJnunqSWd73umG9tvv5X9g9BGOB4Jtc91NOGxLd8mxwzaeh9irG5bPrdcqHZ0W-EoDgFPeGzRHxjZ0KApQyLW9_JGCQnDFgYNFuukpfrN0k7jxR9rLwnpuJajH7WNcSvze_cifObPo1vwQKrqPmF_kvjLfq7HE_UHM9ZM-bYA9VKc5d0Z8TAakyxUI2X412Khw5tCxQxCUCSfQJ-UsWZGYWJbjP35asAf-JoJGfBd3yvAZ05YEBDLGAXwSTh7Ybs6touyt6bEGlK0RMGdqbnWmXGdVlx96aPGZDsNSyPIQxpEdMWBuDPYm3wYBi1BJHEYPOWYK_hRKAvSAqHUfGDkAJ9sjNSolVaMvU4yuoNat7jIJFcRIKpbKFPvQPiBcgBaCuPstvc1I3k_VQI6b5csD1IPMpWoUoBkk40cN7GJxkGX8oyvFgOZZevlwue0H9xqBvjV2aa6kCCBAE-Kyx-74B-7dUeWNqViFzKTmzSzTnwN90mzzVYPJpcSqmZa1_wLYdVOr2-SBrgVLOQyml35u_tZN-dE-W1cbl7OywlWwY3WGjgiQ35X_YEmaIQriFwP3E7PxMfKGfArQ&cid=CAASFeRoMoa072lJeh2e8zyv4f5oNebMGA&rfl=3%2Chttps%253A%252F%252Frg.ru%242%2Chttps%253A%252F%252Frg.ru%252F%240
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
add28eafa341fb9f3ceb35938a250c1daa5b8ddafc2479e41b2afb3537145bef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30638
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FF18 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:26:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF18 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 Nov 2021 06:10:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FF18 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:48:27 GMT
l
www.google.com/ads/measurement/ Frame FF18 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaVP7XrY5uni4nWEMMJZHmLmNxUTIdQi4p_f6urwsXTdA7W4ChyS2bsfDk-hVFFE_fxeV-QMsqKP1XGHeWmyc4bRdNkA
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF18 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BwmKghUajTp91WoNnPMfZYkqtnuPkSoHwxfMaCQMekXhr8KjR72v5Xm22MlM8x9KaRgxa7OjVbgzxcIR1JlK84sGz_WhGgVUxX98NSlcgePqFMauk
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E116 		624 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKtKRDw4roCGKPbkroBMAE&v=APEucNWTMQkWMb5Tmg5ad4BS8vPNqShqiJUQ00BdWoHmmh0JWL0e8OO1CtizeJ9clpgM7GnLRv5O7zPy1h6C60JhvDOmKcu5N_5PIwu49715n_2le0iixBB5EN6xJo61s4xzQI5Ohiwx1qPOgnGQqPvimpX2dy62-MRPHI8fXo3GPPWxHC146yw
Requested by
Host: 5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
URL: https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 26 Nov 2021 06:10:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 26 Nov 2021 06:10:07 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2A7C 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
Origin
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 18:26:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42213
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 18:26:34 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 2A7C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 04:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5574
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 04:37:13 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 2A7C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3636
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:09:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A7C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGBMFUAJ6Ly-LyWulZeDKgY63YOM0Xc5EdBJU5lHH6JxB4D2A_Vpq8R1xmv3cfZldYca3HbW6w7NseDFM4_uZEM06OyVsn6Q0VU_p5BmVYnDWExmU
Requested by
Host: 5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
URL: https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2A7C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
URL: https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:26:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A7C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
URL: https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 Nov 2021 06:10:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2A7C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
URL: https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:48:27 GMT
l
www.google.com/ads/measurement/ Frame 2A7C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaROJQrIiGIj7X3SMCAkRVkvLC8tluPsdUL2OFRzGRyTacS2Qs4Yf-cLOpjXv3Iku-8HiLfNnNEBvFJEH0FU5ZQIiDyTrw
Requested by
Host: 5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
URL: https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
bid
clientside-video-bidder.rutarget.ru/ Frame D42D 		27 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&request_id=1017527907006994&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.152 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr7.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin
https://rg.ru
Rutarget-SameSite-Cookie
true
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
cs
rtb-msk-2.viadata.store/vast/ Frame D42D 		71 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-msk-2.viadata.store/vast/cs?zone=101752&w=656&h=369&site=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vp=2&cbb=7907006996
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
Content-Type, Accept
viads-vast
adx.com.ru/ Frame D42D
Redirect Chain
  • https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&uid=0...
  • https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&rolltype=content-roll&uid...
0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&rolltype=content-roll&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&vpaid=false
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.134.131.34.188.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:07 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
p3p
CP="adx.com.ru does not have a P3P policy"

Redirect headers

date
Fri, 26 Nov 2021 06:10:07 GMT
server
nginx/1.20.1
access-control-allow-origin
https://rg.ru
p3p
CP="adx.com.ru does not have a P3P policy"
location
/viads-vast?confirm=1&referer=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&rolltype=content-roll&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&vpaid=false
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
content-length
327
rle.cgi
ad.adriver.ru/cgi-bin/ Frame D42D 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=223103&bn=1&bt=61&pz=0&w=400&h=220&vp=5&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=7907006997&tail256=https%3A%2F%2Frg.ru%2F
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.37 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
dd153b251400d547ea9443795575b3e00a5716ee7fae484e14c1ad23c4c4e479

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:07 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://rg.ru
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v0
vtg1.rktch.com/ Frame D42D 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&siteid=101752&cbb=7907006997
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41257.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
d73179fa76903c021a985cf945e31855acd7fb27965ac07539ccf2c7d460adb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://rg.ru
Access-Control-Max-Age
0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Authorization, x-ad4-*
i
dmg.digitaltarget.ru/awg/custom/7205/i/ Frame D42D
Redirect Chain
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&i=1637907007
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&i=1637907007
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&i=1637907007
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
3
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&i=1637907007
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
cookie
cm.adform.net/ Frame D42D 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
server
nginx
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame D42D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&__user_check__=1&sync_id=812f4080-4e7f-11ec-9614-1bce7de30206
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=273596&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&__user_check__=1&sync_id=812f4080-4e7f-11ec-9614-1bce7de30206
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
114
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Server
nginx
Location
/partner?adv_id=273596&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&__user_check__=1&sync_id=812f4080-4e7f-11ec-9614-1bce7de30206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
95
Connection
keep-alive
Content-Length
0
dsp
logs.viadata.store/event/ Frame D42D 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=101752&event=rtb&event2=request&cb=1637907006999&tids=6208,8665,6205,6210,6209,6206,7359,6204,6211,6207
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2I4OTY0M2RlNGUxZWY2NGYzZDU0M2IxZTg0ZjU2NTQ1LmpwZWc.webp
s-img.lentainform.com/n/9799198/328x328/223x0x867x867/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9799198/328x328/223x0x867x867/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2I4OTY0M2RlNGUxZWY2NGYzZDU0M2IxZTg0ZjU2NTQ1LmpwZWc.webp?v=1637907007-ojNeStPW7h_UEImRxuUS8QMhbBYxiS1gdutrAZNVjU0
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b002d04f00960844720d16d6eac8882f6846e7965a88dfac29ce577b76e6b2

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
HIT
x-mg-request-uuid
de644014-be28-4e21-8f6e-cea21748ac5a
age
53130
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17070
last-modified
Mon, 22 Nov 2021 08:31:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b40f3ad8dff3634-MAN
expires
Fri, 26 Nov 2021 08:35:45 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDcvNDI0MDM5LzQ0ZjY0NTdiNWJiZDg5N2YyNmM2OTZhNzY0NmFkNzRiLnBuZw.webp
s-img.lentainform.com/n/9469185/328x328/180x0x376x376/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9469185/328x328/180x0x376x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDcvNDI0MDM5LzQ0ZjY0NTdiNWJiZDg5N2YyNmM2OTZhNzY0NmFkNzRiLnBuZw.webp?v=1637907007-pB3lNSUA4SLD4AiyY1j8iIqh1lHgtZil8EKFImGt-x8
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4582d73eab54c3a2b381816269a97555a81ce959a7db863417c0f7fd368aa9e2

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
HIT
x-mg-request-uuid
78605b16-fd68-4be5-a39d-0e79f6d07e5b
age
62810
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13700
last-modified
Fri, 12 Nov 2021 08:26:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b40f3ad8e003634-MAN
expires
Thu, 25 Nov 2021 19:11:38 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2VhNjZiNTU4ODJmYTczZmFlYmJkYTQ2MjVkNzBlYzMwLmpwZWc.webp
s-img.lentainform.com/n/9769282/328x328/319x0x1037x1037/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9769282/328x328/319x0x1037x1037/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2VhNjZiNTU4ODJmYTczZmFlYmJkYTQ2MjVkNzBlYzMwLmpwZWc.webp?v=1637907007-v-LEmqc0S75IZDQHlnFazUNnCS6iS--RORNljRl1gtk
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b88d69cea6a9ea72d89fb6949974a83b3146270b680c1e3dd3edb1db5528a9a

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
HIT
x-mg-request-uuid
fef73f20-13ea-4c1c-a0ad-924d2c2d40f9
age
73867
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7110
last-modified
Thu, 11 Nov 2021 17:04:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b40f3ad8e013634-MAN
expires
Thu, 25 Nov 2021 20:30:24 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5LzQzNzBjYWZlYWNhZjJiMjk0ZDZmNmNiOTlhY2RiMmVjLmpwZWc.webp
s-img.lentainform.com/n/9806634/328x328/346x0x906x906/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9806634/328x328/346x0x906x906/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5LzQzNzBjYWZlYWNhZjJiMjk0ZDZmNmNiOTlhY2RiMmVjLmpwZWc.webp?v=1637907007-fj1Oe6JtnMQ3e2kXShnc_dU0M5oRu6mtXLMBDHpDpiU
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b032cb242ab03326172619f89ee59cc244e6a569f98e7fb23989914bc7d6ab61

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
HIT
x-mg-request-uuid
899eb5ae-5b74-4227-83ac-3b3c2431379e
age
53130
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15218
last-modified
Wed, 24 Nov 2021 10:11:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b40f3ad8e023634-MAN
expires
Fri, 26 Nov 2021 10:11:43 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI1NDc2LzlhZjU4MTYzMzRjZWNhZDdlZjgzNjBmNDcxY2JkMmU3LmpwZWc.webp
s-img.lentainform.com/n/9763539/328x328/247x0x465x465/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9763539/328x328/247x0x465x465/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI1NDc2LzlhZjU4MTYzMzRjZWNhZDdlZjgzNjBmNDcxY2JkMmU3LmpwZWc.webp?v=1637907007--p1nMI2eCLrMA9wruGlgcRDZGCFTxb4nWo-vGHc_HCQ
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4007b7ee51f283060b485c67ffe2556fc9a30920cfcb4ca12f7ca11bafaec546

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
HIT
x-mg-request-uuid
919e3949-80d2-4640-a0b1-25e3c56c3849
age
30698
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5852
last-modified
Mon, 15 Nov 2021 09:23:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b40f3ad8e043634-MAN
expires
Fri, 26 Nov 2021 20:15:06 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvNDgwMjM5L2JmNmM2ZTBlZjQ1NmFiZWQ1NDhjNzg0NTg1ODI4YTI4LmpwZWc.webp
s-img.lentainform.com/n/9571679/328x328/0x0x800x800/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9571679/328x328/0x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvNDgwMjM5L2JmNmM2ZTBlZjQ1NmFiZWQ1NDhjNzg0NTg1ODI4YTI4LmpwZWc.webp?v=1637907007-A_bKOKoxFGI4vM1xyh3781uCp1Xgjv4twfuL2vo2Fio
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a4c14e9a2d7157708224a7936250edec30b389670bd73469a552fba9920f761

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
HIT
x-mg-request-uuid
d50cb705-0025-430c-84fd-9a013f66047e
age
62810
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11156
last-modified
Tue, 16 Nov 2021 17:44:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b40f3ad9e053634-MAN
expires
Thu, 25 Nov 2021 14:41:51 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTQ3Ni8zMTI4ZmQxODlmNmIyMTJmMDQwNzYwOTRhNTFmZDg2Yi5wbmc.webp
s-img.lentainform.com/n/9811954/328x328/181x0x465x465/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9811954/328x328/181x0x465x465/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTQ3Ni8zMTI4ZmQxODlmNmIyMTJmMDQwNzYwOTRhNTFmZDg2Yi5wbmc.webp?v=1637907007-lxI3HZgHb2XR7VnUTdgOE6yzRILxioAeibzKHdtqOUE
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7217a5b95f7c782ad83a9432a86301ef6464bbf02afb0b2c3b0b707ed92f6519

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Nov 2021 06:01:27 GMT
x-mg-request-uuid
eece9d59-02d2-4e44-9ef4-537aaa35e296
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b40f3ad9e063634-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7066
server
cloudflare
expires
Sat, 27 Nov 2021 06:01:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI1NDc2LzMzMDgzMGRkNGQyOTQ2ODgxMGU5OTg0MTdlYjIwNGE2LmpwZWc.webp
s-img.lentainform.com/n/9811936/328x328/397x0x1082x1082/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9811936/328x328/397x0x1082x1082/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI1NDc2LzMzMDgzMGRkNGQyOTQ2ODgxMGU5OTg0MTdlYjIwNGE2LmpwZWc.webp?v=1637907007-wuBqSnKj_nkjk7L70hsTFVMBUGIIfwh3e8jmsVR7d54
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a889c075c878c4c27e1095f8630013f5b922c35436ec2c03874c5df449db2ade

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Nov 2021 06:01:33 GMT
x-mg-request-uuid
384aa0ec-d276-45e9-bdfd-9ccebe1dc450
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b40f3ad9e083634-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7992
server
cloudflare
expires
Sat, 27 Nov 2021 06:01:33 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2Q1ZmU3M2JmMTQ0NGY1NDA5YjQ4OGEzOTE2YTdmOWM1LmpwZWc.webp
s-img.lentainform.com/n/9812411/328x328/454x0x1078x1078/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9812411/328x328/454x0x1078x1078/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2Q1ZmU3M2JmMTQ0NGY1NDA5YjQ4OGEzOTE2YTdmOWM1LmpwZWc.webp?v=1637907007-JmCttj6O7Q8WBzFnIkvTcN6tziD9GM1VbKR43ZBKUUQ
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89fbde8f82fae8a55c9df51b5b8c65a4fb1f3a1e099b3282e8e7296d79d0885

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Nov 2021 06:01:27 GMT
x-mg-request-uuid
a8c25dfc-6195-437c-809f-6f21929fe68d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b40f3adae1b3634-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16960
server
cloudflare
expires
Sat, 27 Nov 2021 06:05:38 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2IzN2U1MTM1YWYyZjY2ZGVjNjVlMWJkOTg0NDJjODllLmpwZWc.webp
s-img.lentainform.com/n/9797664/328x328/153x2x519x519/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9797664/328x328/153x2x519x519/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2IzN2U1MTM1YWYyZjY2ZGVjNjVlMWJkOTg0NDJjODllLmpwZWc.webp?v=1637907007-hXqSw8WltGVUUFk-HudLizphzeVXSLFyE1eiY91uzy8
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1512ceae7357bbb30a0e5513fb0aada7a37b73f53e60ca9fd0b6dbb0f3af1396

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
cf-cache-status
HIT
x-mg-request-uuid
621bf410-3301-4237-ad00-d1403c0461dd
age
78026
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6466
last-modified
Sun, 21 Nov 2021 06:41:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b40f3adae1c3634-MAN
expires
Fri, 26 Nov 2021 06:46:34 GMT
jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v12/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea7c08207bf016c414051b132152afb005bfd6cd3382b95987fb70ee6a96e2db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 06:43:27 GMT
x-content-type-options
nosniff
age
602800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29880
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 19 Nov 2022 06:43:27 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmp&hash=8c7f87a3fe40e8fd&duid=1637907004608927935&pxo=54dDASc59tRXgaORfaq9_04I3kyWD-R9AhEyVoBZqsvko7zlT-9CcZLB_0kBwWKpm6HokDFJAPnBu7W4iIsZAen9lsGTWhalCEF4DcTYXR0yjPN3s6D2nN6yfP9Cns7o8gmjDbEi02DNATeH5mpBGSN3l4m2y6XXdf1JJMLjEKHdq-FRW_4%3D&p5=gdhai&rand=mgrtlez&sj=aKkj2ZEr38VOPq_VG4muLzxKLsi1NdSIp_IZRlv9L2w5SWKtIT9tj6KaEFqW2Q%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bzqke&rqs=PPahGs_-5Fw9eqBhMxYW9qOLeOkC2ndH&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF18 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20211111&sample=0.01
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A3BA 		624 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDgonwYup2ZvAEwAQ&v=APEucNW4DtW-EFpNcfEqZFLECxB8xSzjYA2HxJQm_V1JU8FuUYBJduwu1cUU8ckXadaesopiAPz1HBUa0ZlCs5M1KU1llsnmOLZ0e2bUWuasWCMOV7enff5rojvQLhF0N_tfyfL44D8X3W6JWNODOAkNWSEr0aVfPf9CT3jwz-DErWcR3PW4qVM
Requested by
Host: 09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
URL: https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 26 Nov 2021 06:10:07 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 26 Nov 2021 06:10:07 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EF47 		72 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3cGIpF6nbxx449tE5I1z73dCgaocYRybvg2LWw8Wn1qIuHIKZoUC4QVhNsAxE6pFXl15IU6MShuGK4haRM9QweUWqCnCe0Ky5tIjrfttEhqbpiWsGTfB7Exf4Da-7mLZ-BQlm_SxiRDzn6JkhfSBNmCpKig&dbm_d=AKAmf-DLLa2qJvzr4cCAbJe6RnyugrPpAihoDaQMISce1V2yQc72No9Kuifdn98IiJ4NWw9n-7Eg3WtVEIujXHNlTJeUGY_e1d7bYZyERCl8tCuED3RJkxC802tIQ085j7h2p5HU3amHm-45jxmadGGXAH0PySugdaSRHTRqZm0fKFGY5mVjGbGWErAubzojpKduXfA5eGADHaF2I90DYbLdE_QLiXNOkhay1cDI2b8Pv-TZu4wytcdk2UdIY6eZ3drAzQPKrOZirEdL4iH0J6pqVu9fv5SP5Cdv5YViRGXhUum0Vh1fsPOG7gxG9dOVk6sr_tiVcPZ7wxahHvpaHEsVI5sL7tG6W4YKay8dfJzBBYPEKdjHhTRAWphc7Mgnhy_2MRk2fVmm3jO10StZGHefu4nLSekudoDt1agPy2K4DuT6NX_VQVMfyIk3jr61Z1twB-JTIAW-vU3XsDn_TJ9abuMX7gxHoYKU_0csTsINpALTSjLG2cQmUFA_5tyHxjtxEwFXlMeetk2IxLMLRuXAGFXOGNYr4W8oXJlwYcLOX7UcrB1iMnq5ZdJpe08W9Z0hj3m1vWCE2lVgiRLcIeGdJB4U_koNAB4TzOjKKDEScYyMOLxOErp_E_DDcq-x1fQG3foMkB7Ghbw3xgMV9O2i3om5Oizi19H96zAuwFpAxKrHL0S9lY0vvsqyHOpukoAoRP8DZtZtII7mshWJNkamzFrWtkKiSlMO96o3yjwCSoeYNbtumUgmz3rERr2WS33PisBVZp56kn1TMHKenjKvHQJF8k83fiecfIhYco8gfFdKEP1BxKyqpsYhYJfjyv2jSAPgnsBOtI1Gcp6K76ChOG7vAnzBuCUGcReENiXZR_hy7ETNQNETLaBC_JzFa3wuVyH28sg_Lxs05mMPXNyfvfXpNz_wkuE0fJ6UhtveEYROMq89ymBwkWzLvggdNHa8UXDPyqQHcLVxXESploIHt_QwMDEdR9DB24LDHIFTBoUC18dFOQJ6iaCU0_oyoQa3jBaN0MQevvVq6RbJerTn0O1gsYjY69NlPLBtt9_p80sXvdnH_VyrvC_kkdphrf1B_RUrMRIxiQkQ7bv2rEXEYBE6X4WWnhJ4uAkvIrip8S9jhq3BTOaBuCNZofFYoNbeGDRtaJowsO6AQvcox2aaNNbTDBdXGfswBX4iUxfWXhiAMySgAd0E-wCsfRHQb7gYv82vWiWwYmcMVST_xjeq6fvqr3aNaE0yBRdRWjFHyPtHoQtBW_W0HtnhfWG8DsbU4AoLs-CFQs9gBd2XAj4SQ1F7nLkZiSVt-tGWVnXGUdx6F2bqJi0Wg1L4piu2My5TrSX6D_onmKiv9Oz7rG_gOs6nmgzHFUHFyB7990amZVCa1reArWUeor9gkPknJYnm4fwuvt9nMDrwF1QH7R-amHTRE6cFzrrfVzxUIkZsama7pglkGnUXgF64NNja2NABd8SoYYBPWCIaccbOfZqAjbS1eqAQWrPe56WN_Cy5J82v3QsZgquS1OiGyKRFbZQiqcsaNGxkL9B76OgiTzMzLx3hIG6jH-w2Gn82BA9VNJeWq0HZthigL9mVMbgrIHG4KojAWWC87_bQO761P0b92PLsbBqKnqfQZxH6sSKP4GBJ97aqSOqow4ipj2XaviHSSGPhn9F6VFEvjXX5SZAGqSH0ze0ryxL75dMEQxZE24B5BiQ20eZ39GJ0LYunwKNCurlMcy3YBXH2vtYRa9fD0Y_4nO3Jr1VnhEI0GWdoJw2lAidxUv9_GkQttcgdv6MAVTDV3RwSwSIW-b3jIBYlazDzVaRxPs-9rUNs7koeSG2RC3Wu19RGIwPRXJEILAu53VfYRlUn_YH4QFe72sXafjwg2KsLwp4DGDvG9accEG2SwVKdTndWj-D38C500U3nvbBtAmwhCwqNL58f3Ps1dIB707PWU9EuNW2D-06sOpwrvveHhcnnEJ-WImTvROOJq1OF3pgrw-P5yVLBBmxfN0K_M4fznkCKy_yf_jubUEgJjqsNghUe7O0nf2zi3w0OMkCT93o0RZz8Q2mqUC_1xwpmITf-zC4y5gkNmGhlj7obCr47IV-AQfMK-LYskRuqXp6-eT416aH8ICQaqcw5hMb4lA5oMz-zKQYaZewCatfwX_c-frL-pw3vD7ZlKhjiqchFpDOchZJEVT7_rsmnQxptV2E0EJfkFdu1mpP5o_UMrISDgCipRUvTGAOfVPk7tyniQ1o4fAKEmrWpd4TscZOYC8HZHu7Kzs7XVu81Q-jAu8mIwxSknL2HcPQgqm70yn8PdVoocHkrohgXSI1ewReAyPukQqvKSR6erys8rlUSvUZgIgfGfPN8iQO3MJNSrtcGB-_t7_cuGJP6gSTtIrJThJV6Z-SAqQwtv7TG_5P6F8L5LSDpKmgbJYL3yAzgef7NADnhbehuuO8xjkWopr_9YaKiCUb3yIUkNBrKD1owT6QXvJlB2p-r1wSyH6YU1366CVgfLJnJyphMXQn-3Z5873LdcPVrPoirOaEfzcYwa-dteBHz43SILTAL5KafViE1PI_ryIhHJw_aw8ffRgvpzUJVI42T5SlBbrIqHbbrIKJ7Gm9gDrZGAGx5M5hZH5ebY2kRMsCWt0RhZaZ4HUl2SB0rA_7ZksLuuFUbr3DfIXjz3NlMRrFI3ufeeMjJ5NTMj7rHVQSYwoHe6uSfHh1GpT2GYjsOrO314MWserne5hC7mCp7l-FeHCiFBNuJCiZJiyrpKfoZ3P3zVeJSGxogz_pOP3eW3C1UlM2dU50OqkAZhZHtS9twPvunV3TErCmCZG_sIPQEmCtT0dcKyuC29MWCVuwJ6u2UR4Xn2mbXi4vISqxcscELVoD_K7Rc5190aMM-7rpFVDTPSL9S6G3wqrtXFeyqsMA5wi5-qXvuLEJ5D05XK0CPCTO5r5MQmFgMl2faz_4Pqm7IGxg8Kh3uj9WlrCWa3JfOsrO0Vn71uS4Khb8E0XGupr3GgJghN75QKhSxlAk-fH5tJDzxLD03J5vWP28lVV0deeyZvIvZPGuxy_43ZtXXEz21_hAakIxhhiFFGvb2m8ITTw5HD0P-hhXBpb2cJU0VDGBndWqGh5zkIJ-HLRUctT1NYfsyEUG7ZkzFr9b3kca8AqOaGBkVQbcVfBkkUoYA1yTv4md3Ow66z3NKkCCfqX2Jku7pPPgbIQPx9pWwWZJZWyyrUl-q1heIJEbCBy12JHe5j9DkSkI2We7cIdllkD7NWtFoJm4_W2YlO2B8Ek3mRR8X6qgjqE17CSzT5Scs_NiYMmIPfJuffYCo-15UFBODJpCGKEiC-sQ36DaR3Z_Hbj6bDx-a0gAv2Sz_f_KHlEUwKt2iBwvYdKHUwu7H2p508iHAVVeKjvYLsZVFKaSg7Ou4MdbreTujyF0rXoDzqun9bnovr4rxcRY&cid=CAASFeRo_Ibzyc9iQtiTgp5Hn32wuMvaFw&rfl=2%2Chttps%253A%252F%252Frg.ru%242%2Chttps%253A%252F%252Frg.ru%252F%240
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
932285b1c72191b8626c34daec03abe2a9c0005bb39928133c3af70501e49ed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30953
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EF47 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGkbtjNOwZo880b158LRIzOmH7BNPTitoOHEIBfomoAXablRrvvHiM6OYuYtAteU-COe03sUiQK1Xt13ots_MyF0tl-uEPxzNjQ9tX8vJnhwVnzEQ
Requested by
Host: 09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
URL: https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame EF47 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
URL: https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:26:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF47 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
URL: https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 Nov 2021 06:10:07 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame EF47 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
URL: https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1300
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:48:27 GMT
save
ssp.hbrd.io/metrics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/metrics/save?name=ssp_script_loaded
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
tdm-id
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
POST
access-control-allow-origin
https://rg.ru
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
/
ssp.hybrid.ai/
Redirect Chain
  • https://ssp.hbrd.io/metrics/save?name=ssp_script_loaded
  • https://ssp.hybrid.ai/?OZOskJhKDeVs+9Yyl+wrh0n97Bgfj3h4We1FPNER+EmNPQWBi7k1QfCyLzj6Jyg6VQ6LfEcrVb3yThwiQmohTw==
0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?OZOskJhKDeVs+9Yyl+wrh0n97Bgfj3h4We1FPNER+EmNPQWBi7k1QfCyLzj6Jyg6VQ6LfEcrVb3yThwiQmohTw==
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
null
date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

Redirect headers

location
https://ssp.hybrid.ai/?OZOskJhKDeVs+9Yyl+wrh0n97Bgfj3h4We1FPNER+EmNPQWBi7k1QfCyLzj6Jyg6VQ6LfEcrVb3yThwiQmohTw==
date
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
access-control-allow-origin
https://rg.ru
content-length
0
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
in-image-overlay.js
st.hbrd.io/ssp/ 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.hbrd.io/ssp/in-image-overlay.js?ver=2e56d
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637907005509
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7bb365943ed1649e62a95b0ddcbdd8ed1ce7979a14b46f8beaf852037dbcb358

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt
AcO1rywkKbT/cAEAAA==
x-accel-expires
@1637910239
date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
etag
W/"619b69e6-d156"
last-modified
Mon, 22 Nov 2021 09:59:02 GMT
server
CDN77-Turbo
x-77-nzt-ray
WBMavoOtvpc=
x-77-cache
HIT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache
HIT
x-age
368
x-77-pop
frankfurtDE
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmp&hash=80b19183dfa6e61f&duid=1637907004608927935&pxo=I_DPdXmKnIROcqFgJTCV8G7CZNGihc9wkeNi-fyZ3PWzlGtnTbm-E4m03tm6fe_bxd5DAwWzoIyxuk705qbYNqzYKm_-ClMjYR0idUnPk6BuKW-lijvCO5Q-qArsQBznEfjCh45pL52Tb6rKMSd9g6zze92vRCNkikdMCSxUzRhUdWkRacY%3D&p5=gdhai&rand=hcvaaau&sj=7VRlxHjgurJTDZMx1d9nh3lDZBGcLjlfq3VAz3vE9IW1iLKo21FzO83rlvOfDA%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvneu&rqs=POaighaSwEg9eqBhpFG9YLbPJc4OCZv4&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cza&hash=fb3e14109ec5afd0&duid=1637907004608927935&p5=jznmh&rand=lxeqhgm&sj=gJKTD3J9OgiiIm7fHqAg9_r8V2qkXKiNZOnjfN0Yeg5O5_dFqK3cuG-wBGOGeg%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685738517&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2F&pr=icpfivz&p1=chfib&rqs=POaighaSwEg9eqBhUMIDCCs1FRa2Ps5A&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
styles.css
moevideo.biz/embed/player/1745/skins/gray/ Frame 265F 		54 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1745/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.107 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f48.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Nov 2021 07:10:03 GMT
Server
nginx
X-My-Name
s33
ETag
W/"619de54b-d99f"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-My-Reqtime
0.087
mvplayer.min.js
moevideo.biz/embed/player/1745/ Frame 265F 		585 KB
585 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1745/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.107 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f48.moevideo.net
Software
nginx /
Resource Hash
3ef72d6351ad4e8dc514eb4233f981f498d9a507376ec4e7619ce1635f1f87a1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Last-Modified
Wed, 24 Nov 2021 07:11:06 GMT
Server
nginx
X-My-Name
s46
ETag
"619de58a-922a1"
Content-Type
application/javascript
Content-Length
598689
Connection
keep-alive
Accept-Ranges
bytes
X-My-Reqtime
0.079
set
playreplay.me/api/cookie/ Frame 265F 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%220f94e05973351ac47009%22},{%22key%22:%22mvsid%22,%22value%22:%227b43e501-20b6-4136-a74e-492f4db931f5%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.16 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f40.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.096
set
thesame.tv/api/cookie/ Frame 265F 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%220f94e05973351ac47009%22},{%22key%22:%22mvsid%22,%22value%22:%227b43e501-20b6-4136-a74e-492f4db931f5%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.106.16 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f40.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.096
set
moevideo.biz/api/cookie/ Frame 265F 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%220f94e05973351ac47009%22},{%22key%22:%22mvsid%22,%22value%22:%227b43e501-20b6-4136-a74e-492f4db931f5%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.107 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f48.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.084
set
cs-0.moevideo.biz/api/cookie/ Frame 265F 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%220f94e05973351ac47009%22},{%22key%22:%22mvsid%22,%22value%22:%227b43e501-20b6-4136-a74e-492f4db931f5%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.38.138.27 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f15.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.081
set
playreplay.net/api/cookie/ Frame 265F 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%220f94e05973351ac47009%22},{%22key%22:%22mvsid%22,%22value%22:%227b43e501-20b6-4136-a74e-492f4db931f5%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.202 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f33.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.086
set
eda.video/api/cookie/ Frame 265F 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eda.video/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%220f94e05973351ac47009%22},{%22key%22:%22mvsid%22,%22value%22:%227b43e501-20b6-4136-a74e-492f4db931f5%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.7 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f23.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.087
watch.js
mc.yandex.ru/metrika/ Frame D35F 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
473de33c410dd7a6e0ea018c4493d0d3aca4978c81acba6822f2cab580473f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-b79f"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47007
expires
Fri, 26 Nov 2021 07:10:07 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame D35F 		403 B
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Frg.ru%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
0bb417968ba7450c22cb3ba8dd9b22c95a5ec077164d5b85684ee142ad93f953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmp&hash=6a2ea3bfe8585674&duid=1637907004608927935&pxo=IAm924wwL7uLi0fVMHOrcqGLLQUlhuSNW5Ys-_2HXhD2o1ynzpw8gwJTB6ZVKhnA8XV-nC2-WTd_QpjLkBz7ZUz96pQqW60PzcR6Evhk3IBTY_bG-I0lOf-fb-49sPz9SrI4tyvnVhWODDDAQ8osYC599FlirS-9NwMju3D_4I3YCsOcp9M%3D&p5=gdhai&rand=bnwvekj&sj=GrVsVdkOJ9U08ZYCWMqJY9MUXREsmfIEGwQhniX7Gl1BAQ04Tigui4jIUB3xOg%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435686000661&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvpww&rqs=POaighaSwEg9eqBh2COz6xqagxemaBrU&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmp&hash=49fa6ae9e6423cd9&duid=1637907004608927935&pxo=xDMYnMcop6_TUj4FbHnalWlNvp2l4IZ_V1ICVRgmOoBACgXrz2yUHDTnr8YJjo99qxNwzKBJfeV11zMhqxUxSsj-gIqmibjI1jmtZIJKDRHQLpZRKl6bmtL3DajZqpZ93Ok61HwY2_heeN-aktEV1Jv71ui4rS0WEy62eLQl54jpEN9Xz5o%3D&p5=gdhai&rand=myojzp&sj=_wr7lK1zx1UlgMJa3Zyy4Ly8kNkHLmne4CKLxeOinQth_v5QkhMMOoxtbgpWhw%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvobk&rqs=POaighaSwEg9eqBhPJj61zH5Id4yuY-l&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9950 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=632773660835248&rc=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 1704 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4e87b0833dbc4021d64216db82295cda42836ba949bbd077c29e6317a65faddf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24401
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9513
Expires
Fri, 26 Nov 2021 12:56:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E181 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=988008847758990&rc=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D852 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=2727461949966619&rc=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame EDCD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=916402354270510&rc=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame FF18 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
Origin
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 18:26:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42213
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 18:26:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame FF18 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFw7Gw8n8fTOOsNp4EPEtQWcKKVrkxfB1bf-Ixar7N8jeuN6D6zaCY7H0EJ_pfgnzLPdL-3OXnq_ersU5PXzd7Op5532xNP5tqtQFJDKL5_PNlZOqTJmGkQT0VKh_qpMIgMD-v-yGGhr6GxaaE1ASya3FbjQ&dbm_d=AKAmf-CyXxyr2A3XU3QkGHxwRZNuFVJeLe3ZiC6VKJVuqX_xUMUk859Bfh7TNfqjh2QQeg9wT0hfapFZFn5d3F1JtKCmSbALv8j7CtAPMW_Ja4q5Wx9nOMlHvaQbJLGVkXY-Ac1Q40qLDhNPOeBOORGqLCHTA0MaeuVwzBVxt7wqztFkoUHGDTSA503XiXFpk2YsStUKTMk9TC6BGDbxIo8wRXe2xDgTuDGQ6tKbn-C2Ix75jkna2mx9mZpqqwKu7slGmfninznQelvIoap0diNY8WQhJJsZIiqqQ2jKwwBfQWu9Y1fM3J6rFQwdGTHyhKMkmhUwXxLPqi0lGGQGv3ywelAmNEbdMS9EaVuZ5jUuui6smuIlFjWb_48QDFYCHDAmOKrB2aG7A6OjQlQPdGz7asUMv3Wrw583jcRAry77dLm76Yz7S9HwdPm4lTsY3j7xG3i7zBVMD6zXHf1b44dHDLN5Nb8fjm6BEq1YjDPpyXD7tBwpir2QqZpCy0NVcW0z5ZbBpeYs4lqXq_ygDgU389bduEqDMI9Wl2rpVTnNTFLHClcNnU7hurfIfS7gdKoFH80-Ux97c5X7TKHdmZWE_fOesJZ7yDT1wv3BMzjWunQNZd5kwVPnVMvl4zRudPl17yPF1t1LcKar3IuRrMiNlJFFMoi17_R1uyLEqJDa9bC-wc-_vhxn-Fpgvtf6BKrVoN1f2SL45yyqDO-agR345i2TaKbLht8VMv7UZ0L-5vBwRKO13obzE3lxjzoS1DqoXZJqDo2P84Gj_dUiSgeDCCajND_gNBnC_NVTYtpvCuB__TtUHpkAKSr7RA2Ay_Nnu7ko-_keNTKpVUpL_GmeMXS41E7ss-3kTZHyDDQcCvvfVjSSeAQJfpNX8xZyUl7erigXUXt4J6aHAd16AVev6-pgT8fKCny3OY313D4JvhEriYPwViOR8gegHXxv46WGaIarbx08oBbQUCys9jZVl0h1qaeBdgpWj41AER5tlrQoDrF0T4KTaW1OtZ2lBS3cX8rvAE6G2cy8ejEcg6KhTXiNUvqRgysd_ksp9Eo65N6-FIj_LiiDDUB8V0t9wLpirCZP0eUpyHGx9PxkkKtd-eG1vQWDjhuM--dwiLrO7glgEWt6KS-cZ2UF01k5-G8QIr26umb5uTGAfk40A0eU3Xh6WrXNkUa5xYstcVpB3Zo9oqG0ZbBiI79rNrIaEmMFVd23pHTImfNyHWYJcpKRMDr3AwrGncC9aPfk3Qza2Ae21LthtHRJXV7bflNLBHeBl7eO8bWkfTvIx4qkE5ljvQnvEcgjsb4lUOHQTDkJdyHGt9fcvP-eAXvMmnhAHmdgPYEl5483Vyno3eQU0MPJkxouGMY6q9T7sVuCGcy4znrmNbP-nC1N6QhG_Fl2k1A8skmnv9lSq7HVbUYsX5wNxZxnclE53U14wGKKX3gwOHhjeKp9vMoatOdeZO7ZCmBQbpd1CUDwyP9AhW-E8EOQCSQHkcQBcg6JOeQC6JcuaGY33lSKgLbvrDm84YREd_oeqMHzS2g2XC4L5kBtAbsiVtGr-65FOm465Wk6triIRchTNKzfpImElJYpWS9ypzk1pAVmfKF5Tu4KDYmbyHHrjlGFWE_aAVOipnvou7d8sRFkcS9ayRUvfJGw75XlIz15rJRMdpZwH6ysMzaAZz7QJg5WhJpXrPujoJcrhqAi4HbPVCWDf9rodygxLWAr9MswobGJyNDjh_YBNguLs3E-t1pi_4nBpJdQA8U7gMBhIMkUYskhSOmJWFGRQJEQW2T9zt19bMBlaQiW7FqMJZNPYh0tYgs5o4RINu96-LdsB13ICoV68KTKxLfDOuBRHNYNLDGixdhKeEy4Yj_khYnEkWR9aPTL2SRqugdfzmhOVU8cQsFZNpKc1v6eLC7sHd9aRaKMwtXF3YDgR09h9Dtq-McyUL6LMjCW-ht8DMvZhky5BXx-q4cQQMN4p4ijoqguwgdLJTAfOLmQFRnpwqZJqoUVW49x-AG0QUsXGlgPfouu393mgHQfFaAoNApyAsXGE1kJanRSbGGYRyrzhXyEO_C3Tp7EtTfYILVRAMETh4GCEebNSbCTYW1uiN6YWpM-SYhXsLrj2dMbpjF_7bY8d0iOVLfejnwnsit5LiSDfZGRJZE2FoA8Bwid-O-Fdo3soYaUXbGP2qJrFmNq9UH2XvKdRP6PQ8xDorMq4VRpHktPVEW_BQr4sJdi31yzbtXdvHlWsApcNSRaUjCBnouYUxEwtPpgsvL-E5g7Mv8KFt0-b1bFREBeQ705nAk_UufsGr8jIKr5T3brWlk79Vu1t9ld5ZIu78o0WlJJXqu35x9f1plJTST4gcLLwXTBgtjrXkxlRz4_S_MW_KVYLOokAcXiuglcH_KTmk1CcYwxt7nXiy2pvf0OIvS306irDLXsP9pj_yjbz_dOf7F2T6S9fPWhzW9k1Nkf6V-wCNK8xZOOGdoeOB30nAHZnCDE6Mn_3bOWrkM6O0T6ILFbNSpm6sgyZGwjuGogvD7hxpMIGxzKHDxlbIcBi27JSx08BgVktovbpD1gkFWVsejkxdIMmkHNZShnUuqpAYKwK2OOYGn9ikF4DCMWAJ_tq5J9PpCH4QbJicD3PnNeFTgLcGA3UhPCnx0hGw6F61KcEc33DrnSbBp7buXJqIz2JBSOU2NwsxFfG7JHXnhqaURPCxmJMTCJ44WGZnSxcr7emFYisjul-a-b1uiyEUhtaeicQG6h9CnlABYNCF3nx-feJgyIVTOEx_ll5cyBJh5JHhhBAQgHU4aUApdRTDXTTHD8-2hAjbgO6RGsqw7tqDJYIJnunqSWd73umG9tvv5X9g9BGOB4Jtc91NOGxLd8mxwzaeh9irG5bPrdcqHZ0W-EoDgFPeGzRHxjZ0KApQyLW9_JGCQnDFgYNFuukpfrN0k7jxR9rLwnpuJajH7WNcSvze_cifObPo1vwQKrqPmF_kvjLfq7HE_UHM9ZM-bYA9VKc5d0Z8TAakyxUI2X412Khw5tCxQxCUCSfQJ-UsWZGYWJbjP35asAf-JoJGfBd3yvAZ05YEBDLGAXwSTh7Ybs6touyt6bEGlK0RMGdqbnWmXGdVlx96aPGZDsNSyPIQxpEdMWBuDPYm3wYBi1BJHEYPOWYK_hRKAvSAqHUfGDkAJ9sjNSolVaMvU4yuoNat7jIJFcRIKpbKFPvQPiBcgBaCuPstvc1I3k_VQI6b5csD1IPMpWoUoBkk40cN7GJxkGX8oyvFgOZZevlwue0H9xqBvjV2aa6kCCBAE-Kyx-74B-7dUeWNqViFzKTmzSzTnwN90mzzVYPJpcSqmZa1_wLYdVOr2-SBrgVLOQyml35u_tZN-dE-W1cbl7OywlWwY3WGjgiQ35X_YEmaIQriFwP3E7PxMfKGfArQ&cid=CAASFeRoMoa072lJeh2e8zyv4f5oNebMGA&rfl=3%2Chttps%253A%252F%252Frg.ru%242%2Chttps%253A%252F%252Frg.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:59:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame FF18 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFw7Gw8n8fTOOsNp4EPEtQWcKKVrkxfB1bf-Ixar7N8jeuN6D6zaCY7H0EJ_pfgnzLPdL-3OXnq_ersU5PXzd7Op5532xNP5tqtQFJDKL5_PNlZOqTJmGkQT0VKh_qpMIgMD-v-yGGhr6GxaaE1ASya3FbjQ&dbm_d=AKAmf-CyXxyr2A3XU3QkGHxwRZNuFVJeLe3ZiC6VKJVuqX_xUMUk859Bfh7TNfqjh2QQeg9wT0hfapFZFn5d3F1JtKCmSbALv8j7CtAPMW_Ja4q5Wx9nOMlHvaQbJLGVkXY-Ac1Q40qLDhNPOeBOORGqLCHTA0MaeuVwzBVxt7wqztFkoUHGDTSA503XiXFpk2YsStUKTMk9TC6BGDbxIo8wRXe2xDgTuDGQ6tKbn-C2Ix75jkna2mx9mZpqqwKu7slGmfninznQelvIoap0diNY8WQhJJsZIiqqQ2jKwwBfQWu9Y1fM3J6rFQwdGTHyhKMkmhUwXxLPqi0lGGQGv3ywelAmNEbdMS9EaVuZ5jUuui6smuIlFjWb_48QDFYCHDAmOKrB2aG7A6OjQlQPdGz7asUMv3Wrw583jcRAry77dLm76Yz7S9HwdPm4lTsY3j7xG3i7zBVMD6zXHf1b44dHDLN5Nb8fjm6BEq1YjDPpyXD7tBwpir2QqZpCy0NVcW0z5ZbBpeYs4lqXq_ygDgU389bduEqDMI9Wl2rpVTnNTFLHClcNnU7hurfIfS7gdKoFH80-Ux97c5X7TKHdmZWE_fOesJZ7yDT1wv3BMzjWunQNZd5kwVPnVMvl4zRudPl17yPF1t1LcKar3IuRrMiNlJFFMoi17_R1uyLEqJDa9bC-wc-_vhxn-Fpgvtf6BKrVoN1f2SL45yyqDO-agR345i2TaKbLht8VMv7UZ0L-5vBwRKO13obzE3lxjzoS1DqoXZJqDo2P84Gj_dUiSgeDCCajND_gNBnC_NVTYtpvCuB__TtUHpkAKSr7RA2Ay_Nnu7ko-_keNTKpVUpL_GmeMXS41E7ss-3kTZHyDDQcCvvfVjSSeAQJfpNX8xZyUl7erigXUXt4J6aHAd16AVev6-pgT8fKCny3OY313D4JvhEriYPwViOR8gegHXxv46WGaIarbx08oBbQUCys9jZVl0h1qaeBdgpWj41AER5tlrQoDrF0T4KTaW1OtZ2lBS3cX8rvAE6G2cy8ejEcg6KhTXiNUvqRgysd_ksp9Eo65N6-FIj_LiiDDUB8V0t9wLpirCZP0eUpyHGx9PxkkKtd-eG1vQWDjhuM--dwiLrO7glgEWt6KS-cZ2UF01k5-G8QIr26umb5uTGAfk40A0eU3Xh6WrXNkUa5xYstcVpB3Zo9oqG0ZbBiI79rNrIaEmMFVd23pHTImfNyHWYJcpKRMDr3AwrGncC9aPfk3Qza2Ae21LthtHRJXV7bflNLBHeBl7eO8bWkfTvIx4qkE5ljvQnvEcgjsb4lUOHQTDkJdyHGt9fcvP-eAXvMmnhAHmdgPYEl5483Vyno3eQU0MPJkxouGMY6q9T7sVuCGcy4znrmNbP-nC1N6QhG_Fl2k1A8skmnv9lSq7HVbUYsX5wNxZxnclE53U14wGKKX3gwOHhjeKp9vMoatOdeZO7ZCmBQbpd1CUDwyP9AhW-E8EOQCSQHkcQBcg6JOeQC6JcuaGY33lSKgLbvrDm84YREd_oeqMHzS2g2XC4L5kBtAbsiVtGr-65FOm465Wk6triIRchTNKzfpImElJYpWS9ypzk1pAVmfKF5Tu4KDYmbyHHrjlGFWE_aAVOipnvou7d8sRFkcS9ayRUvfJGw75XlIz15rJRMdpZwH6ysMzaAZz7QJg5WhJpXrPujoJcrhqAi4HbPVCWDf9rodygxLWAr9MswobGJyNDjh_YBNguLs3E-t1pi_4nBpJdQA8U7gMBhIMkUYskhSOmJWFGRQJEQW2T9zt19bMBlaQiW7FqMJZNPYh0tYgs5o4RINu96-LdsB13ICoV68KTKxLfDOuBRHNYNLDGixdhKeEy4Yj_khYnEkWR9aPTL2SRqugdfzmhOVU8cQsFZNpKc1v6eLC7sHd9aRaKMwtXF3YDgR09h9Dtq-McyUL6LMjCW-ht8DMvZhky5BXx-q4cQQMN4p4ijoqguwgdLJTAfOLmQFRnpwqZJqoUVW49x-AG0QUsXGlgPfouu393mgHQfFaAoNApyAsXGE1kJanRSbGGYRyrzhXyEO_C3Tp7EtTfYILVRAMETh4GCEebNSbCTYW1uiN6YWpM-SYhXsLrj2dMbpjF_7bY8d0iOVLfejnwnsit5LiSDfZGRJZE2FoA8Bwid-O-Fdo3soYaUXbGP2qJrFmNq9UH2XvKdRP6PQ8xDorMq4VRpHktPVEW_BQr4sJdi31yzbtXdvHlWsApcNSRaUjCBnouYUxEwtPpgsvL-E5g7Mv8KFt0-b1bFREBeQ705nAk_UufsGr8jIKr5T3brWlk79Vu1t9ld5ZIu78o0WlJJXqu35x9f1plJTST4gcLLwXTBgtjrXkxlRz4_S_MW_KVYLOokAcXiuglcH_KTmk1CcYwxt7nXiy2pvf0OIvS306irDLXsP9pj_yjbz_dOf7F2T6S9fPWhzW9k1Nkf6V-wCNK8xZOOGdoeOB30nAHZnCDE6Mn_3bOWrkM6O0T6ILFbNSpm6sgyZGwjuGogvD7hxpMIGxzKHDxlbIcBi27JSx08BgVktovbpD1gkFWVsejkxdIMmkHNZShnUuqpAYKwK2OOYGn9ikF4DCMWAJ_tq5J9PpCH4QbJicD3PnNeFTgLcGA3UhPCnx0hGw6F61KcEc33DrnSbBp7buXJqIz2JBSOU2NwsxFfG7JHXnhqaURPCxmJMTCJ44WGZnSxcr7emFYisjul-a-b1uiyEUhtaeicQG6h9CnlABYNCF3nx-feJgyIVTOEx_ll5cyBJh5JHhhBAQgHU4aUApdRTDXTTHD8-2hAjbgO6RGsqw7tqDJYIJnunqSWd73umG9tvv5X9g9BGOB4Jtc91NOGxLd8mxwzaeh9irG5bPrdcqHZ0W-EoDgFPeGzRHxjZ0KApQyLW9_JGCQnDFgYNFuukpfrN0k7jxR9rLwnpuJajH7WNcSvze_cifObPo1vwQKrqPmF_kvjLfq7HE_UHM9ZM-bYA9VKc5d0Z8TAakyxUI2X412Khw5tCxQxCUCSfQJ-UsWZGYWJbjP35asAf-JoJGfBd3yvAZ05YEBDLGAXwSTh7Ybs6touyt6bEGlK0RMGdqbnWmXGdVlx96aPGZDsNSyPIQxpEdMWBuDPYm3wYBi1BJHEYPOWYK_hRKAvSAqHUfGDkAJ9sjNSolVaMvU4yuoNat7jIJFcRIKpbKFPvQPiBcgBaCuPstvc1I3k_VQI6b5csD1IPMpWoUoBkk40cN7GJxkGX8oyvFgOZZevlwue0H9xqBvjV2aa6kCCBAE-Kyx-74B-7dUeWNqViFzKTmzSzTnwN90mzzVYPJpcSqmZa1_wLYdVOr2-SBrgVLOQyml35u_tZN-dE-W1cbl7OywlWwY3WGjgiQ35X_YEmaIQriFwP3E7PxMfKGfArQ&cid=CAASFeRoMoa072lJeh2e8zyv4f5oNebMGA&rfl=3%2Chttps%253A%252F%252Frg.ru%242%2Chttps%253A%252F%252Frg.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9475
x-xss-protection
0
server
cafe
etag
15988442915344899701
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 06:01:25 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame EF47 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
Origin
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 18:26:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42213
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 18:26:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame EF47 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3cGIpF6nbxx449tE5I1z73dCgaocYRybvg2LWw8Wn1qIuHIKZoUC4QVhNsAxE6pFXl15IU6MShuGK4haRM9QweUWqCnCe0Ky5tIjrfttEhqbpiWsGTfB7Exf4Da-7mLZ-BQlm_SxiRDzn6JkhfSBNmCpKig&dbm_d=AKAmf-DLLa2qJvzr4cCAbJe6RnyugrPpAihoDaQMISce1V2yQc72No9Kuifdn98IiJ4NWw9n-7Eg3WtVEIujXHNlTJeUGY_e1d7bYZyERCl8tCuED3RJkxC802tIQ085j7h2p5HU3amHm-45jxmadGGXAH0PySugdaSRHTRqZm0fKFGY5mVjGbGWErAubzojpKduXfA5eGADHaF2I90DYbLdE_QLiXNOkhay1cDI2b8Pv-TZu4wytcdk2UdIY6eZ3drAzQPKrOZirEdL4iH0J6pqVu9fv5SP5Cdv5YViRGXhUum0Vh1fsPOG7gxG9dOVk6sr_tiVcPZ7wxahHvpaHEsVI5sL7tG6W4YKay8dfJzBBYPEKdjHhTRAWphc7Mgnhy_2MRk2fVmm3jO10StZGHefu4nLSekudoDt1agPy2K4DuT6NX_VQVMfyIk3jr61Z1twB-JTIAW-vU3XsDn_TJ9abuMX7gxHoYKU_0csTsINpALTSjLG2cQmUFA_5tyHxjtxEwFXlMeetk2IxLMLRuXAGFXOGNYr4W8oXJlwYcLOX7UcrB1iMnq5ZdJpe08W9Z0hj3m1vWCE2lVgiRLcIeGdJB4U_koNAB4TzOjKKDEScYyMOLxOErp_E_DDcq-x1fQG3foMkB7Ghbw3xgMV9O2i3om5Oizi19H96zAuwFpAxKrHL0S9lY0vvsqyHOpukoAoRP8DZtZtII7mshWJNkamzFrWtkKiSlMO96o3yjwCSoeYNbtumUgmz3rERr2WS33PisBVZp56kn1TMHKenjKvHQJF8k83fiecfIhYco8gfFdKEP1BxKyqpsYhYJfjyv2jSAPgnsBOtI1Gcp6K76ChOG7vAnzBuCUGcReENiXZR_hy7ETNQNETLaBC_JzFa3wuVyH28sg_Lxs05mMPXNyfvfXpNz_wkuE0fJ6UhtveEYROMq89ymBwkWzLvggdNHa8UXDPyqQHcLVxXESploIHt_QwMDEdR9DB24LDHIFTBoUC18dFOQJ6iaCU0_oyoQa3jBaN0MQevvVq6RbJerTn0O1gsYjY69NlPLBtt9_p80sXvdnH_VyrvC_kkdphrf1B_RUrMRIxiQkQ7bv2rEXEYBE6X4WWnhJ4uAkvIrip8S9jhq3BTOaBuCNZofFYoNbeGDRtaJowsO6AQvcox2aaNNbTDBdXGfswBX4iUxfWXhiAMySgAd0E-wCsfRHQb7gYv82vWiWwYmcMVST_xjeq6fvqr3aNaE0yBRdRWjFHyPtHoQtBW_W0HtnhfWG8DsbU4AoLs-CFQs9gBd2XAj4SQ1F7nLkZiSVt-tGWVnXGUdx6F2bqJi0Wg1L4piu2My5TrSX6D_onmKiv9Oz7rG_gOs6nmgzHFUHFyB7990amZVCa1reArWUeor9gkPknJYnm4fwuvt9nMDrwF1QH7R-amHTRE6cFzrrfVzxUIkZsama7pglkGnUXgF64NNja2NABd8SoYYBPWCIaccbOfZqAjbS1eqAQWrPe56WN_Cy5J82v3QsZgquS1OiGyKRFbZQiqcsaNGxkL9B76OgiTzMzLx3hIG6jH-w2Gn82BA9VNJeWq0HZthigL9mVMbgrIHG4KojAWWC87_bQO761P0b92PLsbBqKnqfQZxH6sSKP4GBJ97aqSOqow4ipj2XaviHSSGPhn9F6VFEvjXX5SZAGqSH0ze0ryxL75dMEQxZE24B5BiQ20eZ39GJ0LYunwKNCurlMcy3YBXH2vtYRa9fD0Y_4nO3Jr1VnhEI0GWdoJw2lAidxUv9_GkQttcgdv6MAVTDV3RwSwSIW-b3jIBYlazDzVaRxPs-9rUNs7koeSG2RC3Wu19RGIwPRXJEILAu53VfYRlUn_YH4QFe72sXafjwg2KsLwp4DGDvG9accEG2SwVKdTndWj-D38C500U3nvbBtAmwhCwqNL58f3Ps1dIB707PWU9EuNW2D-06sOpwrvveHhcnnEJ-WImTvROOJq1OF3pgrw-P5yVLBBmxfN0K_M4fznkCKy_yf_jubUEgJjqsNghUe7O0nf2zi3w0OMkCT93o0RZz8Q2mqUC_1xwpmITf-zC4y5gkNmGhlj7obCr47IV-AQfMK-LYskRuqXp6-eT416aH8ICQaqcw5hMb4lA5oMz-zKQYaZewCatfwX_c-frL-pw3vD7ZlKhjiqchFpDOchZJEVT7_rsmnQxptV2E0EJfkFdu1mpP5o_UMrISDgCipRUvTGAOfVPk7tyniQ1o4fAKEmrWpd4TscZOYC8HZHu7Kzs7XVu81Q-jAu8mIwxSknL2HcPQgqm70yn8PdVoocHkrohgXSI1ewReAyPukQqvKSR6erys8rlUSvUZgIgfGfPN8iQO3MJNSrtcGB-_t7_cuGJP6gSTtIrJThJV6Z-SAqQwtv7TG_5P6F8L5LSDpKmgbJYL3yAzgef7NADnhbehuuO8xjkWopr_9YaKiCUb3yIUkNBrKD1owT6QXvJlB2p-r1wSyH6YU1366CVgfLJnJyphMXQn-3Z5873LdcPVrPoirOaEfzcYwa-dteBHz43SILTAL5KafViE1PI_ryIhHJw_aw8ffRgvpzUJVI42T5SlBbrIqHbbrIKJ7Gm9gDrZGAGx5M5hZH5ebY2kRMsCWt0RhZaZ4HUl2SB0rA_7ZksLuuFUbr3DfIXjz3NlMRrFI3ufeeMjJ5NTMj7rHVQSYwoHe6uSfHh1GpT2GYjsOrO314MWserne5hC7mCp7l-FeHCiFBNuJCiZJiyrpKfoZ3P3zVeJSGxogz_pOP3eW3C1UlM2dU50OqkAZhZHtS9twPvunV3TErCmCZG_sIPQEmCtT0dcKyuC29MWCVuwJ6u2UR4Xn2mbXi4vISqxcscELVoD_K7Rc5190aMM-7rpFVDTPSL9S6G3wqrtXFeyqsMA5wi5-qXvuLEJ5D05XK0CPCTO5r5MQmFgMl2faz_4Pqm7IGxg8Kh3uj9WlrCWa3JfOsrO0Vn71uS4Khb8E0XGupr3GgJghN75QKhSxlAk-fH5tJDzxLD03J5vWP28lVV0deeyZvIvZPGuxy_43ZtXXEz21_hAakIxhhiFFGvb2m8ITTw5HD0P-hhXBpb2cJU0VDGBndWqGh5zkIJ-HLRUctT1NYfsyEUG7ZkzFr9b3kca8AqOaGBkVQbcVfBkkUoYA1yTv4md3Ow66z3NKkCCfqX2Jku7pPPgbIQPx9pWwWZJZWyyrUl-q1heIJEbCBy12JHe5j9DkSkI2We7cIdllkD7NWtFoJm4_W2YlO2B8Ek3mRR8X6qgjqE17CSzT5Scs_NiYMmIPfJuffYCo-15UFBODJpCGKEiC-sQ36DaR3Z_Hbj6bDx-a0gAv2Sz_f_KHlEUwKt2iBwvYdKHUwu7H2p508iHAVVeKjvYLsZVFKaSg7Ou4MdbreTujyF0rXoDzqun9bnovr4rxcRY&cid=CAASFeRo_Ibzyc9iQtiTgp5Hn32wuMvaFw&rfl=2%2Chttps%253A%252F%252Frg.ru%242%2Chttps%253A%252F%252Frg.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:59:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:59:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame EF47 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3cGIpF6nbxx449tE5I1z73dCgaocYRybvg2LWw8Wn1qIuHIKZoUC4QVhNsAxE6pFXl15IU6MShuGK4haRM9QweUWqCnCe0Ky5tIjrfttEhqbpiWsGTfB7Exf4Da-7mLZ-BQlm_SxiRDzn6JkhfSBNmCpKig&dbm_d=AKAmf-DLLa2qJvzr4cCAbJe6RnyugrPpAihoDaQMISce1V2yQc72No9Kuifdn98IiJ4NWw9n-7Eg3WtVEIujXHNlTJeUGY_e1d7bYZyERCl8tCuED3RJkxC802tIQ085j7h2p5HU3amHm-45jxmadGGXAH0PySugdaSRHTRqZm0fKFGY5mVjGbGWErAubzojpKduXfA5eGADHaF2I90DYbLdE_QLiXNOkhay1cDI2b8Pv-TZu4wytcdk2UdIY6eZ3drAzQPKrOZirEdL4iH0J6pqVu9fv5SP5Cdv5YViRGXhUum0Vh1fsPOG7gxG9dOVk6sr_tiVcPZ7wxahHvpaHEsVI5sL7tG6W4YKay8dfJzBBYPEKdjHhTRAWphc7Mgnhy_2MRk2fVmm3jO10StZGHefu4nLSekudoDt1agPy2K4DuT6NX_VQVMfyIk3jr61Z1twB-JTIAW-vU3XsDn_TJ9abuMX7gxHoYKU_0csTsINpALTSjLG2cQmUFA_5tyHxjtxEwFXlMeetk2IxLMLRuXAGFXOGNYr4W8oXJlwYcLOX7UcrB1iMnq5ZdJpe08W9Z0hj3m1vWCE2lVgiRLcIeGdJB4U_koNAB4TzOjKKDEScYyMOLxOErp_E_DDcq-x1fQG3foMkB7Ghbw3xgMV9O2i3om5Oizi19H96zAuwFpAxKrHL0S9lY0vvsqyHOpukoAoRP8DZtZtII7mshWJNkamzFrWtkKiSlMO96o3yjwCSoeYNbtumUgmz3rERr2WS33PisBVZp56kn1TMHKenjKvHQJF8k83fiecfIhYco8gfFdKEP1BxKyqpsYhYJfjyv2jSAPgnsBOtI1Gcp6K76ChOG7vAnzBuCUGcReENiXZR_hy7ETNQNETLaBC_JzFa3wuVyH28sg_Lxs05mMPXNyfvfXpNz_wkuE0fJ6UhtveEYROMq89ymBwkWzLvggdNHa8UXDPyqQHcLVxXESploIHt_QwMDEdR9DB24LDHIFTBoUC18dFOQJ6iaCU0_oyoQa3jBaN0MQevvVq6RbJerTn0O1gsYjY69NlPLBtt9_p80sXvdnH_VyrvC_kkdphrf1B_RUrMRIxiQkQ7bv2rEXEYBE6X4WWnhJ4uAkvIrip8S9jhq3BTOaBuCNZofFYoNbeGDRtaJowsO6AQvcox2aaNNbTDBdXGfswBX4iUxfWXhiAMySgAd0E-wCsfRHQb7gYv82vWiWwYmcMVST_xjeq6fvqr3aNaE0yBRdRWjFHyPtHoQtBW_W0HtnhfWG8DsbU4AoLs-CFQs9gBd2XAj4SQ1F7nLkZiSVt-tGWVnXGUdx6F2bqJi0Wg1L4piu2My5TrSX6D_onmKiv9Oz7rG_gOs6nmgzHFUHFyB7990amZVCa1reArWUeor9gkPknJYnm4fwuvt9nMDrwF1QH7R-amHTRE6cFzrrfVzxUIkZsama7pglkGnUXgF64NNja2NABd8SoYYBPWCIaccbOfZqAjbS1eqAQWrPe56WN_Cy5J82v3QsZgquS1OiGyKRFbZQiqcsaNGxkL9B76OgiTzMzLx3hIG6jH-w2Gn82BA9VNJeWq0HZthigL9mVMbgrIHG4KojAWWC87_bQO761P0b92PLsbBqKnqfQZxH6sSKP4GBJ97aqSOqow4ipj2XaviHSSGPhn9F6VFEvjXX5SZAGqSH0ze0ryxL75dMEQxZE24B5BiQ20eZ39GJ0LYunwKNCurlMcy3YBXH2vtYRa9fD0Y_4nO3Jr1VnhEI0GWdoJw2lAidxUv9_GkQttcgdv6MAVTDV3RwSwSIW-b3jIBYlazDzVaRxPs-9rUNs7koeSG2RC3Wu19RGIwPRXJEILAu53VfYRlUn_YH4QFe72sXafjwg2KsLwp4DGDvG9accEG2SwVKdTndWj-D38C500U3nvbBtAmwhCwqNL58f3Ps1dIB707PWU9EuNW2D-06sOpwrvveHhcnnEJ-WImTvROOJq1OF3pgrw-P5yVLBBmxfN0K_M4fznkCKy_yf_jubUEgJjqsNghUe7O0nf2zi3w0OMkCT93o0RZz8Q2mqUC_1xwpmITf-zC4y5gkNmGhlj7obCr47IV-AQfMK-LYskRuqXp6-eT416aH8ICQaqcw5hMb4lA5oMz-zKQYaZewCatfwX_c-frL-pw3vD7ZlKhjiqchFpDOchZJEVT7_rsmnQxptV2E0EJfkFdu1mpP5o_UMrISDgCipRUvTGAOfVPk7tyniQ1o4fAKEmrWpd4TscZOYC8HZHu7Kzs7XVu81Q-jAu8mIwxSknL2HcPQgqm70yn8PdVoocHkrohgXSI1ewReAyPukQqvKSR6erys8rlUSvUZgIgfGfPN8iQO3MJNSrtcGB-_t7_cuGJP6gSTtIrJThJV6Z-SAqQwtv7TG_5P6F8L5LSDpKmgbJYL3yAzgef7NADnhbehuuO8xjkWopr_9YaKiCUb3yIUkNBrKD1owT6QXvJlB2p-r1wSyH6YU1366CVgfLJnJyphMXQn-3Z5873LdcPVrPoirOaEfzcYwa-dteBHz43SILTAL5KafViE1PI_ryIhHJw_aw8ffRgvpzUJVI42T5SlBbrIqHbbrIKJ7Gm9gDrZGAGx5M5hZH5ebY2kRMsCWt0RhZaZ4HUl2SB0rA_7ZksLuuFUbr3DfIXjz3NlMRrFI3ufeeMjJ5NTMj7rHVQSYwoHe6uSfHh1GpT2GYjsOrO314MWserne5hC7mCp7l-FeHCiFBNuJCiZJiyrpKfoZ3P3zVeJSGxogz_pOP3eW3C1UlM2dU50OqkAZhZHtS9twPvunV3TErCmCZG_sIPQEmCtT0dcKyuC29MWCVuwJ6u2UR4Xn2mbXi4vISqxcscELVoD_K7Rc5190aMM-7rpFVDTPSL9S6G3wqrtXFeyqsMA5wi5-qXvuLEJ5D05XK0CPCTO5r5MQmFgMl2faz_4Pqm7IGxg8Kh3uj9WlrCWa3JfOsrO0Vn71uS4Khb8E0XGupr3GgJghN75QKhSxlAk-fH5tJDzxLD03J5vWP28lVV0deeyZvIvZPGuxy_43ZtXXEz21_hAakIxhhiFFGvb2m8ITTw5HD0P-hhXBpb2cJU0VDGBndWqGh5zkIJ-HLRUctT1NYfsyEUG7ZkzFr9b3kca8AqOaGBkVQbcVfBkkUoYA1yTv4md3Ow66z3NKkCCfqX2Jku7pPPgbIQPx9pWwWZJZWyyrUl-q1heIJEbCBy12JHe5j9DkSkI2We7cIdllkD7NWtFoJm4_W2YlO2B8Ek3mRR8X6qgjqE17CSzT5Scs_NiYMmIPfJuffYCo-15UFBODJpCGKEiC-sQ36DaR3Z_Hbj6bDx-a0gAv2Sz_f_KHlEUwKt2iBwvYdKHUwu7H2p508iHAVVeKjvYLsZVFKaSg7Ou4MdbreTujyF0rXoDzqun9bnovr4rxcRY&cid=CAASFeRo_Ibzyc9iQtiTgp5Hn32wuMvaFw&rfl=2%2Chttps%253A%252F%252Frg.ru%242%2Chttps%253A%252F%252Frg.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9475
x-xss-protection
0
server
cafe
etag
15988442915344899701
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 06:01:25 GMT
rum
dsum-sec.casalemedia.com/ Frame A74F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY4sHdrAEwAQ&v=APEucNXg4T_gRbbo9A09ExwkXrZTLx9preBx12mDLNZB8j5cr5eYVTUgbrfCNg1SyBCnP-ZJD1d2GhIyyrgLiJi_uuolFzb8wDVEN98z2qGz11V4hd7nrmNx7Dl5q7VI6gTolSXMAtX04YGuOHjkP2CTO19ZgWziQDh_xGfNEE8Uh4FUyQSOu50
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Nov 2021 06:10:08 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 26 Nov 2021 06:10:08 GMT
rum
dsum-sec.casalemedia.com/ Frame A74F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaB6P22zOleo0tMOV6DJyQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY4sHdrAEwAQ&v=APEucNXg4T_gRbbo9A09ExwkXrZTLx9preBx12mDLNZB8j5cr5eYVTUgbrfCNg1SyBCnP-ZJD1d2GhIyyrgLiJi_uuolFzb8wDVEN98z2qGz11V4hd7nrmNx7Dl5q7VI6gTolSXMAtX04YGuOHjkP2CTO19ZgWziQDh_xGfNEE8Uh4FUyQSOu50
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Nov 2021 06:10:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame A74F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO5Itt1yz0H4KMCjEj2c19Q&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO5Itt1yz0H4KMCjEj2c19Q%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO5Itt1yz0H4KMCjEj2c19Q%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY4sHdrAEwAQ&v=APEucNXg4T_gRbbo9A09ExwkXrZTLx9preBx12mDLNZB8j5cr5eYVTUgbrfCNg1SyBCnP-ZJD1d2GhIyyrgLiJi_uuolFzb8wDVEN98z2qGz11V4hd7nrmNx7Dl5q7VI6gTolSXMAtX04YGuOHjkP2CTO19ZgWziQDh_xGfNEE8Uh4FUyQSOu50
Protocol
HTTP/1.1
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
X-Proxy-Origin
89.238.142.213; 89.238.142.213; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
51a8559c-b94a-46c1-807a-0e5fda634189
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
X-Proxy-Origin
89.238.142.213; 89.238.142.213; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
68737f34-4439-4e11-a503-da03669f6a1a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO5Itt1yz0H4KMCjEj2c19Q%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A74F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM5ODcxMDQzMTEyOTc5MTgz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM5ODcxMDQzMTEyOTc5MTgz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ1JWwgwIY4sHdrAEwAQ&v=APEucNXg4T_gRbbo9A09ExwkXrZTLx9preBx12mDLNZB8j5cr5eYVTUgbrfCNg1SyBCnP-ZJD1d2GhIyyrgLiJi_uuolFzb8wDVEN98z2qGz11V4hd7nrmNx7Dl5q7VI6gTolSXMAtX04YGuOHjkP2CTO19ZgWziQDh_xGfNEE8Uh4FUyQSOu50
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
X-Proxy-Origin
89.238.142.213; 89.238.142.213; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4ddcd63a-42cf-4344-9515-4a16fea06488
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM5ODcxMDQzMTEyOTc5MTgz
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E116
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKtKRDw4roCGKPbkroBMAE&v=APEucNWTMQkWMb5Tmg5ad4BS8vPNqShqiJUQ00BdWoHmmh0JWL0e8OO1CtizeJ9clpgM7GnLRv5O7zPy1h6C60JhvDOmKcu5N_5PIwu49715n_2le0iixBB5EN6xJo61s4xzQI5Ohiwx1qPOgnGQqPvimpX2dy62-MRPHI8fXo3GPPWxHC146yw
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Nov 2021 06:10:08 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 26 Nov 2021 06:10:08 GMT
rum
dsum-sec.casalemedia.com/ Frame E116
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaB6P22zOleo0tMOV6DJyQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKtKRDw4roCGKPbkroBMAE&v=APEucNWTMQkWMb5Tmg5ad4BS8vPNqShqiJUQ00BdWoHmmh0JWL0e8OO1CtizeJ9clpgM7GnLRv5O7zPy1h6C60JhvDOmKcu5N_5PIwu49715n_2le0iixBB5EN6xJo61s4xzQI5Ohiwx1qPOgnGQqPvimpX2dy62-MRPHI8fXo3GPPWxHC146yw
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Nov 2021 06:10:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame E116
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO5Itt1yz0H4KMCjEj2c19Q&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO5Itt1yz0H4KMCjEj2c19Q%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO5Itt1yz0H4KMCjEj2c19Q%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKtKRDw4roCGKPbkroBMAE&v=APEucNWTMQkWMb5Tmg5ad4BS8vPNqShqiJUQ00BdWoHmmh0JWL0e8OO1CtizeJ9clpgM7GnLRv5O7zPy1h6C60JhvDOmKcu5N_5PIwu49715n_2le0iixBB5EN6xJo61s4xzQI5Ohiwx1qPOgnGQqPvimpX2dy62-MRPHI8fXo3GPPWxHC146yw
Protocol
HTTP/1.1
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
X-Proxy-Origin
89.238.142.213; 89.238.142.213; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
33c85e1c-378b-4dcd-b21d-59536ec833aa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
X-Proxy-Origin
89.238.142.213; 89.238.142.213; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ae8c16ea-33ef-4910-8ff7-e4e891a6a5d5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO5Itt1yz0H4KMCjEj2c19Q%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E116
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg2Mzc0MzI5MjMyMzgyMjM4NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg2Mzc0MzI5MjMyMzgyMjM4NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKtKRDw4roCGKPbkroBMAE&v=APEucNWTMQkWMb5Tmg5ad4BS8vPNqShqiJUQ00BdWoHmmh0JWL0e8OO1CtizeJ9clpgM7GnLRv5O7zPy1h6C60JhvDOmKcu5N_5PIwu49715n_2le0iixBB5EN6xJo61s4xzQI5Ohiwx1qPOgnGQqPvimpX2dy62-MRPHI8fXo3GPPWxHC146yw
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
X-Proxy-Origin
89.238.142.213; 89.238.142.213; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
86485fa3-639f-4059-82db-bb214c859333
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg2Mzc0MzI5MjMyMzgyMjM4NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A3BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDgonwYup2ZvAEwAQ&v=APEucNW4DtW-EFpNcfEqZFLECxB8xSzjYA2HxJQm_V1JU8FuUYBJduwu1cUU8ckXadaesopiAPz1HBUa0ZlCs5M1KU1llsnmOLZ0e2bUWuasWCMOV7enff5rojvQLhF0N_tfyfL44D8X3W6JWNODOAkNWSEr0aVfPf9CT3jwz-DErWcR3PW4qVM
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Nov 2021 06:10:08 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 26 Nov 2021 06:10:08 GMT
rum
dsum-sec.casalemedia.com/ Frame A3BA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaB6P22zOleo0tMOV6DJyQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDgonwYup2ZvAEwAQ&v=APEucNW4DtW-EFpNcfEqZFLECxB8xSzjYA2HxJQm_V1JU8FuUYBJduwu1cUU8ckXadaesopiAPz1HBUa0ZlCs5M1KU1llsnmOLZ0e2bUWuasWCMOV7enff5rojvQLhF0N_tfyfL44D8X3W6JWNODOAkNWSEr0aVfPf9CT3jwz-DErWcR3PW4qVM
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 26 Nov 2021 06:10:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFti-nYqR6qh2F7ruIlcM08&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A3BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO5Itt1yz0H4KMCjEj2c19Q&google_cver=1
43 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEO5Itt1yz0H4KMCjEj2c19Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDgonwYup2ZvAEwAQ&v=APEucNW4DtW-EFpNcfEqZFLECxB8xSzjYA2HxJQm_V1JU8FuUYBJduwu1cUU8ckXadaesopiAPz1HBUa0ZlCs5M1KU1llsnmOLZ0e2bUWuasWCMOV7enff5rojvQLhF0N_tfyfL44D8X3W6JWNODOAkNWSEr0aVfPf9CT3jwz-DErWcR3PW4qVM
Protocol
HTTP/1.1
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
X-Proxy-Origin
89.238.142.213; 89.238.142.213; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
713171e6-5db8-434c-9f0f-2f12cf5dd111
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEO5Itt1yz0H4KMCjEj2c19Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A3BA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1OTQwOTc0MDY2NDMyODczNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1OTQwOTc0MDY2NDMyODczNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDgonwYup2ZvAEwAQ&v=APEucNW4DtW-EFpNcfEqZFLECxB8xSzjYA2HxJQm_V1JU8FuUYBJduwu1cUU8ckXadaesopiAPz1HBUa0ZlCs5M1KU1llsnmOLZ0e2bUWuasWCMOV7enff5rojvQLhF0N_tfyfL44D8X3W6JWNODOAkNWSEr0aVfPf9CT3jwz-DErWcR3PW4qVM
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:08 GMT
X-Proxy-Origin
89.238.142.213; 89.238.142.213; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a7281c30-1658-42ff-a8ba-1a4db6bc0eef
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk1OTQwOTc0MDY2NDMyODczNQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
save
ssp.hbrd.io/metrics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/metrics/save?name=ad_container_init
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
tdm-id
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
POST
access-control-allow-origin
https://rg.ru
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
/
ssp.hybrid.ai/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?_KK_3AqRQ0iTmDsxbOX8iHZ9dU8UPLQqxyGWClptXzM8-JEzIUVipABRd7IkJyb3dzZXIiOnsiVXJsIjoiaHR0cHM6Ly9yZy5ydS8yMDIxLzExLzI1L2tvbGljaGVzdHZvLWF0YWstbmEtYml6bmVzLXMtcG9tb3NoY2hpdS1wcm9ncmFtbS12eW1vZ2F0ZWxlai11dmVsaWNoaWxvcy1uYS0yMDAuaHRtbCIsIkxhbmd1YWdlIjoiZW4tVVMiLCJTY3JlZW5XaWR0aCI6MTYwMCwiU2NyZWVuSGVpZ2h0IjoxMjAwLCJUaW1lem9uZU9mZnNldCI6MH0sIklzRmlyc3QiOnRydWUsIlBhZ2VWaXNpdElkIjoiNjcyNTU4MTIwMjk4NzI0MzE2Mzc5MDcwMDcyNzEiLCJBZFBsYWNlTnVtYmVyIjoxLCJQbGFjZUlkIjoiNWZiNTEyNTA0ZDUwNmVhNTVjYjdmNjQzIiwiQ29udGFpbmVySWQiOiJpbi1pbWFnZS1vdmVybGF5LTVmYjUxMjUwNGQ1MDZlYTU1Y2I3ZjY0My1iYW5uZXItaWQtNzA0NDE0MzMzNzQ3IiwiYWRkaXRpb25hbEluZm8iOnsiaW1hZ2VVcmwiOiJodHRwczovL2NkbmltZy5yZy5ydS9pbWcvY29udGVudC8yMjEvNjMvNzMvMjIxNV90XzEwMHg2Ny5wbmciLCJpbWFnZVNpemVzIjpbIjQ2OHg2MCJdLCJtYXhXaWR0aCI6Njk1LCJtYXhIZWlnaHQiOjM5MSwiSHlicmlkQWlCb2JJZCI6ImZmNTY1Yzg5ZmUxY2I2MjgxMjc3NDg2Mzc3Y2IxMTUwIn19&gdpr_cnsnt=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
tdm-id
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
GET
access-control-allow-origin
https://rg.ru
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
plgt.js
dm.hybrid.ai/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dm.hybrid.ai/plgt.js?gapl=&cs=&pcs=&vcs=
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp/in-image-overlay.js?ver=2e56d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
111
x-xss-protection
1; mode=block
expires
-1
/
ssp.hybrid.ai/
Redirect Chain
  • https://ssp.hbrd.io/metrics/save?name=ad_container_init
  • https://ssp.hybrid.ai/?M7U9wbMcHW/Hg6fXJ7DHd72M6z9Iy1J86BarCwrskOp3lpRXOQio49A3H410vCIZ
0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?M7U9wbMcHW/Hg6fXJ7DHd72M6z9Iy1J86BarCwrskOp3lpRXOQio49A3H410vCIZ
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
null
date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

Redirect headers

location
https://ssp.hybrid.ai/?M7U9wbMcHW/Hg6fXJ7DHd72M6z9Iy1J86BarCwrskOp3lpRXOQio49A3H410vCIZ
date
Fri, 26 Nov 2021 06:10:07 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
access-control-allow-origin
https://rg.ru
content-length
0
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
/
ssp.hybrid.ai/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?_KK_3AqRQ0iTmDsxbOX8iHZ9dU8UPLQqxyGWClptXzM8-JEzIUVipABRd7IkJyb3dzZXIiOnsiVXJsIjoiaHR0cHM6Ly9yZy5ydS8yMDIxLzExLzI1L2tvbGljaGVzdHZvLWF0YWstbmEtYml6bmVzLXMtcG9tb3NoY2hpdS1wcm9ncmFtbS12eW1vZ2F0ZWxlai11dmVsaWNoaWxvcy1uYS0yMDAuaHRtbCIsIkxhbmd1YWdlIjoiZW4tVVMiLCJTY3JlZW5XaWR0aCI6MTYwMCwiU2NyZWVuSGVpZ2h0IjoxMjAwLCJUaW1lem9uZU9mZnNldCI6MH0sIklzRmlyc3QiOnRydWUsIlBhZ2VWaXNpdElkIjoiNjcyNTU4MTIwMjk4NzI0MzE2Mzc5MDcwMDcyNzEiLCJBZFBsYWNlTnVtYmVyIjoxLCJQbGFjZUlkIjoiNWZiNTEyNTA0ZDUwNmVhNTVjYjdmNjQzIiwiQ29udGFpbmVySWQiOiJpbi1pbWFnZS1vdmVybGF5LTVmYjUxMjUwNGQ1MDZlYTU1Y2I3ZjY0My1iYW5uZXItaWQtNzA0NDE0MzMzNzQ3IiwiYWRkaXRpb25hbEluZm8iOnsiaW1hZ2VVcmwiOiJodHRwczovL2NkbmltZy5yZy5ydS9pbWcvY29udGVudC8yMjEvNjMvNzMvMjIxNV90XzEwMHg2Ny5wbmciLCJpbWFnZVNpemVzIjpbIjQ2OHg2MCJdLCJtYXhXaWR0aCI6Njk1LCJtYXhIZWlnaHQiOjM5MSwiSHlicmlkQWlCb2JJZCI6ImZmNTY1Yzg5ZmUxY2I2MjgxMjc3NDg2Mzc3Y2IxMTUwIn19&gdpr_cnsnt=
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637907005509
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
tdm-id
87547e5dbe4b438db22f45aa23e01e29
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
view
googleads4.g.doubleclick.net/pcs/ Frame 2A7C 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1g8zasmiuDWKcdaGRpGF5yKoWhpweV2nXLFKEfJE2fl39DpaqPvBpxYXxpMcgR0_szOPFpQ6-FNaWn3phukHY0T1-t0EKlRX0zx4yT4R0bkwEQWaR0WZnCyQ4C6J5mSfCQbzcB0L_R4mFqIPxqszWVskMcjSUQg5Sigx_CTy0vXugXd3liTpUlKZWWd3ZDPpiDxjMkgQWVDzmBLlw-ra9wSArYTgdbORE8c3bD2ApLUF7FEXjIM-i6rEymBLjh8UzO25gI7XWofSltYTKg54rqRHXcudnMEaqyGOePlyRPwE6LWJwWFdzLmz0m8RLSTUGifgxWEBpnHCBs0oamJUnida-3RezSifT2sTBg1YTs1bwqTowsGDBNUWqHt7B-91EiCTsgELgyMTB1LLbDZvrXvYkAJbUJf0-wrkEuY7rIp-Icqr1e-TWn-Yt8oQjvJHuVdUJhKwhoCse5YJukZX89Zban0Aw8CgbVxeyjtLwoHn24TEdqaMm5FwC3LzCOAiCv8TyKx6Q4Euu9rgfBNrrVo8xKGvGHGhCmu_FuhsNNAxeDSKhKpT0K5eZGTk1aSdYM7bfOJeD8LtRshck6KOmBoZnKGAZDDt9b0N8efc5ZS3BFM-EQd36iylQRhIMBnF6oTFgXwaQSE55Pdr2jQ44FQN7LGDZsEs7Xo0ikmALCMVvKP7KXGb6eMAdip3jX1J49U047AqBNl03Aw4IuEkxANWZhgMBl5zP8rMJWtEGvoEXGzGO8eZEOxrA1_qyJdiWoAhL5DhfGrW_PVZPS86YEQCjeYRHPCjHeB22O2DRFjTmDCssvnVM9p1OYkmyg6cnf_I6w-Jhjtzsmzegv58HSLqnX63pYKiAFFGyPLZLCfatAuv-SzUDxmFjVKFTHvN3mFQoEozmjbzyaFY_1jybAXIWNzc5OEpHM-C5IyzYFuynqCIjtHQKMGRxcApwmiTVbtnoZCi6fmLKdjk9DZXWGHhYFVnKol5VSwKFzX9aBpJBkh-5iJMlKVKjDN8SuAaVE27W6h2_e-E1iMkKlfkcwzxztZrFbPu9OFqdwRZqKY6a3JF3RMMs5vk0tZChhPXIA3VcO00Gru-bm8wiiJSQ9YG9HeqyZPxl7A&sai=AMfl-YTzzuPfDBGY55G-f4msurkrQ62tW7hKN9XCG2lJVk3-9XxXDqcca0qvGTNhI3z4ioNH4BPFwySmxTKZ2UXvDeiuAu4LxZvgpg7OT24TYquISwNuJR1bLouorA2PBwN0WJ-XKxSzZKEukNd6xgnTIZjJl2ZagJdA7_8vs0q9Pp5V938jULaMRwY4EBN9YMo_DUcfyc1_wVFzcF45t4kVEQ3Gs9dIHy5gOoO-KDXNj62jDzFMnoR6CLtrsCBDtDiVfb5ZuJTVglgsDfVP0IzpnZbJ1K1vQjtiN1EFZRRhDAo2ODl-ym8ChCkugFd2Fs2BNJLCX43djTaFIYMLT7zgmW-CJtbciVfWANNNt-ci5o5TE3cXPxCXvcyR6b4DeSfHfm7B5p8JYJ6JmF4&sig=Cg0ArKJSzBHsCTHDTfMOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=312&cbvp=1&cisv=r20211111.85021&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 26 Nov 2021 06:10:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
6205342689269075835
s0.2mdn.net/simgad/ Frame 2A7C 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6205342689269075835
Requested by
Host: 5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
URL: https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d092353ec96bb9f3af3a3940f6e145f8756051dceb0924cadc9750128b080b0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 04:51:31 GMT
x-content-type-options
nosniff
age
4716
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36002
x-xss-protection
0
last-modified
Thu, 04 Nov 2021 10:11:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 04:51:31 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2A7C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
URL: https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 12:48:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 24 Nov 2022 12:48:36 GMT
truncated
/ Frame 2A7C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebcbb2d6286ad58e3dd102b03a96c9d1181129737b5a1c5ed2cad57f5a5d42d9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
khaos.jpg
token.rubiconproject.com/ Frame 1704 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
i.js
cm.lentainform.com/ 		127 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.lentainform.com/i.js?&cbuster=1637907007371475951924
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3515caf66ba8ed3ffb79bc5839c441e1a1a6f800ad69f73e8937b59822f35d9d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b40f3af68e83607-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ads
pubads.g.doubleclick.net/gampad/ Frame D42D 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Natimatica/M27_062_Natimatica_gam_1&description_url=https%3A%2F%2Fnatimatica.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1637907007733
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2868724fe077cabcb342fc23c4821cf7a0632c96345ee8315ebe466d3c94777e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2128
x-xss-protection
0
google-lineitem-id
5842551503
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138372950695
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v0
vtg1.rktch.com/ Frame D42D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&bb=65&siteid=101752&att=1&ma=6
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41257.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
fa49e45c5c75aaa7e204be41fea7bba467dbbdd4ac1a0152cb8be698c165759e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:07 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://rg.ru
Access-Control-Max-Age
0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Authorization, x-ad4-*
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 0FF8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 10:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 10:57:49 GMT
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 3571 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 10:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 10:57:49 GMT
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 6905 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 10:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 10:57:49 GMT
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame F794 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 10:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 10:57:49 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame D35F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14378
x-xss-protection
0
server
cafe
etag
684346926396516684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 26 Nov 2021 06:10:08 GMT
/
www.google.co.uk/pagead/1p-user-list/1014923426/ Frame D35F
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QHqgYZLGAbCrx_APs4izoA...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1178524008&crd=&is_vtc=1&random=2438830475
  • https://www.google.co.uk/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1178524008&crd=&is_vtc=1&random=2438830475...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1178524008&crd=&is_vtc=1&random=2438830475&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.co.uk/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1178524008&crd=&is_vtc=1&random=2438830475&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/1014923426/ Frame D35F
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QHqgYeDJAZKqx_AP2NGwwA...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=398314855&crd=&is_vtc=1&random=1453033947
  • https://www.google.co.uk/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=398314855&crd=&is_vtc=1&random=1453033947&...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=398314855&crd=&is_vtc=1&random=1453033947&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.co.uk/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=398314855&crd=&is_vtc=1&random=1453033947&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
mc.yandex.ru/watch/ Frame D35F 		167 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Frg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A9ezyymqkmijljhdjn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A674866307430%3Ahid%3A291669127%3Az%3A0%3Ai%3A202111260601007%3Aet%3A1637907007%3Ac%3A1%3Arn%3A494675757%3Arqn%3A1%3Au%3A1637907007253037446%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1637907004856%3Ads%3A0%2C0%2C72%2C0%2C0%2C0%2C%2C351%2C1%2C502%2C502%2C0%2C501%3Adsn%3A0%2C0%2C72%2C1%2C0%2C0%2C%2C428%2C0%2C502%2C502%2C0%2C502%3Aco%3A0%3Ast%3A1637907007&t=gdpr()ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ef77496826c03c87abbeeebd68d2eb1ec067432b60c1785b70d5c5391ff7fb83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Nov-2021 06:10:07 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:07 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FF18 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com
URL: https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 12:48:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148891
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 24 Nov 2022 12:48:36 GMT
truncated
/ Frame FF18 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2d9324ed8a3749631689c2035a044424b33852429483517714e135b5823b0b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
advert.gif
mc.yandex.ru/metrika/ Frame D35F 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif?t=ti(4)
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 26 Nov 2021 07:10:08 GMT
/
ssp.hybrid.ai/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?OZOskJhKDeVs+9Yyl+wrh0n97Bgfj3h4We1FPNER+EmNPQWBi7k1QfCyLzj6Jyg6VQ6LfEcrVb3yThwiQmohTw==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
tdm-id
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
POST
access-control-allow-origin
null
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
index.html
s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/ Frame E42C 		78 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bee7dda6799c6b9e586c040dbdb35426dd0f6c30367ef0e3c804b5a4205a8a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Wed, 24 Nov 2021 20:14:12 GMT
expires
Thu, 24 Nov 2022 20:14:12 GMT
last-modified
Fri, 04 Jun 2021 13:11:11 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
21263
age
122156
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame FF18 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFwZZBgfZ683l2aa2VLeDUXmX1bguUuQsY7s08Z_i32RgZcJY73uOeLJQKB5jR9IccCZSxtFYyqwg6SRD65KEOuZq48nmlblGNgkCj6dD24dlA3Trwo9y-KzEA6Z1UTZ9y-alLy9P0fKQ5VoH6Lgtlh7ZFlmEP-Au6eqGcWVl3StZHpAJ9YjDvow2hB4PSYptl6qOKMBXH2dPwLisZp1-NzrpsoKhToG7dG8Pz7fjcyb-Lv-XYCXVRoLOsjdbe_jOvd_pwUOz2W9OvAi9QntjViHEaZH3LgIs6UB1xToNXXp0TdHLYmLePU5nvC3ZzoUlCeo6WItd0NNQDGzGwlhQIeksQRjhFV_DPWNmc0jknuTXDLygcLdk441isSeM1DSmMSlHu_OF6ihbsy4sdaq-jg4PVOCSOD_BxWlww5a_CWv95j6m0OW0mz0k7pz7artyseJdLQp5laXlHInuwcQXuRkw3MzhLkq0x7uY0_CSFKGFtJbW3phys7q1wxyZGdYp-JAb7gPrgow1Q3G60ZpOwIVxeUKA4gVxMyFMEmIlJb6sssEOPnZgu1WK6_oFlHWu7p1ecQSX_6tWN0cMS2NPgbggGfc9B6oVramr8LgO_X6vmgvdu4FZ5oEIBJDJb2nk-mwJAN03slcvSY5hciTgjk7roLL_TMMoFj2tVnMs_dqDDoMLVyp2_gh-rEFYceQXfLPynU2iYz19wElSbz6T58MvUv-QP4Z2UQmieohoolqlySRmYnJG0l478IR7xxUipUR6xiS67ztGNsRdPHy9ECxv48hqq0-qk6cAp3kBsBuTFbqSFGtlBsgUC7fFHOvhkOfKNxTrxijSSOpaKcBI1sW3hszjZltQokS6TegwGZwyia0O9fyAI6ZDqTiQvl1FWEi0HqaOTn-qdQGTQTLt1A0S_tz3bDHWtS9di349durqYEXCS12NDnB35RnGRzro41IiY4-XPIQ0f6t2a1yzp_C00TzU7jXlbhcXht3PRPFrD6-id4ieRUzsM5Lzukf7T8n2TKFzxgvHhWFZOQsrMu2v72qyaxqYfGihlg297LLtOGS9BOe7dT6EU4Tmid4Vsu0fTT_8J5AxTHUXGvAdFhxVVNSgtewLS8bQl9wKe5bSi_0tx&sai=AMfl-YQ8Y5c1HBG1b1n65ueYP1Em9JM67F66Y6iQSI9LtiEjZ5D3RfhPumWaeUInng_rwsfNMMnMXz2PpYpmnmNrLdnFUHqAc9iVTClF27E-nbc3-5ky7f2HDZE5_WvzgJPKHL4pL-DcAmMp8a0Zfwl-0RWDwqPtgmfRXC10gXE&sig=Cg0ArKJSzBXULuruJssKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=262&cbvp=1&cstd=259&cisv=r20211111.71283&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 26 Nov 2021 06:10:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Billboard.html
s0.2mdn.net/sadbundle/1184342033310958829/Billboard/ Frame 3C9D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a3cce4627b0362ecd0864a9051fdaf4b83c762498d155bda559faaaea81c61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2369
date
Fri, 26 Nov 2021 05:02:23 GMT
expires
Sat, 26 Nov 2022 05:02:23 GMT
last-modified
Thu, 25 Nov 2021 01:00:59 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame EF47 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEa51hkKFK_uW8c5_triD5s57_OpJTg24A0zqp3win4nSHz719YTO1qbaCNjo09alqg4QNkva8IU-KYPWV7WIqnjIdbK6Ckawal710UQ9gc4Cm11Z2eM0wUavIVvAtfq7vbgiFUIS3poajJ7yqpm-yXTH7tIfW0uks4HVAMRhL5z4fuABksvXpc6p8nB7NMeOQWCq6fKaX2G5vsD3cwXU8h1-UE6h3lhnxmRmr6BNwsApBpTiTAW_xNZAPoXpa3KC_6WBdB1DLr66tVOsbhW6uIGn2ySY0uIZifkSvLpHDs07YAJkT0lguP8v_0W4aYd8zPse3XuysieM-saLAeImrA7Y0MBjlHRvsOEqohlWnR9YD5rHLanv-FXDdd1uDPJ1y_HooXuQ5TgFY1ku1s2TJLVb9OqFcKGGxYuRkVfk-oHmeTzfkp7CMWbC6CIoHkp0fNbv9pQ9fUJ9ABjrS67CytZG-3CTaHzQ1_dhokQUrzta-RauzOLhk3NZEjegcqgWoaXeXANQp64Bn0KEHC2WlWHcMoSEJudcUGrHsxlrZTnZO0wajPOTFXozkG0gEXpjWJLmC_KF7OT1FlveefUx9YCUpRCAskDXOhZD7lLr3Yx-74sM0Q0oYfs_fV1KSQG9wyeyNkGkPSiGiji60ROGA1lyYWtdZnETt77KeE_et_Awgxg82IBP7eJw4_U3IXJjMWecIDzoOQFxhrc7MOGnKmWbOZhAYM77XqGEAZQ0aU7byeU-jbM4DxmliTVvXFiNhnf7sKk1LKJ-kS9_2LUFTwjcnhFp2eo_LnUEekpUJ7w_p_u4gSrv97ocpwDSTM5WTlLSK2eCxyWJBoLcOilqxNkx8Kqv5YnXeA5rFTuva45kNDgroWaVvOPeLZzS_gu1RHvtmutMCtuQqoCk2ofIRC1TQF8eO1FKo8gm9eWQkcfGpxD1Zos7xXLBlUkwFNg6RLkr8U4kTUU_jAu5augc4a-SiWuu0HtkaeY7fTH8xBKcYTbnFDrHGS6vtZE25rBDFqL549tFHBHsPtllEhTNUmtIM4L68vGEM34Jrs4VLdlWHwHBXxi8ulX0tyOJANzo9Od-h_5izRbSvaNyeTFec7MZvGa8dHNw44FFOc5S4Xg&sai=AMfl-YTgDJaBS6wpQeHEq1SHWxpKavojol_jQodAEAeJrETl_nwYrV7AeRahQfSX4RF3EwynFU0Kf5vMdcH5bnMs__GerkauQ807nZhScG2sMu-kF529lM9Ey0KQ2l15Qh-iDD9A9bpdQW6PnThnpkSA5F7e0W-_a6_7G4WUhBY&sig=Cg0ArKJSzIh3lsGj_eh-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=250&cbvp=1&cstd=249&cisv=r20211111.22173&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 26 Nov 2021 06:10:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ABAA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 24 Nov 2021 12:48:37 GMT
expires
Thu, 24 Nov 2022 12:48:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
148891
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i-noref.js
cm.lentainform.com/ Frame 9BFC 		19 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.lentainform.com/i-noref.js?cbuster=163790700750441186682
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b40f3b03b5e188f-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
ssp.hybrid.ai/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?M7U9wbMcHW/Hg6fXJ7DHd72M6z9Iy1J86BarCwrskOp3lpRXOQio49A3H410vCIZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
tdm-id
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
POST
access-control-allow-origin
null
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
vpaid
ads.betweendigital.com/ Frame D42D 		27 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/vpaid?s=4048930&maxd=90&mind=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
27
content-type
text/xml
596179.xml
cdn-rtb.sape.ru/rtb-b/vast/179/ Frame D42D 		1 KB
968 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-rtb.sape.ru/rtb-b/vast/179/596179.xml
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
asrv233.qwarta.ru
Software
openresty /
Resource Hash
dad7730e8295c62ac978c7c81e1965e8d248ad008d0c96d92bde4c02887218dd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
content-encoding
gzip
x-amz-request-id
16BA2A9190FAFDEF
x-cache-status
HIT
x-xss-protection
1; mode=block
last-modified
Mon, 15 Nov 2021 06:27:11 GMT
server
openresty
etag
W/"e4251df038107d580c8963e91b880da0"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
max-age=3600
access-control-allow-credentials
true
content-security-policy
block-all-mixed-content
expires
Fri, 26 Nov 2021 07:10:08 GMT
v0
vtg1.rktch.com/ Frame D42D 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&bb=63,65&siteid=101752&att=2&ma=6
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41257.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
0d2ccfb1ceafcd7927fe5b1febcdcffcb1a69a5e91c9efc7b8a6486b58e1f757

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://rg.ru
Access-Control-Max-Age
0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Authorization, x-ad4-*
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EF47 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
URL: https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 12:48:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 24 Nov 2022 12:48:36 GMT
truncated
/ Frame EF47 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a188bd505c47a939849a5783eaf86020d672ecb0a33d21cdc7484db774ecd489

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
/
cm.mgid.com/setmuidn/ 		0
686 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/setmuidn/?muidf=lap7fPD6RZam&t=20211126061007
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b40f3b1dd0f7196-LHR
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2798 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 24 Nov 2021 12:48:37 GMT
expires
Thu, 24 Nov 2022 12:48:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
148891
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
37412095
mc.yandex.ru/watch/ Frame D35F 		350 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Frg.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A9ezyymqkmijljhdjn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1222919953191%3Ahid%3A291669127%3Az%3A0%3Ai%3A202111260601007%3Aet%3A1637907008%3Ac%3A1%3Arn%3A31800151%3Arqn%3A1%3Au%3A1637907007253037446%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1637907004856%3Ads%3A0%2C0%2C72%2C0%2C0%2C0%2C%2C351%2C1%2C502%2C502%2C0%2C501%3Adsn%3A0%2C0%2C72%2C1%2C0%2C0%2C%2C428%2C0%2C502%2C502%2C0%2C502%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637907008%3At%3A&t=gdpr(6)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e8519b0a96ee2009b36d2c3a595b2aa1e713c9192fc02b815e8adf5428fdfd24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Nov-2021 06:10:08 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:08 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmn&hash=5e02b0ecf1ab66ee&duid=1637907004608927935&p5=kmgmd&rand=epxgfje&sj=M3G0RVjuE5mB_I9hlAUEVcq-7MHUeb60VryiC5Gw6G4htIpndj1xHHxqeYO3Mw%3D%3D&ad-session-id=6991771637907003995&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvnei&rqs=POaighaSwEg9eqBhtdTVMMX_MaAbZIuf&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
740372
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame FEDF 		43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/740372
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.14/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.14/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
DcmEnabler_01_245.js
s0.2mdn.net/879366/ Frame E42C 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:23:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64027
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10285
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 12:23:01 GMT
storage.html
moe.video/ Frame F55A 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1745/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.54 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f51.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 26 Nov 2021 06:10:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 24 Nov 2021 07:12:27 GMT
ETag
W/"619de5db-4783"
X-My-Name
s37
X-My-Reqtime
0.080
X-B-Name
f51
Content-Encoding
gzip
truncated
/ Frame 265F 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3C9D 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 06:10:08 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 3C9D 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Fri, 26 Nov 2021 06:25:08 GMT
Billboard.js
s0.2mdn.net/sadbundle/1184342033310958829/Billboard/ Frame 3C9D 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06ff05da654aafd185cbc53f9121809602b4d9bdb3bb3aa697c6199a36dc0541
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:02:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3163
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 01:00:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 05:02:23 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame D35F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1637907007854&cv=9&fst=1637907007854&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f449d638832bc897eb6ba35ffd579b7f799f0348a67b3216223605d8918b7fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1106
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame D35F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1637907007858&cv=9&fst=1637907007858&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf0105913cb2ea2f78c095ead435163d02e6fb074bd97a0ec1fa8bc8c0baec90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1109
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame D35F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1637907007861&cv=9&fst=1637907007861&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ed13ec80a8334ed1ff0de1dad6fd56084b5dcb3be8ac12059f4a7e63df34f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1106
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame D35F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1637907007862&cv=9&fst=1637907007862&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5328dcab3adab710876123de00c0434f1517249191ffebb9f9b0640479361ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1109
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BC72 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 24 Nov 2021 12:48:37 GMT
expires
Thu, 24 Nov 2022 12:48:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
148891
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pl14906
ssp.bidvol.com/vast/ Frame D42D 		49 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.bidvol.com/vast/pl14906?page=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&domain=rg.ru
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.1.47 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.1.108.65.clients.your-server.de
Software
nginx/1.14.0 /
Resource Hash
3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
server
nginx/1.14.0
surrogate-control
no-store
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-length
49
x-request-id
e33bb783-9764-4a2d-99b7-c831c4122f17
expires
0
v0
vtg1.rktch.com/ Frame D42D 		21 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&bb=87,63,65&siteid=101752&att=3&ma=6
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41257.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:08 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://rg.ru
Access-Control-Max-Age
0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Authorization, x-ad4-*
counter.php
autocounter.lentainform.com/autocreative/ 		0
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://autocounter.lentainform.com/autocreative/counter.php?id=706556&pid=64365&referer=&cxurl=https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&undefinedh2=qfhc2xK2KoQKzoip0ATWKs9O8TFW0ufQTl77umemRow*&cbuster=1637907007908177150909
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b40f3b2cb813607-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame FF18 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFwZZBgfZ683l2aa2VLeDUXmX1bguUuQsY7s08Z_i32RgZcJY73uOeLJQKB5jR9IccCZSxtFYyqwg6SRD65KEOuZq48nmlblGNgkCj6dD24dlA3Trwo9y-KzEA6Z1UTZ9y-alLy9P0fKQ5VoH6Lgtlh7ZFlmEP-Au6eqGcWVl3StZHpAJ9YjDvow2hB4PSYptl6qOKMBXH2dPwLisZp1-NzrpsoKhToG7dG8Pz7fjcyb-Lv-XYCXVRoLOsjdbe_jOvd_pwUOz2W9OvAi9QntjViHEaZH3LgIs6UB1xToNXXp0TdHLYmLePU5nvC3ZzoUlCeo6WItd0NNQDGzGwlhQIeksQRjhFV_DPWNmc0jknuTXDLygcLdk441isSeM1DSmMSlHu_OF6ihbsy4sdaq-jg4PVOCSOD_BxWlww5a_CWv95j6m0OW0mz0k7pz7artyseJdLQp5laXlHInuwcQXuRkw3MzhLkq0x7uY0_CSFKGFtJbW3phys7q1wxyZGdYp-JAb7gPrgow1Q3G60ZpOwIVxeUKA4gVxMyFMEmIlJb6sssEOPnZgu1WK6_oFlHWu7p1ecQSX_6tWN0cMS2NPgbggGfc9B6oVramr8LgO_X6vmgvdu4FZ5oEIBJDJb2nk-mwJAN03slcvSY5hciTgjk7roLL_TMMoFj2tVnMs_dqDDoMLVyp2_gh-rEFYceQXfLPynU2iYz19wElSbz6T58MvUv-QP4Z2UQmieohoolqlySRmYnJG0l478IR7xxUipUR6xiS67ztGNsRdPHy9ECxv48hqq0-qk6cAp3kBsBuTFbqSFGtlBsgUC7fFHOvhkOfKNxTrxijSSOpaKcBI1sW3hszjZltQokS6TegwGZwyia0O9fyAI6ZDqTiQvl1FWEi0HqaOTn-qdQGTQTLt1A0S_tz3bDHWtS9di349durqYEXCS12NDnB35RnGRzro41IiY4-XPIQ0f6t2a1yzp_C00TzU7jXlbhcXht3PRPFrD6-id4ieRUzsM5Lzukf7T8n2TKFzxgvHhWFZOQsrMu2v72qyaxqYfGihlg297LLtOGS9BOe7dT6EU4Tmid4Vsu0fTT_8J5AxTHUXGvAdFhxVVNSgtewLS8bQl9wKe5bSi_0tx&sai=AMfl-YQ8Y5c1HBG1b1n65ueYP1Em9JM67F66Y6iQSI9LtiEjZ5D3RfhPumWaeUInng_rwsfNMMnMXz2PpYpmnmNrLdnFUHqAc9iVTClF27E-nbc3-5ky7f2HDZE5_WvzgJPKHL4pL-DcAmMp8a0Zfwl-0RWDwqPtgmfRXC10gXE&sig=Cg0ArKJSzBXULuruJssKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=702&vt=11&dtpt=440&dett=3&cstd=259&cisv=r20211111.71283&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
ad.vidver.to/delivery/ Frame FEDF
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=59b3de82-cb25-534a-b279-9971d3d9e34d&expires=60
  • https://ad.mox.tv/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51
  • https://ad.mediawayss.com/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
  • https://ad.outstream.today/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
  • https://ad.adopx.net/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
  • https://ad.invamia.com/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
  • https://ad.vidverto.io/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=YWQudmlkdmVyLnRv
  • https://ad.vidver.to/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=
0
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Nov 2021 06:10:09 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ad.vidver.to/delivery/sync?userid=d9472326-3f72-43ef-915b-ee22abeb2c51&inner_redirect=1&inner_uuid=44177dbe-e8a5-43e7-b936-24bac7927ce3&redirect_host_list=
date
Fri, 26 Nov 2021 06:10:09 GMT
server
nginx/1.14.0 (Ubuntu)
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
save
ssp.hbrd.io/metrics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/metrics/save?name=banner_not_returned
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
tdm-id
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
POST
access-control-allow-origin
https://rg.ru
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
/
ssp.hybrid.ai/
Redirect Chain
  • https://ssp.hbrd.io/metrics/save?name=banner_not_returned
  • https://ssp.hybrid.ai/?SSnd7N94OcuB24DXqp+8Ob/ZNPPJT4Fu4HAIBR5iiP66qVjbCea5337do6o9LbDSwZC+00oUwd4altU7P/AnfQ==
0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?SSnd7N94OcuB24DXqp+8Ob/ZNPPJT4Fu4HAIBR5iiP66qVjbCea5337do6o9LbDSwZC+00oUwd4altU7P/AnfQ==
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
null
date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'

Redirect headers

location
https://ssp.hybrid.ai/?SSnd7N94OcuB24DXqp+8Ob/ZNPPJT4Fu4HAIBR5iiP66qVjbCea5337do6o9LbDSwZC+00oUwd4altU7P/AnfQ==
date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
access-control-allow-origin
https://rg.ru
content-length
0
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
view
googleads4.g.doubleclick.net/pcs/ Frame 2A7C 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1g8zasmiuDWKcdaGRpGF5yKoWhpweV2nXLFKEfJE2fl39DpaqPvBpxYXxpMcgR0_szOPFpQ6-FNaWn3phukHY0T1-t0EKlRX0zx4yT4R0bkwEQWaR0WZnCyQ4C6J5mSfCQbzcB0L_R4mFqIPxqszWVskMcjSUQg5Sigx_CTy0vXugXd3liTpUlKZWWd3ZDPpiDxjMkgQWVDzmBLlw-ra9wSArYTgdbORE8c3bD2ApLUF7FEXjIM-i6rEymBLjh8UzO25gI7XWofSltYTKg54rqRHXcudnMEaqyGOePlyRPwE6LWJwWFdzLmz0m8RLSTUGifgxWEBpnHCBs0oamJUnida-3RezSifT2sTBg1YTs1bwqTowsGDBNUWqHt7B-91EiCTsgELgyMTB1LLbDZvrXvYkAJbUJf0-wrkEuY7rIp-Icqr1e-TWn-Yt8oQjvJHuVdUJhKwhoCse5YJukZX89Zban0Aw8CgbVxeyjtLwoHn24TEdqaMm5FwC3LzCOAiCv8TyKx6Q4Euu9rgfBNrrVo8xKGvGHGhCmu_FuhsNNAxeDSKhKpT0K5eZGTk1aSdYM7bfOJeD8LtRshck6KOmBoZnKGAZDDt9b0N8efc5ZS3BFM-EQd36iylQRhIMBnF6oTFgXwaQSE55Pdr2jQ44FQN7LGDZsEs7Xo0ikmALCMVvKP7KXGb6eMAdip3jX1J49U047AqBNl03Aw4IuEkxANWZhgMBl5zP8rMJWtEGvoEXGzGO8eZEOxrA1_qyJdiWoAhL5DhfGrW_PVZPS86YEQCjeYRHPCjHeB22O2DRFjTmDCssvnVM9p1OYkmyg6cnf_I6w-Jhjtzsmzegv58HSLqnX63pYKiAFFGyPLZLCfatAuv-SzUDxmFjVKFTHvN3mFQoEozmjbzyaFY_1jybAXIWNzc5OEpHM-C5IyzYFuynqCIjtHQKMGRxcApwmiTVbtnoZCi6fmLKdjk9DZXWGHhYFVnKol5VSwKFzX9aBpJBkh-5iJMlKVKjDN8SuAaVE27W6h2_e-E1iMkKlfkcwzxztZrFbPu9OFqdwRZqKY6a3JF3RMMs5vk0tZChhPXIA3VcO00Gru-bm8wiiJSQ9YG9HeqyZPxl7A&sai=AMfl-YTzzuPfDBGY55G-f4msurkrQ62tW7hKN9XCG2lJVk3-9XxXDqcca0qvGTNhI3z4ioNH4BPFwySmxTKZ2UXvDeiuAu4LxZvgpg7OT24TYquISwNuJR1bLouorA2PBwN0WJ-XKxSzZKEukNd6xgnTIZjJl2ZagJdA7_8vs0q9Pp5V938jULaMRwY4EBN9YMo_DUcfyc1_wVFzcF45t4kVEQ3Gs9dIHy5gOoO-KDXNj62jDzFMnoR6CLtrsCBDtDiVfb5ZuJTVglgsDfVP0IzpnZbJ1K1vQjtiN1EFZRRhDAo2ODl-ym8ChCkugFd2Fs2BNJLCX43djTaFIYMLT7zgmW-CJtbciVfWANNNt-ci5o5TE3cXPxCXvcyR6b4DeSfHfm7B5p8JYJ6JmF4&sig=Cg0ArKJSzBHsCTHDTfMOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1000&vt=11&dtpt=688&dett=3&cstd=1000&cisv=r20211111.85021&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/6147111354051370868/300x250/ Frame A99B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6147111354051370868/300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6289857880b44507ede0cf1f9868b7219b56831b0001ab74dafa447a300149c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2676
date
Wed, 24 Nov 2021 09:58:47 GMT
expires
Thu, 24 Nov 2022 09:58:47 GMT
last-modified
Thu, 04 Nov 2021 10:11:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
159081
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
pagead2.googlesyndication.com/bg/ Frame ABAA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 13:27:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
146542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13296
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 13:27:46 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame D35F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1637907007858&cv=9&fst=1637906400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=1346248798&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/693627671/ Frame D35F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/693627671/?random=1637907007858&cv=9&fst=1637906400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=1346248798&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame D35F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1637907007854&cv=9&fst=1637906400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=813597624&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/947884341/ Frame D35F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/947884341/?random=1637907007854&cv=9&fst=1637906400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=813597624&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame D35F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1637907007862&cv=9&fst=1637906400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=3688149984&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/693627671/ Frame D35F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/693627671/?random=1637907007862&cv=9&fst=1637906400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=3688149984&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame D35F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1637907007861&cv=9&fst=1637906400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=686866603&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/947884341/ Frame D35F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/947884341/?random=1637907007861&cv=9&fst=1637906400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=686866603&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
overlay.png
s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/ Frame E42C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/overlay.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83f800302618e037306433542788bbf1cfb36bd22857d3b5b95ccbc3602ffe79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 17:46:23 GMT
x-content-type-options
nosniff
age
217425
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11903
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 13:11:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 17:46:23 GMT
bg.jpg
s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/ Frame E42C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/bg.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3a041676beb72630fef1c9b53b10d1592bc0423738fdfdcf15ff1894aa8c3a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 21:33:21 GMT
x-content-type-options
nosniff
age
290207
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12243
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 13:11:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Nov 2022 21:33:21 GMT
texture.jpg
s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/ Frame E42C 		313 KB
313 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/texture.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c49017ac2fe4ca4064db2ae091a585a2e57b6b006350cd4e2bc61ad03471706f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10545549100808179451/UK_320x100/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 15:18:48 GMT
x-content-type-options
nosniff
age
139880
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
320728
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 13:11:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 24 Nov 2022 15:18:48 GMT
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 2798 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 10:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 10:57:49 GMT
_20.png
s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/ Frame 3C9D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/_20.png
Requested by
Host: 09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
URL: https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b2ca6ead7860fe6c344f6f0c6cf7e76591b3703eaea872400474f7899a6b761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:02:24 GMT
x-content-type-options
nosniff
age
4064
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10346
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 01:00:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 05:02:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EF47 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEa51hkKFK_uW8c5_triD5s57_OpJTg24A0zqp3win4nSHz719YTO1qbaCNjo09alqg4QNkva8IU-KYPWV7WIqnjIdbK6Ckawal710UQ9gc4Cm11Z2eM0wUavIVvAtfq7vbgiFUIS3poajJ7yqpm-yXTH7tIfW0uks4HVAMRhL5z4fuABksvXpc6p8nB7NMeOQWCq6fKaX2G5vsD3cwXU8h1-UE6h3lhnxmRmr6BNwsApBpTiTAW_xNZAPoXpa3KC_6WBdB1DLr66tVOsbhW6uIGn2ySY0uIZifkSvLpHDs07YAJkT0lguP8v_0W4aYd8zPse3XuysieM-saLAeImrA7Y0MBjlHRvsOEqohlWnR9YD5rHLanv-FXDdd1uDPJ1y_HooXuQ5TgFY1ku1s2TJLVb9OqFcKGGxYuRkVfk-oHmeTzfkp7CMWbC6CIoHkp0fNbv9pQ9fUJ9ABjrS67CytZG-3CTaHzQ1_dhokQUrzta-RauzOLhk3NZEjegcqgWoaXeXANQp64Bn0KEHC2WlWHcMoSEJudcUGrHsxlrZTnZO0wajPOTFXozkG0gEXpjWJLmC_KF7OT1FlveefUx9YCUpRCAskDXOhZD7lLr3Yx-74sM0Q0oYfs_fV1KSQG9wyeyNkGkPSiGiji60ROGA1lyYWtdZnETt77KeE_et_Awgxg82IBP7eJw4_U3IXJjMWecIDzoOQFxhrc7MOGnKmWbOZhAYM77XqGEAZQ0aU7byeU-jbM4DxmliTVvXFiNhnf7sKk1LKJ-kS9_2LUFTwjcnhFp2eo_LnUEekpUJ7w_p_u4gSrv97ocpwDSTM5WTlLSK2eCxyWJBoLcOilqxNkx8Kqv5YnXeA5rFTuva45kNDgroWaVvOPeLZzS_gu1RHvtmutMCtuQqoCk2ofIRC1TQF8eO1FKo8gm9eWQkcfGpxD1Zos7xXLBlUkwFNg6RLkr8U4kTUU_jAu5augc4a-SiWuu0HtkaeY7fTH8xBKcYTbnFDrHGS6vtZE25rBDFqL549tFHBHsPtllEhTNUmtIM4L68vGEM34Jrs4VLdlWHwHBXxi8ulX0tyOJANzo9Od-h_5izRbSvaNyeTFec7MZvGa8dHNw44FFOc5S4Xg&sai=AMfl-YTgDJaBS6wpQeHEq1SHWxpKavojol_jQodAEAeJrETl_nwYrV7AeRahQfSX4RF3EwynFU0Kf5vMdcH5bnMs__GerkauQ807nZhScG2sMu-kF529lM9Ey0KQ2l15Qh-iDD9A9bpdQW6PnThnpkSA5F7e0W-_a6_7G4WUhBY&sig=Cg0ArKJSzIh3lsGj_eh-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=881&vt=11&dtpt=631&dett=3&cstd=249&cisv=r20211111.22173&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A99B 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6147111354051370868/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6147111354051370868/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 06:10:08 GMT
index.js
s0.2mdn.net/sadbundle/6147111354051370868/300x250/ Frame A99B 		44 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6147111354051370868/300x250/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6147111354051370868/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf1f3a3b46784b13d9193cab91ab5bcd0fd5fde87d9ded4c19605e5ae1b0c7be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6147111354051370868/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 14:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9580
x-xss-protection
0
last-modified
Thu, 04 Nov 2021 10:11:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Nov 2022 14:16:58 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmn&hash=e55a1dc73cc0a3f5&duid=1637907004608927935&p5=jznmh&rand=mhkpvnf&sj=gJKTD3J9OgiiIm7fHqAg9_r8V2qkXKiNZOnjfN0Yeg5O5_dFqK3cuG-wBGOGeg%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685738517&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2F&pr=icpfivz&p1=chfib&rqs=POaighaSwEg9eqBhUMIDCCs1FRa2Ps5A&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
/
ssp.hybrid.ai/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?SSnd7N94OcuB24DXqp+8Ob/ZNPPJT4Fu4HAIBR5iiP66qVjbCea5337do6o9LbDSwZC+00oUwd4altU7P/AnfQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
tdm-id
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
POST
access-control-allow-origin
null
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame BC72 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 10:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 10:57:49 GMT
bf.png
s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/ Frame 3C9D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/bf.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93c0a14776b3dca2d17581f6828d40604bb38de7562da8b55ba0e87247642b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:02:52 GMT
x-content-type-options
nosniff
age
4036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2496
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 01:00:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 05:02:52 GMT
_img.jpg
s0.2mdn.net/sadbundle/6147111354051370868/300x250/images/ Frame A99B 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6147111354051370868/300x250/images/_img.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
280c333130164f5b0f3a096e220434eb33e1115b6cf9fce41a10e502f29e7dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6147111354051370868/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 21:17:42 GMT
x-content-type-options
nosniff
age
291146
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91114
x-xss-protection
0
last-modified
Thu, 04 Nov 2021 10:11:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Nov 2022 21:17:42 GMT
bg.png
s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/ Frame 3C9D 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/bg.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90c7bb82a913577903e0f66fbf9d2eb18bb90a7b11ad888e4d636df75a932ac0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:02:53 GMT
x-content-type-options
nosniff
age
4035
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32878
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 01:00:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 05:02:53 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DC4C 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
expires
Fri, 26 Nov 2021 06:10:09 GMT
context.js
an.yandex.ru/system/ 		303 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
202ed59e544d078fce2811123a66ce5614ac9317f3f509e53562c44d0d69b93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
896219988
x-yandex-req-id
1637907009023459-1062923901503997850500239-production-app-host-sas-pcode-79
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 26 Nov 2021 07:10:09 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C969 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
expires
Fri, 26 Nov 2021 06:10:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9842 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=916402354270510&bg=!enmleT3NAAZQLpa_UC47ACkAdvg8WjLjvqomEmKe9Kyq811EfoPl5RyghHLdtxnbZ8HkcfZieNs0zgIAAAJgUgAAAI1oAQcKAQTe1udFLjZg69EzwV68j7kYmvVovnJ_l3qUuReWBXOICVwbydl92waJfcWLGrlEPbt8KChSc4fAJKltMNouN6WD-olIeOgUovfOJOwt0B4ysqI2WYS-lJ2TDP4SodtD8XkQm3_ZzJV8RqPXMfaxugkO-OB4Q-HJq3ARj_eXA6FdF4w-S9BEMqcb4OCxRdQdm2qwWaEQ-xCFTycGBYZDhmkJmC54Is_FuibjbjMymeO3qMJqAQWpeVgJrtIY8x3kJMN4_cScwZnLnzuBNqp1_RB0nxBH4BS_SKHFDgC7kSzjATyyNnJkX6N6kSa7ks7srGRfNonskOk0bMW8t3u3ttnV3wvdSJkCiPxJyX_ikV5xoMiIz87ZiUkCTNGW-cOVPheAM7D2sqLxJ0NfiScdBb16sc-Kv4VWQR8wQiRFm_H7F2YOIKe9tnfJnQDA8yDI22SsE93OSwH8eNKlhp_3iCukqjCADoZSv8HrOhUh6QboO5joKQegxLUTtzVbyYJrrcJ1QBIJXMV_ve6Hff2u_mnGdhSc2V5INmTBzxIQoHCUk6RdXftCdpnb7dgI3OP4JZFkEFAcTzSE0f8_i-qchCdVXUGDqueWDO8JLtQivSRudcafkE86iqZ2GLILmhzaoOtBQBd8-p5efFTJ-RZpI3UtyMSLUM31swbAZTM_VgpcHA2xWoiSM04iyna436fvGsxnnZgig5R4dnWABirO_EI-ldHSwrFdR2G57AfL6bF0oMdh9pi1-0FiO6MkGuusoVjpwN1PhWRtwPXisb-n50jPoPX3sAFcc3gPDqD65qjBJvKiRaxPTDuBhNx8R7dW-zxT1oaV8hBm6-dXuiDsAOEFC8CxTsEP7Zl1bX1SoKL86u5vG0SN1lVN9Bh4PGcK05BrRsxL2gdbuqu0UsiGTqcctf_bv8Q871ZGlxBQSgRErcI2LPmh0bJmh6QMVnTwTh_xeRok_XzvJDe4J8_taNDYr0kQ1tPDpTH1O-5PjzDJVRCdVFvbQ8osUATk93AIU1xA-aOG7PxPHUOhCHVo8Zt-63EOQ-YAmTHjvYZNJ2JWfoCIyEeRsNRsSB9Y7uGbSt8AMzWvl_K_QEEoKBANBLoby00FrgMP6nbpz7-_fTakLf_SAVszpuxsxodvdGODhc5i7guOA4Kl7gFx_K7ceNaxPXDUjd6r5xLjs_ZK8zEFQUhKs0-rMRjc3fPC0BZMzw
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8FB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=632773660835248&bg=!HB-lH1vNAAZQLpa_UC47ACkAdvg8WvQ04vKEso9U2_Ykb2FHV2YsuxE8hfg450sd7Ec0uWrIpjw6LAIAAAKfUgAAAINoAQcKAGq6j3gkVNUMRsHWeV5Ad5FeFS_r5WBlZqHEQvIrUnUew2VdSLHOJqcMfIVAaQPwEsfhvOuSoeG0ZzusXusqSZDiKp395RKSUibnS2elRUn2TcEnjYItx9Iphvqm3_605-qsmp7LTNP9frlSmQKKqWVaB1t_R_iFuqqGLxIqgocbCW7wd29oxr84XOxF0ReDQ6ECDz0ncLx3k4shMzUARsIv7lOV5JCwlxZPZT6UhlI0NHDxmZ5BWfxtiQiR22q5BhrZazsTHiUZitWRZrsvYG4PnDi9p5O9zX1-bYuew1xtCt1WHIoUOQfKi1hHi1ZL2APzFWYJTsIazPipKhgXCBQWvWrSt8FTyQhg7cLOJprMGdCBZkMFvyi1_JmsfYl2A0bClLHwH1N15b5VeSQsJEQDxkb6dnUMZYU5-v-Vdd363pcvaqUDFSGvvM-4yicReJtN1LYCwsSR8bystvDrmJDqZtYdaII5-zgDVJrvFjynNFWd1H40tOiW5sWtfgHDtY1XPcKfVAjLah3pl-7Ix4Mkx_P3uNxaSPK5W7T1nVeysqe5B42Vb05OdEN0UvCxHJWn0-YI1fISjYHk7mnN5s24myurTXRvgo2yTOKwCQI6FcOCvsqmoW6RyTfshnxV1KUwD2VBAUxauU52ALm_ZwoUrfFWfgsVhKZLhS1X3bFfp7IMcmgzJ-JkmUsDRw1hE4-FGgcOjyWHOnFhdpOsQvqu0rOLtQeRJ-Frbum2vMOhln_tr2rlk8KMWf_ddZjzIcjLGs1A2uhyjJEAm8UIEG7CSvhIgM4oCclV1qFwdWcc_U-TUNZZde5g9Nn92acjn8ruBHn0Yfew6_yNo8ohvOiTEjfvqjsqlVZOVTwiqR2IQNDD7ed2rOX5iEKE1EdzDx4uHIppuBe1_TAUTokOZ3yEklBw5tTP-J5zwLj6o8lODgISwf7-DMbZXKqZJE_Mrk7uGnao8IU9noD9vZbROsXBhTmBEQH_cwJG7H2Gu_viJCGs9VBSdlY
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7991 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=2727461949966619&bg=!4OOl46fNAAZQLpa_UC47ACkAdvg8WlotYXC7oa7HVmtQ8egJfYvAXEUMtEKD0nHRpJ61KZDjDufvZwIAAAKtUgAAAIloAQcKAIgGhc5MsUtvSTQxHrBNul-CvgLFlwxNgd4NWknjDJOFnvbzlqtEJNnOOoc2AHo0BLHrc92ga3-NnDQc6xoktBkn8BlHFwG1PhP7g5FUQuLIhTSoOOGLtjMTuOAMCUpUGcITuB7SpReuE2F_Ux4HnrHbsyERCTziOwEjpoKEFWmunYxumNsr9YXCmQJ_elbL6DX5Xy7OGVRpH2b8d_HYkriDoaXkDTOxRHvGf4_Pf7xmS1WSpbOuLb6e_yF_UqQHvW2fObstFT1DUcIpnMzYS32h0qe3ecHmyBmriBFHyLpxttZ-zf4biN8xW71PrWqHxtezugCEFt5OPSGt8V4Tq-nwa7ikeC1eZxy_wyZRGaSJW4bWzqXeA5m8CpUpXhf3hRv_VViuwvYZNkZtYAUMWcxLTCPO6ke3WkCeESGeYF0WWhRo7X4YRwzzudHkwpopqPqkrRtT5BjYcx4rxsVv3YpjVuw4-0B-2AAppYAqtIoXeyWfnEh6qi2MKJmCRfMa92zDieqHq3Xg4gSPgadAZIdzTfiVygBKqLgGYHTMZTiLN0XeaK6-8fOZWQ6gAgRvYGV9PDksUUbbik2JFaGMfR_o-Pcj-EWjdIpcfyduCqmMrZmpJi6s3jg08BzY5ABJnKNBXjBvl0cq2ecImS-MEoN1BXjn_VDMci9eOFeUkaOfInousvMwiJKPoTD4-jWBNfscfUJu0NCHy2N6QLQ9Lwf-ZSSI6pVlHt1bXuLGYjbqxX8aNaS6KKIK_H6s3siu0evCZqrCBw2hJaSFQWceGtZ8LSKBiQlo8K-PGkTnTk409nReLS3yxWDOze5gWogBDxNeWUuLw0qLSp-X73cK71vnTouLh4adnvZv5ZqAI5E6plLOZSygttBOrEgMN8Cjq2Bi_noufmcwXZNkvB-eFvJqFa4GKgawDWvtkmvZlMxnk31L6fq1rBkDylhGvtY9qNU5d9P-4JD_8I8iVtVtJ5jZffq9TlBk2EQPf25zRJwPXg7i043oPdl6OYdQTm3tiJfO84md1AMe10tV
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clouds.png
s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/ Frame 3C9D 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/clouds.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98dd7aa8984ebae70843fb97a1d958ff8d078ffe67a1da01599e1d073cf1ca8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:02:53 GMT
x-content-type-options
nosniff
age
4036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107570
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 01:00:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 05:02:53 GMT
auction_multi
am-0.moevideo.biz/ssp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.218 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f57.moevideo.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 26 Nov 2021 06:10:09 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
auction_multi
am-0.moevideo.biz/ssp/ Frame 265F 		2 B
472 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1745/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.218 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f57.moevideo.net
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://moevideo.biz/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:09 GMT
X-Balancer-Name
f57
Last-Modified
Fri, 26 Nov 2021 06:10:09 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://moevideo.biz
X-B-Name
f57
Cache-Control
no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
Thu, 19 Feb 1998 13:24:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EF47 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT6WJAJrLbVlPljOVWU2mAZp1xMdVmo9Ne28UL_9jaWsI-o1Ekj1gBz5ekKStKHdyjA0ICCqUxFaE8hF94mEexcNTNgMkttKHdiRV2yX0rOERlkec_mg&sai=AMfl-YQzc1gcu3DfwfXOyK7kTO7jhb0lkxZq6KxBBJKrRjh9Zy9etAL0YM2cqu1a-UqU2d-_v4TfmeeqCfnX-YXkrSkmnEiGu6-AAg8AGEQWegIUeQUWveHKUGpo47UcQKM&sig=Cg0ArKJSzNoyo4uHbO1WEAE&cid=CAASFeRo_Ibzyc9iQtiTgp5Hn32wuMvaFw&id=lidar2&mcvt=1051&p=166,315,416,1285&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=428226366&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637907006723&rpt=829&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 265F 		363 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ Frame 265F 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4142
date
Fri, 26 Nov 2021 05:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 26 Nov 2021 07:01:07 GMT
ads-async.js
ad.mail.ru/static/ Frame 265F 		185 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2696&slot=content&api=2.0&ref=rg.ru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:09 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
189564
Expires
Fri, 26 Nov 2021 06:20:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E828 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=988008847758990&bg=!n5ylnNjNAAZQLpa_UC47ACkAdvg8Wu1OGQOonCpUr66kISh07LMJTc-wIuRYwAHep8t3Aus47e2RXAIAAAMGUgAAAGZoAQeZAoRm0eLj6ighHu5664fT_dmVXXZuhr9Skgkb7GW4-IATHhU0dPEYcmvdkADpacc1Bye8cH_CnPdP1UbW87_9NUsnRAhthdq_I6s4LRQgJfGwuLiYfGofou4Mvgx5a7Re_I38kVQ-FtjUB_pDKyfmINZNVPW8P99BxisF-g0FDRpBuxVenV52MXj95ZSFgetGVYFpLyulxJiYsqq3tiFdopJBaXqshNpmxEwxkbiVz40ZAJerH2QxiMyDPL4KkxMLYm-64j1MH0ERK-iOF_kTogrsvFrAYMOM33xel4eM70sMcnTWfhkK-wnlKUClRW9rStYm4RdoUMeGcTOgoUDosDLGJjX7Nwr9awwKOT7OJS-ckmdY6lB9oSITfVTac1Ie0H0mrxVELxfyuRppIlGhv-xzCqSw8vmRZUzGN0H-ptJrlOKX-Q6IVw5BTPRt552bPYTQlijdwNXT3NyWR4kHK-vgAckGNG_27jgfFaMe00n0uyLtXvNSFljQIOTK4-m0e6TN4F9-Xy7vTY638SymMxQN1cJ0oGB-3Ao1SwfrQ5vHmgaI50bF0ukfcXtR_rVOodmbkOd0KNXal-THmyLrn8sSK4e9novy6K3zytZBw9HYgaW2lPuQEl1r-oWajTSRRvtn6UhKToIzhMZzo6HdhncHMR65AQ40-rdevoJ0uj4i9OYj-EVafeVNw9JRedheBD0K3stx5LH4olqZbiL59PO2GyvjZeTQXqnKuxlagQZaE6iQaRf1Re9_e9QYcCjy6yJx2vAbmMhQugXoG_fS6vDEKagkY-9Y46svgJAhmbm4uAdSJA9WABJ5SWJoVvVrJCVgG-8G1ZvfNFuafA40oYynLFEmvw
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
storage.html
moe.video/ Frame 8029 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1745/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.54 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f51.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 26 Nov 2021 06:10:09 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 24 Nov 2021 07:12:19 GMT
ETag
W/"619de5d3-4783"
X-My-Name
s9
X-My-Reqtime
0.093
X-B-Name
f51
Content-Encoding
gzip
storage.html
moe.video/ Frame 2A42 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1745/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.54 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f51.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Fri, 26 Nov 2021 06:10:09 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 24 Nov 2021 07:12:21 GMT
ETag
W/"619de5d5-4783"
X-My-Name
s13
X-My-Reqtime
0.089
X-B-Name
f51
Content-Encoding
gzip
cta.png
s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/ Frame 3C9D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/cta.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae95cdf7c42e415dfa88cd874a6f24e0722a23977b43a0fabfcd93ffa1fde4e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:02:53 GMT
x-content-type-options
nosniff
age
4036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12857
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 01:00:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 05:02:53 GMT
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame EF8B 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Tue, 23 Nov 2021 05:05:22 GMT
expires
Wed, 23 Nov 2022 05:05:22 GMT
last-modified
Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
263087
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame DC4C 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 06:10:09 GMT
integrator.js
adservice.google.com/adsid/ Frame DC4C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame E920 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Tue, 23 Nov 2021 05:05:22 GMT
expires
Wed, 23 Nov 2022 05:05:22 GMT
last-modified
Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
263087
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame C969 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 06:10:09 GMT
integrator.js
adservice.google.com/adsid/ Frame C969 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
fixed.png
s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/ Frame 3C9D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/fixed.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad630d1d137701ad49ca03183f107f056148e4c3ae852aff4e029189bcb80b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:02:53 GMT
x-content-type-options
nosniff
age
4036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13348
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 01:00:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 05:02:53 GMT
4430
ad.mail.ru/vast/ Frame 265F 		59 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/4430?puid1=1439&puid3=12&puid12=1&puid2=342881
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1745/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2DF8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 26 Nov 2021 06:49:13 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0CBF 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 26 Nov 2021 06:49:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ABAA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Buc-ePnqgYc2XK4j4gAf3i6CwAgAAAAA4AeAEAg&bg=!0tGl0ZXNAAZQLpa_UC47ACkAdvg8WrQscLBf-9UDClCjsT6Wani1lo0QGUcsmF2o4jgNAp-IJ8xNowIAAAIPUgAAAIloAQcKAJbiQInUPAIGH2ckNezDURP39Ma2cp3fvCXURE2rK4CahOgt-VEi6Tp-AX9o6mzhCag_ZMiiHCajof4T4EHAyTeZtcbv20FGHhXDNguetlxjS4GkSIRc79wVSWsm6oQPA08RijSLmVDWH1JvrT9wN0FMsNYay5c4gb-XDXJ6ZsKg9W1f7cRHGKNpOIWmN8K7xaF51P3eSGmZAsq5u2m9NKeOSUYBzmiBp_zJTRBozAc84CrxN5SCr0py8zyulhhtWQJfXsvHtZCB6TovuBzrGlVaNsKyWuDMA6HUWD8WURdTW6zCM2IhbBNmJuLJtjP-9aGdE-oBu6qZha01d3EDG7UmwlVLq09BBvP_nWe-B0E0xylAdpNGaSQDtL-dnoZnpHgeewlVzttA2bzL-WIctdIGeWaTBEyVb8bbOhQuBz82KPkmPzaIBy_qgf-aPyLntU6WCKRyr_yl0SePt9S5T9pH_9kM_I72gpTLvO3o4-a6H9kxyuVu1AAXWrdM06dl1GXAYfj_Wad5oOWjx9eBQXUVgOz8dDaqmU8z0UV58gb6Np5uOx7vGv6OAzjUImFk2gQt_ynu6USAkt1YdWAvUvU8a9nPVMx6n7Y6DZ3c7wamsUAtLkhUYwx2mpXXreAyZbOfRSs_d5HVGy48rVhlJLyBFKu0AJjNcHvExvdisOupwSxeqaWnzh4XZXfTAS3QSGuk24auYmbMOt75fVkQJiJL036G2dwHh7ayrAgvA-cJbAsEAuXlKr-e0tNAdocwdAReTiy_9qH19KTCZ23GV1xDvb4kD60Oqj22Lcmv3lvSlSVPyXxpYYrqWsl5VRSV1AkpI6Zhu-qBm_NURptBV_Jj4s17xn-FOnyqMU81WeyM9pRID8v8ClBw_aG1Gr0pb4_U50TBjoL1O57QBtPwVeY7p0lFmGxxAFqp-wL9nxweeZoHWEkpZw5udMDvm_ym7hGz-JxXuifvnqhyfuoS4it69oYmSOPcrzEw8edB6EL6h8ASwIRsp37C-r2tIcN0KuS5SKf-OW33P-NUj1SQkxY86fhgOtcquSLuAXn_I_hDkEnZRB__yZpfFjQjgRvpGSKEP5ph0-f7Obh_upyQc7mzKNv632qThmdfAvb4dn0F0h4dk34HzmxIGXBioW1-9YoZbkA
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
txt01.png
s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/ Frame 3C9D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/txt01.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8ee8ca7c61b06547dc1d69cffd2ba3704a116e2dbd9d258ad39fa9de617c349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:02:53 GMT
x-content-type-options
nosniff
age
4036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1751
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 01:00:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 05:02:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2798 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6-3CP3qgYbvoIrHC7_UPrPixgAgAAAAAOAHgBAI&bg=!1dal1pLNAAZQLpa_UC47ACkAdvg8WkD7DLUeleI6bhOP4LsD3QxpeK8lJOWtZshWWp9SvK5d-ptWJwIAAAHvUgAAAFZoAQeZAw9js4Ih-SiRNr42Xj-fYFvzAAgjss55CTOt4Z05zEfqju7S8Lyu-k-jjqKyW505n6unmuETgu3GTVimePIBzpLcBCPcrhXEu-QhjcwFPyDimtfJhAUM8vxmEtFwuIzN1GOLejwJhzc5B8MrxOZXpX_0N1umvanrNUcH2iUDcEODG4VW2mXQM4QUDVT2ref7krDcJVdrCnPpIL4-SRXCs1aH0jgCX5Pq8XkIsXsxN4Y28kbCJ6fyCSJnm6otlGB01t6TUSX2sabwz5xyP1bTwOSfMHCqNwMeFE3cwLYu-a4w0qu7nV5j9q1-e-pkjfHzi9JcA7kluYgOP59zBCAewzGiwjG0zCsV0xL53N0ZLyWB0bzxKQVTpn03vqLrDRNbOVqMm33il4M6qkACg-nLq3FCo3BoH-ChszzfxAu0IqC12VOtlL75yFi2iHjp2RVCwwhGscq_KxVm5tWPJBcxoHPBp9pdtZikz2YWYlGVpJ3fyAQzxYhb1ZEWqdwZnMYGUO4Rv6ZD558BHcqTPQgbxnR04qpgMgN667tGVpcKegfLEoAeDLtQbtxjXHiPIVbW5KpBbeCEBY4pmoQZa2WgF0Nkf4EOSsIHHHLXOelyiAnqgxI_ucsAC-U-RY_MZYYLV-9TckxZvjonSpnqomd4_tng7qrPGKZZ0o__8hgrGOl7Y4D-B0Z1IULSvBtgyihkVrQa5qstMn2LQl33GWHme17qgfnRfbShWw9kgsk31x5MyTCplJ088o45k4IPxcIvCL3BirFAQ5xgbHbEhudkua-5x04MwVwI9W1MUfOb_ocwnhldQCB2BdhhWqqrFg7DvHMWGRnJ9GenpvwBtwNo_uTe0SaIXtLgkMvSiW-7cJUuL9jiMsyPHKWnVMrH_49TR7A0Qk_kFer0gXHWLTmyIKRgZN-9cjtuCuE7griKppQnvrJquSHUVnBkuwEIb-lfIWAOD96uCYWWdhp756T0Y2hiCV-iq4WQFHIodFeJr9NHd81Ozn11Jn9mNOOAwz-w8pL5_CGqZL9SlRHpJNCd3ck
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
txt02.png
s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/ Frame 3C9D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/images/txt02.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afe6f28326b78ef3bc413d8feedffc464b280c6111b4ae6649d12f8da7a4c66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1184342033310958829/Billboard/Billboard.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:02:53 GMT
x-content-type-options
nosniff
age
4036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3405
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 01:00:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 26 Nov 2022 05:02:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC72 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvgrgP3qgYc32I7i07_UPt96I8A4AAAAAOAHgBAI&bg=!pqWlpeHNAAZQLpa_UC47ACkAdvg8WiP43taz9VS9rvG2mgJhQdI7TdyXmRBJqSAheabPFBxl8qS1kgIAAAH0UgAAADNoAQcKALBVXgxmiNVobjAKESJ-xNdPoZ_VmfrjU6E0MKJIZ9ydBAgtEHiE6jl23TZcYEXYK13qNZc3edLepOBJbh_F8YmIyfvmdQxNqkdu-1RMjFTttnPtN1DDEtOJiFsndBnHknAMS27ZA9A69KcdwFLESRpMU-lC0HexPBDx-_fBGC0tFWLsf2yqze-4oo_Tc0RMtpIpqTx89KdRIXyFIlxDP-CkO886idD74E9JD1Eehml7zJkCyBM5tt_UVCa9dmI6-Qm_wT9EyHVbL7qKbOjXc30iki5U-naYa4ZneVB7QD47srCLJIOtyTykwYax0LY_ZP9YW947NALrnhPqbM4HjeXYqYzeUbFLlE5Phh_gKhlQe--aYdv1vlzg405icHkiskB86_fDitjkVweSMI4XaDI-C--DEZEjhyyEi5TFDOzNqZST0P1-6QhJpLeCap2lEUahPDoFi5oCEKBb5UvPHp3B7-jQOaYeX4mprYrRX00YFIZxqOsRlZ4VAFgkRoryuckDoISdF4dcDwu2jB3cs3HbIMlhqVcnbc2vFytRLiOeSexeFNI9vt1VgXhX7XxacHz8fyyVFbx20f5YZ07ql9GZSCNeKOm-s6PR5XOAzWTkmp5hn-4FqPXv8ehlZAYlR_obmTtiwT7WKC8By4ZFbG8_jbDQN7iuP5eSVHJAaPasI8q40P-Do7tkqKJsY-xfeMWwQLedhURS7x5R8GPkcb5HjS4dxBsima5cCRKswumaVdpgD7v6kmHhsoqCFCfgVxXU8keI0yZzlAcgw_zF01VqhH-70NHdX14AaDAAUr5KrU4sNuLKk7ADidlEvDOzEOQiHl-_eXGc3W0BXm66IMaTBg8OGvt6Xf9kIwSExJ1y1XkDWwlcJAxDl-8Ba5X_DsioKXHP_VvKratGPsvg_S0yzUI3tmXg-THJpfHJBve4adWFo9YLBWBU0sE4sXAxIVHrUTI-MqgIYUpHeQgTHQ_0RKdxNJIkF4QooffUSojZRerLgJafctxUfv3amz2OO8nsmcFkwFMbCXT9tjDFdKFKLaHQLll_k5xwQ82-j41DFmWC8276u_nnCeqJO7ploN9h0tw7sZjWUYQp32VEMnJTGiAgYO0xxBstDQTDBnLcC4N61kieSc1gTlURIDQ5G-ZQVkzzytlTmKtENOL1SvZRmw3NerYN6GhHNLY
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vkAuth.html
ad.mail.ru/dist/ Frame E4CF 		0
0
/
ad.mail.ru/adq/ Frame 265F 		0
0
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmn&hash=988a96cb1b82c84e&duid=1637907004608927935&pxo=54dDASc59tRXgaORfaq9_04I3kyWD-R9AhEyVoBZqsvko7zlT-9CcZLB_0kBwWKpm6HokDFJAPnBu7W4iIsZAen9lsGTWhalCEF4DcTYXR0yjPN3s6D2nN6yfP9Cns7o8gmjDbEi02DNATeH5mpBGSN3l4m2y6XXdf1JJMLjEKHdq-FRW_4%3D&p5=gdhai&rand=fiksbuj&sj=aKkj2ZEr38VOPq_VG4muLzxKLsi1NdSIp_IZRlv9L2w5SWKtIT9tj6KaEFqW2Q%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bzqke&rqs=PPahGs_-5Fw9eqBhMxYW9qOLeOkC2ndH&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:09 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=41963574573
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:09 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:09 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ 		11 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:09 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
10802
content-length
31
expires
-1
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:08 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:09 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 21 Nov 2022 06:10:09 GMT
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:09 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 21 Nov 2022 06:10:09 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A09.298%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=910527374&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=yabs.NzIwNTc2MDUzNzc4NjYwMDYKNzIwNTc2MDQ2MTU5NjA2NTgKNzIwNTc2MDUxNzQ3MDA0NDY%3D&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1120%2C%22top%22%3A2670%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A20%2C%22ad_no%22%3A17%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=600&pp=vsn&screenType=desktop%20desktopFull&services=%5Bobject%20Object%5D&pk=nomoevideo&p2=fjgg&ps=cgiu&slotNumber=27&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6OTAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNTAwNzEyIn0seyJjYW1wYWlnbl9pZCI6ODc0Njk4LCJyZXNwb25zZV90aW1lIjoxNDQsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI3MzI0ODUifSx7ImNhbXBhaWduX2lkIjo5OTg0NzQsInJlc3BvbnNlX3RpbWUiOjE0NSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjQzOnJnXzMwMNGFNjAwIn0seyJjYW1wYWlnbl9pZCI6ODczOTgxLCJyZXNwb25zZV90aW1lIjoxNDUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyOTQ4MzA5In0seyJjYW1wYWlnbl9pZCI6MTM1MjEzMywicmVzcG9uc2VfdGltZSI6MTM0LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiZGlOVEYwTUlPSW5Rc0pRcTV6QTIifSx7ImNhbXBhaWduX2lkIjoxNTk3MzQ2LCJyZXNwb25zZV90aW1lIjoxNDUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2MDViZGNiMDNkNWEyZGFiMjRkNmE1OGIifV0%3D&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
872246c7d6deb504f99c864548e57d2f516ba5fc0556e77e40287ac089d00d6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907009866545-847040507963702788900243-production-app-host-vla-pcode-116
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:10 GMT
/
onetag-sys.com/usync/ Frame 6C2A 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=59b3de82-cb25-534a-b279-9971d3d9e34d&CACHEBUSTER=740372
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
ads
pubads.g.doubleclick.net/gampad/ Frame EF8B 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21683059350%2Fviaaplads%2Fvast_075&description_url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3253578238457751&vpa=auto&vpmute=1&sdkv=h.3.489.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&adk=1678073526&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Frg.ru%2F19d468db-25f4-4964-a4f1-4e21cc28bdfe&sid=84685542-2A42-421E-B909-9B61A9B2E26D&nel=0&eid=44725356%2C44750821&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&dt=1637907009330&cookie=ID%3D405a5082a0807474-22cbe16702cc009d%3AT%3D1637907006%3AS%3DALNI_Makt2Nv5NHwcvfz1NtBnJzqH4vJcQ&scor=1887385313702431&ged=ve4_td1_tt0_pd1_la1000_er1852.415.2006.715_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E920 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C22500435788%2Fca-video-pub-4090704406626496-tag%2Fviads.rg.ru&description_url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=277416110737413&vpa=auto&vpmute=1&sdkv=h.3.489.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&adk=3977316513&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Frg.ru%2F19d468db-25f4-4964-a4f1-4e21cc28bdfe&sid=938A871D-408B-4D7D-B63A-CCF7FA68B9A4&nel=0&eid=21064201%2C44737473&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&dt=1637907009336&cookie=ID%3D405a5082a0807474-22cbe16702cc009d%3AT%3D1637907006%3AS%3DALNI_Makt2Nv5NHwcvfz1NtBnJzqH4vJcQ&scor=2593417784671082&ged=ve4_td1_tt0_pd1_la1000_er1852.415.2006.715_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9b384e7d43b60407a175a2b82b5e73a6393622e1079685c9ad4b61f54aee02d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7228
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vpaid-ssp.min.js
cdn-rtb.sape.ru/js/vast/ Frame 9589 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-rtb.sape.ru/js/vast/vpaid-ssp.min.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
asrv233.qwarta.ru
Software
openresty /
Resource Hash
a16e5102908cbb3fa1300e289c071e33edc1cfa3443ef2293c81a1e36f428d7b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"f13f6a374f2c33622876792857cdbbbf"
x-amz-request-id
16BA2D13231F38AA
x-cache-status
HIT
content-length
17355
x-xss-protection
1; mode=block
last-modified
Mon, 13 Sep 2021 14:27:45 GMT
server
openresty
date
Fri, 26 Nov 2021 06:10:10 GMT
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Fri, 26 Nov 2021 07:10:10 GMT
453595
an.yandex.ru/meta/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/453595?target-ref=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=148485609357314&ad-session-id=6991771637907003995&target-id=16515828&tga-with-creatives=1&pcode-version=49422&pcodever=49422&flash-ver=0&available-width=656&available-height=369&skip-token=yabs.NzIwNTc2MDUzNzc4NjYwMDYKNzIwNTc2MDQ2MTU5NjA2NTgKNzIwNTc2MDUxNzQ3MDA0NDY%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A656%2C%22h%22%3A369%2C%22width%22%3A656%2C%22height%22%3A369%2C%22visible%22%3A0%2C%22left%22%3A415%2C%22top%22%3A1852%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A3%2C%22req_no%22%3A0%7D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&uniformat=true&callback=Ya%5B9412287032341%5D
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
14bb9a281eb7801192a0228d1b5b55753ffdf0a3a6d772b5a6dc1644d8b0ae1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907010060119-1671336366963097006600243-production-app-host-vla-pcode-116
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:10 GMT
59b3de82-cb25-534a-b279-9971d3d9e34d
an.yandex.ru/mapuid/betweendigitalis/ Frame FEDF
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F59b3de82-cb25-534a-b279-9971d3d9e34d
  • https://an.yandex.ru/mapuid/betweendigitalis/59b3de82-cb25-534a-b279-9971d3d9e34d
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/59b3de82-cb25-534a-b279-9971d3d9e34d
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:10 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/59b3de82-cb25-534a-b279-9971d3d9e34d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
seedr-player.min.js
cdn01.nativeroll.tv/js/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/seedr-player.min.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6c8f12934769d44db458b48918c6a3b8d77a808fc280eb0dd849edebdc637398

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
server
nginx
etag
W/"6197b962-5e3a"
vary
Accept-Encoding
x-cached-since
2021-11-26T05:27:39+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Fri, 19 Nov 2021 17:21:58 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=8e0433390d6afda2&duid=1637907004608927935&p5=hygmd&rand=edrmduc&sj=cSflL8aimfgker7YnujO36-CEtkZ_W-wQyI2e60afP1jbC32uocNftAwZ2UttQ%3D%3D&ad-session-id=6991771637907003995&lts=fhwfzjl&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=chfiz&rqs=POaighaSwEhBeqBhmUkrh4qZvwgFaxFq&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
/
www.acint.net/mc/ Frame C1DE
Redirect Chain
  • https://www.acint.net/mc/?dp=131
  • https://www.acint.net/mc/?dp=131&tc=1
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/mc/?dp=131&tc=1
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/vast/vpaid-ssp.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271137.aucourant.info
Software
openresty /
Resource Hash
c9106b1e9383d276785b8f325090d47bd39aca4392ee2b304ececbf16195a8fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

server
openresty
date
Fri, 26 Nov 2021 06:10:10 GMT
content-type
text/html
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding
gzip

Redirect headers

server
openresty
date
Fri, 26 Nov 2021 06:10:10 GMT
content-type
text/html
content-length
154
location
/mc/?dp=131&tc=1
watch.js
mc.yandex.ru/metrika/ 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
1f75b50975fa775ad330267def21c59c07e495ba35387ae3afe68b95da0114a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
br
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-b7aa"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47018
expires
Fri, 26 Nov 2021 07:10:10 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9589 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/vast/vpaid-ssp.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
expires
Fri, 26 Nov 2021 06:10:10 GMT
1
www.acint.net/pxl/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=16&id=117202.596179.162878571&sid=61a07a41-a353-f8kk-fqnf-que7bazo63i0&ref=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&r=1637907010
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271137.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
/
ssp-rtb.sape.ru/data/ Frame 9589 		21 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/data/?callback=sapeRTBreadResponse_117202&srtbid=117202&scids=162878571&sx=656&sy=369&u=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&allimps=1&fl=0&tz=%2B00%3A00&op=vast
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/vast/vpaid-ssp.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.82.143 Osterhofen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1325744.sapientru.net
Software
openresty /
Resource Hash
e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:10 GMT
Server
openresty
Access-Control-Allow-Methods
GET
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
21
Expires
Wed, 19 Apr 2000 11:43:00 GMT
advert.js
cdn01.seedr.com/js/ 		24 B
78 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.seedr.com/js/advert.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
360c6ce9cde0594ceacc3fb178293b41a9df002b66e4532f62fce02ab924df3b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Fri, 26 Nov 2021 06:10:09 GMT
last-modified
Mon, 26 Jul 2021 15:37:20 GMT
server
nginx
etag
"60fed6b0-18"
x-cached-since
2021-11-26T05:26:08+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
content-length
24
expires
Mon, 27 Sep 2021 18:20:09 GMT
sync
t.adx.opera.com/ Frame FEDF 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=59b3de82-cb25-534a-b279-9971d3d9e34d
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
453595
mc.yandex.ru/watch/ 		295 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/453595?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A3%3Adp%3A1%3Als%3A1046360830578%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601009%3Aet%3A1637907010%3Ac%3A1%3Arn%3A118155633%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637907000762%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637907010%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
59ea3c81d8242322a563cb906b6a466d874439201fa749d7cc18230b260d36c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Nov-2021 06:10:10 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
295
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:10 GMT
453595
an.yandex.ru/meta/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/453595?target-ref=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=148485609357314&ad-session-id=6991771637907003995&target-id=74673374&tga-with-creatives=1&pcode-version=49422&pcodever=49422&flash-ver=0&available-width=656&available-height=369&skip-token=yabs.NzIwNTc2MDUzNzc4NjYwMDYKNzIwNTc2MDQ2MTU5NjA2NTgKNzIwNTc2MDUxNzQ3MDA0NDY%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A656%2C%22h%22%3A369%2C%22width%22%3A656%2C%22height%22%3A369%2C%22visible%22%3A0%2C%22left%22%3A415%2C%22top%22%3A1852%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A3%2C%22req_no%22%3A1%7D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&uniformat=true&callback=Ya%5B6896291621976%5D
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
a6d4ebeb88e000c475937d484c0f4304d7e923f7e919bcca5106a4fed59f31c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907010280823-1291400665218769417600237-production-app-host-man-pcode-19
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:10 GMT
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame 82F5 		536 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9be7d0940cf4957dc46e3255b04c9f75ad8b5fc9eff048bfbf38e54b37ca9917

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
server
nginx
etag
W/"6197b962-85f40"
vary
Accept-Encoding
x-cached-since
2021-11-26T05:11:01+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Fri, 19 Nov 2021 17:08:38 GMT
1
mc.yandex.ru/watch/453595/ 		43 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/453595/1?page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afp%3A2563%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A3%3Adp%3A1%3Als%3A1046360830578%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601009%3Aet%3A1637907010%3Ac%3A1%3Arn%3A1032849831%3Arqn%3A1%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637907000762%3Ads%3A7%2C166%2C1777%2C74%2C1%2C0%2C%2C630%2C36%2C%2C%2C%2C3142%3Adsn%3A7%2C166%2C1777%2C73%2C0%2C0%2C%2C564%2C35%2C%2C%2C%2C3142%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637907010&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
last-modified
Fri, 26-Nov-2021 06:10:10 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:10 GMT
453595
mc.yandex.ru/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/453595?page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomb49rglz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A3%3Adp%3A1%3Als%3A1046360830578%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601009%3Aet%3A1637907010%3Ac%3A1%3Arn%3A427733130%3Arqn%3A2%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637907000762%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637907010%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
last-modified
Fri, 26-Nov-2021 06:10:10 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:10 GMT
71281900
mc.yandex.ru/watch/ 		331 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/71281900?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&site-info=%7B%22site_id%22%3A117202%2C%22srtb_domain%22%3A%22rg.ru%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljbr9v%3Afp%3A2563%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A4%3Adp%3A0%3Als%3A504540395806%3Ahid%3A264128214%3Az%3A0%3Ai%3A202111260601009%3Aet%3A1637907010%3Ac%3A1%3Arn%3A889046503%3Arqn%3A1%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637907000762%3Ads%3A7%2C166%2C1777%2C74%2C1%2C0%2C%2C630%2C36%2C%2C%2C%2C3142%3Adsn%3A7%2C166%2C1777%2C73%2C0%2C0%2C%2C564%2C35%2C%2C%2C%2C3142%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637907010%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
acf0c0b83e4d5c7f114e4fbd6d05830d4d12e40f8e7f502e8c3f031fa2436e05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Nov-2021 06:10:10 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:10 GMT
analytics.js
www.google-analytics.com/ Frame 82F5 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4143
date
Fri, 26 Nov 2021 05:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 26 Nov 2021 07:01:07 GMT
wamfactory_dpm.wildcard.min.js
cstatic.weborama.fr/js/wam/customers/ Frame 82F5 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1637907009840
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8DF3) /
Resource Hash
f116b3f716b35000be63c8696a5944572939d85bb21f97672a7eaa1405b543f7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 10:01:32 GMT
server
ECAcc (lha/8DF3)
age
331550
etag
"3372701235"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-type
text/javascript
content-length
5776
expires
Fri, 03 Dec 2021 06:10:10 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame AFE3 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Frg.ru
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fc75311bf80a77f040c7e159661eb5b716ab15938679e4c53570b80438e2f73f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

server
nginx
date
Fri, 26 Nov 2021 06:10:10 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
vary
Accept-Encoding
etag
W/"6197b962-1b7e"
cache
HIT
x-cached-since
2021-11-22T16:25:33+00:00
x-id
fr5-up-gc31
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 26 Nov 2021 06:10:10 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://rg.ru
x-id
fr5-up-gc29
hosts.json
cdn02.nativeroll.tv/player/ Frame 82F5 		301 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c

Request headers

cache-control
no-cache
Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 15:02:35 GMT
server
nginx
etag
W/"6037bc0b-12d"
x-cached-since
2021-11-23T09:55:34+00:00
content-type
application/json
access-control-allow-origin
https://rg.ru
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
css
fonts.googleapis.com/ Frame 82F5 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:700%7CNoto+Sans:400&subset=cyrillic,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c23814e7b238180ab5d0245f1aa2f19dac5cabfcb8400aee5055449116372cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 04:54:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 06:10:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 06:10:10 GMT
css
fonts.googleapis.com/ Frame 82F5 		8 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0fa17907e1c98d916e515dcaa207c77aab5846ad2b9417fdb95ff721fb00dbd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 06:10:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 06:10:10 GMT
css
fonts.googleapis.com/ Frame 82F5 		9 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba21fbb46af1680aa5753e8bb57d998f3b3a450b89b1497307a3852a82c3e01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 06:10:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 06:10:10 GMT
truncated
/ Frame 82F5 		72 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://rg.ru
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ Frame 82F5 		584 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b80334011e2b10cdb61cb145661e37e99f2b73402e99570e353ee5301c29fc5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 82F5 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0980c84f480a7ce75347815b0e8d7d523158ffa820a75f9aef79c4ead3a1868d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
bridge3.489.0_ru.html
imasdk.googleapis.com/js/core/ Frame 49A7 		581 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_ru.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fbc3131fbf7583bd17f40fd352ea0870275d92acfbd2b304397aa77686e6fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194980
date
Wed, 24 Nov 2021 16:30:43 GMT
expires
Thu, 24 Nov 2022 16:30:43 GMT
last-modified
Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
135567
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 9589 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 06:10:10 GMT
integrator.js
adservice.google.com/adsid/ Frame 9589 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
1
mc.yandex.ru/watch/71281900/ 		43 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/71281900/1?page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljbr9v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A4%3Adp%3A0%3Als%3A504540395806%3Ahid%3A264128214%3Az%3A0%3Ai%3A2021112606010010%3Aet%3A1637907010%3Ac%3A1%3Arn%3A65982393%3Arqn%3A2%3Au%3A1637907004608927935%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637907000762%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637907010&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
last-modified
Fri, 26-Nov-2021 06:10:10 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 06:10:10 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmq&hash=22b441e5d49753aa&duid=1637907004608927935&pxo=54dDASc59tRXgaORfaq9_04I3kyWD-R9AhEyVoBZqsvko7zlT-9CcZLB_0kBwWKpm6HokDFJAPnBu7W4iIsZAen9lsGTWhalCEF4DcTYXR0yjPN3s6D2nN6yfP9Cns7o8gmjDbEi02DNATeH5mpBGSN3l4m2y6XXdf1JJMLjEKHdq-FRW_4%3D&p5=gdhai&rand=imqsebo&sj=aKkj2ZEr38VOPq_VG4muLzxKLsi1NdSIp_IZRlv9L2w5SWKtIT9tj6KaEFqW2Q%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bzqke&rqs=PPahGs_-5Fw9eqBhMxYW9qOLeOkC2ndH&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmq&hash=3cbe30b7f53deb08&duid=1637907004608927935&pxo=I_DPdXmKnIROcqFgJTCV8G7CZNGihc9wkeNi-fyZ3PWzlGtnTbm-E4m03tm6fe_bxd5DAwWzoIyxuk705qbYNqzYKm_-ClMjYR0idUnPk6BuKW-lijvCO5Q-qArsQBznEfjCh45pL52Tb6rKMSd9g6zze92vRCNkikdMCSxUzRhUdWkRacY%3D&p5=gdhai&rand=hrbiilo&sj=7VRlxHjgurJTDZMx1d9nh3lDZBGcLjlfq3VAz3vE9IW1iLKo21FzO83rlvOfDA%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvneu&rqs=POaighaSwEg9eqBhpFG9YLbPJc4OCZv4&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmq&hash=5304b9bc7bd8a698&duid=1637907004608927935&pxo=IAm924wwL7uLi0fVMHOrcqGLLQUlhuSNW5Ys-_2HXhD2o1ynzpw8gwJTB6ZVKhnA8XV-nC2-WTd_QpjLkBz7ZUz96pQqW60PzcR6Evhk3IBTY_bG-I0lOf-fb-49sPz9SrI4tyvnVhWODDDAQ8osYC599FlirS-9NwMju3D_4I3YCsOcp9M%3D&p5=gdhai&rand=cogmkmm&sj=GrVsVdkOJ9U08ZYCWMqJY9MUXREsmfIEGwQhniX7Gl1BAQ04Tigui4jIUB3xOg%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435686000661&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvpww&rqs=POaighaSwEg9eqBh2COz6xqagxemaBrU&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmq&hash=314e710a1341fe18&duid=1637907004608927935&pxo=xDMYnMcop6_TUj4FbHnalWlNvp2l4IZ_V1ICVRgmOoBACgXrz2yUHDTnr8YJjo99qxNwzKBJfeV11zMhqxUxSsj-gIqmibjI1jmtZIJKDRHQLpZRKl6bmtL3DajZqpZ93Ok61HwY2_heeN-aktEV1Jv71ui4rS0WEy62eLQl54jpEN9Xz5o%3D&p5=gdhai&rand=lfsbtga&sj=_wr7lK1zx1UlgMJa3Zyy4Ly8kNkHLmne4CKLxeOinQth_v5QkhMMOoxtbgpWhw%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvobk&rqs=POaighaSwEg9eqBhPJj61zH5Id4yuY-l&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
vast
bid.g.doubleclick.net/dbm/ Frame E920 		28 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CDoeTOFyGTdMsWSFL8wemKJaiQJol33tFfW5ETf85JjQnrMcmHfoBUXpg1o4UFFywarbNd9osNuW2JUH5EycTNszp2jw&cry=1&dbm_d=AKAmf-CJfsjCzcBUozsuyU6aoynXk0X2jVIPxLqRUO_jSe09o2nTX1nDo6iZa2ZwDSDI4tGKBRZUB8vyIINq61q_u6KYcon1HGtiMfrJ4p0bScDA8Je6PKn82uxUqBSMDBzryf9GsBWfShxxBjugOJGD2CjF_eNNkUXh-WVWt6q3drGUC53VGsjiGBPI0dW6_zm7G40RwfDtQqOZkdb30T8LJtnz92muATkk8uVjs3X7XjkHRchmPdJaEGTyuoHNYHiEJ0k-bRyKTJuw5R8J-tdYj1hxAu5NHfw0i9ZqJmJILHhoMW06UzgMWMPxp-WJI82VFMAr91vUUCjxf6TpnN6_UBZjJk5tVxT-vBTi5L1ogtoPyM7kMACNjmzdT8F43L-V3CHSh1g89dIhlRc51GKBQ0phSN3RiChwJxs4_AXXWP_0_C7RFOm7K5DUZObm4YU-z_Tl1FG8jft-ZyNSwQJoaLnawMeohqsU5c5E7pPsjl8OlNou1nSPIbl2AfPaWsP0X8l4R1j7eabMB1Zie1AVAkVtA1C5JlC--4Qt4fUQ4-vaPTVvJkeFHvoMBHtDj53bGjabvDzZ1feBduHeRaNBb5lm0ZE-1-RneFWyhxIw0Tb2Q8w6rO2oVaDH4_0hfbhK3Y7Jwa-_O-RxrPQUOoqOfjBPg8VA5dhEaIgYOYWU1M5qpIA8peqfxlyjCZQe-mLV9V_pWNNCLEhvXAwMdY_5edQehpnhWNg73xS8QyF8ugLXj-1UxVcES929G8EhJQ-02R8p69pFKhrqzonVjsWoT2KR1Wnk9QbOcNDMRBW0v9QH_TPJ8hr1R82WGmgco0bcH6eCCnIVV7kRhkvJ-SXF1QllKa5Yx0DW74u43DoCFNwWt92GfI10JJFLUjFbb6XYPI9l8Od9pMbpQEkTKV6dISXtZrvEHti10aUOO6grvH7FHl4N9Id_aFnu0ePbOCyENShXrHZawcgPcwLBkK4N-XdKWtYItLAwQt7-3G9xZANEu8xgfXVNpLaB9P6ZjBHe_boGd5b8Io9ZJCIN7-tLmDpmArrBs57TD7krr2NFBvu--dJS2LxsSOpTqK6kdOOTAz1iwGKqT-Fbr4QcpAtO1snjMWQTGryOYtWsyjTuvWaUkIF238_tIcFzycrm2ZZCB22yWd_hzoqDJqANJ_bds_ObyRFb-Jo_jcpPeZIO2Ha7osd1iZJwpLjDl9awPUkHgPZZjQ-diaDGkKxGFu4ktJgaiyYJklFo90M8oxM9172So825zacz7qI_Lbp6_m4sWXszWVl6M6jt_JAuab_zbTBGvj1fMGjooBpPIqIHiB52oVv3efBMegG_Zaj9beMK7UAnBLybK--CR_Pyg2uheo6kLjjv_W2ntyJZ0zoBYuZc6BWq7UQNf11hWFfrUN5IoryLsLW7v3wkzdCNiYXWRh2l7VrCd0-gd7r0jCRT_IO4A1fBeslA5Fk8opVzauDjf8GPOz5v0x2sOwzOLQ7tPUoP1OQrTNVgbiJ9wAWpAGdzZ_QxnbUJ7MsJT9ES5zTSFP1h-17CBb4S1tzVDjeYQL6SBW6KpfEwcIJMs1mn_yfYXxp0rVsdwn1OLaExc3VFu1HJSe-aG26-WZvn1K0HWnPFkfJFNkNHbtt6Jx7kKVmyMyGZuCB6w-LDeWpfnlZclL7tHMlrgdX9N5083jJ9ag8eiiF_OQDrba9IgDMxVSNS94dEap08fd7zwZ1kEf4p9o2t3-BDlGonL4h-c9cs48rl3r-LSwsjeX4SHVeN4hOsn2_U8U4QX1xIVisR0lwo-qKzWcTx08DS7AvD4g2NbU5ER0nKwUFfxw9E4G9fJZGTrqrgZwM-J_9IZHnUDFek69ptgO7-i4o7B5oWydHvAGp79aj1CnfpEGQtHTJV_vteZeCYoP8PUZ26HXOeg6Wt2Cqr_isg75Fins_T8X_pgTWqqhm-QeBtv7MkKEesf3q6MRyUQFw3gAM1T1kWMJS5ZmBqkVfR9PNgsebTM_nrDslueoTxdfx6KdUev-gBgFl6_JMdM5zISGYGqBPd14kWV9V0waHv-Ng852uCD3M2pYE6l3Prw-nDROODtsOVVnKFujrqru0XdQqoZv4L59I96mrniet24OFARZRf-XTCDMjEBd4hxO6KB8h3nSDKm2ZZnpC1eN2izyoGHgLuZoO5_JkVe8cwZjOhyJbnsE0N0WUBMJhpghj4KikCrGwmYXP-AO3LTzpPfXkO4DrNidjLdl0ShNQ54vQku58exL50YKnPGdjlW7qYZ_r2PvN6yDocl9zxiNiX0IzsJBwic37BsZR7_RKCbf6lim4nSJqpMaHonZqD30Iy2-wSppbzLDrajSBB8tsy1cGjqfOLximTZDYz13US9nZ8mhE1-GRvrV7Tso9w1pwQ1FG77wMx1Ep8_TCsGCHVaSDcqSRXZpoacURFWWaAtoLUes_3mFkdS5r4J3UaTTvLY8g--X-duxMROzStfMXJVV9WN7eG2nZ0GCXO5WoS1BpFD_yMDpLxIw13zVcEzBWg0S00DRcz4qUB4UdRSsJAXwBuQdHGkr6k_z_QtdU0juVp6kISFHV-U_OWyc6eg5yVjfY22CCZYTY1rhBEzGieWHqNz2xDv0yb5UVfQWOK57zDLaCiArol92Enecq0RPqeaazidCdGgXdiX6TrSsMN5-UMQCvPLs1LIR-UYWayefV2L9bbANL9MHUw1J7AFnhbBqhFpvaNfDBb-rK-Wk_mynbCetI9bRBYoCAheBGWlqEbYb5XtwX1FbR9MT7lqJTkqA6FBc4SpmLINiEMWkU5i83E7GMTyAwAZzz7KWe2ouhGZHU_jTYcUj4orM8esEHS0RW2i2H3lyAExQno4FYC5VsI8P5a3XBmr5Wb-zeOWUwyKmPpbW3T-NJlMQlSmvtgv1p4RDaRthBxEpsDqmpDeEmfkRwFl9rKZPPrwAwWwi2aTN0vN4n__p3hfOVgA0DDDq1Hsq-oasDtWlHFNoc-owIEvJUSoBZ-jrBINnB5Quxo-bNPxvXa9wu-qmF3SRAjYgwicryspRbcsXd0p05ECEKvhw6jQ59L9GLXk6SED2lcAmtZCrWHHGhm29pI58ECVms-vdDLG3VFshb4VMEGNPkSifGTXmjBpgblu7JDP8SxEzWUffPNGFcv9UmPRcaK9XuCMoL_ta-8tU7w5WdskMqVgYEPZDkHgeep4l8C-KVbfvWurw6JHKErt8Fw3HzbCByHLrxKqFzMlcgUkUCXa4ddvRynQEHyWAZVC9sCIXwXuSraan7pO4an-0L9mv6rdWEbDnBy1telO0NFgWwwDskR0ZPQuUi4SOFeQOyPT5vhE2CuVY4xIzkpBYzrCQ2yhoSrxdPD24OnALS8gizF5itDSP5cXWBTvtHW8GkmVPgNjkV1kvI12cWic6JdX18Kli4Xsg__QnjvG8l-QyABtoPmZUE5ovlMOtIMBL5BfFyqQoQB0VPRdNoZogSUJhY-sAtZeHZ5qgxwg2QLSe1acDJaKloeKWCoyx3As3QxSOv2SW1hHWxSCaQ2RclpVPF8u0kKfUun75-DUqkcSJ4Q8CkAyX-t2vHLq3-IbS-TJbBzuHwI1MNFPk66AKrIww&cid=CAASEuRozqZjfd8GowmTJJ7LZueu7g&vpa=auto&vpmute=1&sdkv=h.3.489.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&adk=3977316513&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Frg.ru%2F19d468db-25f4-4964-a4f1-4e21cc28bdfe&sid=938A871D-408B-4D7D-B63A-CCF7FA68B9A4&nel=0&eid=21064201%2C44737473&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&dt=1637907010112&ged=ve4_td2_tt1_pd2_la2000_er1852.415.2006.715_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
6419bab4c5a5cea30716e110104e6e59ff637021c8777db7b0d8de34ea3d86d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14613
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ads.betweendigital.com/ Frame C1DE 		68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
match
acint.net/ Frame C1DE
Redirect Chain
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
  • https://acint.net/match?dp=14&euid=0100007F427AA0611800D92B023B9782
43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=14&euid=0100007F427AA0611800D92B023B9782
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date
Fri, 26 Nov 2021 06:10:10 GMT
Server
openresty
P3P
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location
https://acint.net/match?dp=14&euid=0100007F427AA0611800D92B023B9782
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
text/html
Content-Length
142
Expires
Wed, 19 Apr 2000 11:43:00 GMT
match
acint.net/ Frame C1DE
Redirect Chain
  • https://px.adhigh.net/p/cm/sape?u=0100007F427AA0619F04021F02B06930
  • https://acint.net/match?dp=17&euid=usLbcellYKCe.AikABlF9Wt1_QA
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=17&euid=usLbcellYKCe.AikABlF9Wt1_QA
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f1-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://acint.net/match?dp=17&euid=usLbcellYKCe.AikABlF9Wt1_QA
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm.gif
ad.mail.ru/ Frame C1DE 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=48&id=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:10 GMT
Last-Modified
Fri, 26 Nov 2021 06:10:10 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=21600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Fri, 26 Nov 2021 12:10:10 GMT
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame C1DE
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
  • https://www.acint.net/rmatch?dp=45&euid=AHRegIF2TTmeIn0mf66KH2Q&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F427AA0619F04021F02B06930
42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Server
81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad14.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

date
Fri, 26 Nov 2021 06:10:10 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F427AA0619F04021F02B06930
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
sync
a.utraff.com/ Frame C1DE 		0
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.utraff.com/sync?ssp=sape
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c0be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feoyBkN09bf7fK%2BxA30hAworFCi7KOtSfJ%2BMXyQMxXyjRU1X%2BlTxF0O6vZVDvr9lFyXxK7T3xttdwlVjYKjD698quzUtgRR%2Bd85xWmJI4EL8XqziOXGYy8lnWxXTWDD0MB8krO%2FO%2BwtDBA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
6b40f3c19ddf3749-MXP
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
/
sync.bumlam.com/ Frame C1DE
Redirect Chain
  • https://sync.republer.com/match?dsp=sape
  • https://sync.republer.com/match?dsp=sape&qset=1
  • https://sync.bumlam.com/?src=rp1&uid=9d442c0b-cd38-4941-8941-bcde7a536ada
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=rp1&uid=9d442c0b-cd38-4941-8941-bcde7a536ada
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Server
31.172.81.172 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:17:41 GMT
server
nginx
access-control-allow-origin
*
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
location
https://sync.bumlam.com/?src=rp1&uid=9d442c0b-cd38-4941-8941-bcde7a536ada
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
x-host
rssp3
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm-eu.hybrid.ai/ Frame C1DE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-eu.hybrid.ai/match?id=106&vid=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
513
x-xss-protection
1; mode=block
expires
-1
adcm.js
tag.digitaltarget.ru/ Frame C1DE 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/adcm.js
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:10 GMT
Last-Modified
Tue, 16 Nov 2021 09:48:08 GMT
Server
nginx
ETag
"61937e58-beb"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3051
sape
sync.dmp.otm-r.com/match/ Frame C1DE 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/sape?id=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.107 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.107.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Nov 2021 06:10:10 GMT
server
nginx/1.17.6
match
www.acint.net/ Frame C1DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf0J6oGGfBAIfArBpMA
  • https://www.acint.net/match?dp=77&euid=
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=77&euid=
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271137.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.acint.net/match?dp=77&euid=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adlmerge.com/merge_gpsid/ Frame C1DE
Redirect Chain
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F427AA0619F04021F02B06930
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F427AA0619F04021F02B06930
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

iseu
eu
server
nginx/1.16.0
date
Fri, 26 Nov 2021 06:10:11 GMT
content-type
image/gif

Redirect headers

location
//adlmerge.com/merge_gpsid/?sid=50&id=0100007F427AA0619F04021F02B06930
date
Fri, 26 Nov 2021 06:04:28 GMT
server
nginx
content-length
0
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame C1DE 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad14.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sprcs
relap.io/partners/ Frame C1DE 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/partners/sprcs?uid=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-server
back09
content-length
43
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
0.gif
x01.aidata.io/ Frame C1DE
Redirect Chain
  • https://adx.com.ru/sape-sync?uid=0100007F427AA0619F04021F02B06930
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=61a07a3ff0e015867d94ab7d&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61a07a3ff0e015867d94ab7d%2526r%253Dhttps%25253A...
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61a07a3ff0e015867d94ab7d%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61a07a3ff0...
  • https://prodmp.ru/yabbi.gif?uid=61a07a3ff0e015867d94ab7d&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D61a07a3ff0e015867d94ab7d%26dest%3D
  • https://x01.aidata.io/0.gif?pid=9712851&id=61a07a3ff0e015867d94ab7d&dest=
0
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=9712851&id=61a07a3ff0e015867d94ab7d&dest=
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Fri, 26 Nov 2021 06:10:10 GMT

Redirect headers

location
https://x01.aidata.io/0.gif?pid=9712851&id=61a07a3ff0e015867d94ab7d&dest=
date
Fri, 26 Nov 2021 06:10:11 GMT
access-control-allow-credentials
true
server
nginx
content-type
image/gif
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
sync.1dmp.io/ Frame C1DE 		35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-213-228.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0
match
www.acint.net/ Frame C1DE
Redirect Chain
  • https://sape-sync.rutarget.ru/sync
  • https://www.acint.net/match?dp=104&euid=OOb-B9bI6hFl
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=104&euid=OOb-B9bI6hFl
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271137.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location
https://www.acint.net/match?dp=104&euid=OOb-B9bI6hFl
Date
Fri, 26 Nov 2021 06:10:10 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
match
acint.net/ Frame C1DE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
  • https://acint.net/match?dp=107&euid=48d4807e-4c47-534a-8f44-d55ceee4af60
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=107&euid=48d4807e-4c47-534a-8f44-d55ceee4af60
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://acint.net/match?dp=107&euid=48d4807e-4c47-534a-8f44-d55ceee4af60
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
acint.net/ Frame C1DE
Redirect Chain
  • https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
  • https://acint.net/match?dp=110&euid=050c84141f294b11b300ecc278801d81
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=110&euid=050c84141f294b11b300ecc278801d81
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://acint.net/match?dp=110&euid=050c84141f294b11b300ecc278801d81
date
Fri, 26 Nov 2021 06:10:10 GMT
server
Kestrel
content-length
0
match
www.acint.net/ Frame C1DE
Redirect Chain
  • https://0100007f427aa0619f04021f02b06930-sp.ops.beeline.ru/p?ssp=sp&id=0100007F427AA0619F04021F02B06930
  • https://www.acint.net/match?dp=111&euid=38c84868-d1fe-46bd-a4c1-6a1591e4df8b
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=111&euid=38c84868-d1fe-46bd-a4c1-6a1591e4df8b
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271137.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date
Fri, 26 Nov 2021 06:10:10 GMT
x-route
http://upstream_cookiesync
server
nginx
location
https://www.acint.net/match?dp=111&euid=38c84868-d1fe-46bd-a4c1-6a1591e4df8b
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.36
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
matchspm
ut.rktch.com/ Frame C1DE
Redirect Chain
  • https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F427AA0619F04021F02B06930
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
  • https://ut.rktch.com/matchspm?pi=1000006&pui=I4jPe4gWdVO/6iZWsKBbOO&noredirect
88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchspm?pi=1000006&pui=I4jPe4gWdVO/6iZWsKBbOO&noredirect
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Server
89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d50603.reg.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
Server
nginx/1.18.0
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Content-Length
88

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 06:10:11 GMT
server
nginx/1.12.0
location
https://ut.rktch.com/matchspm?pi=1000006&pui=I4jPe4gWdVO/6iZWsKBbOO&noredirect
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
0.gif
x01.aidata.io/ Frame C1DE
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F427AA0619F04021F02B06930
  • https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F427AA0619F04021F02B06930
  • https://tech.rtb.mts.ru/?dsp_uid=9251fb2a-963b-4026-9860-f159e9d39aaf&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3...
  • https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
0
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Fri, 26 Nov 2021 06:10:10 GMT

Redirect headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
match
www.acint.net/ Frame C1DE
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
  • https://www.acint.net/match?dp=126&euid=cfa6ae27-0e17-4700-7e49-578f587154bb
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=126&euid=cfa6ae27-0e17-4700-7e49-578f587154bb
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271137.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://www.acint.net/match?dp=126&euid=cfa6ae27-0e17-4700-7e49-578f587154bb
date
Fri, 26 Nov 2021 06:10:10 GMT
server
nginx
content-length
115
serverid
TODO
content-type
text/html; charset=utf-8
match
www.acint.net/ Frame C1DE
Redirect Chain
  • https://s.uuidksinc.net/match/396/0100007F427AA0619F04021F02B06930
  • https://www.acint.net/match?dp=127&euid=HsOASYgJtSpEvso8KLl6
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=127&euid=HsOASYgJtSpEvso8KLl6
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271137.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://www.acint.net/match?dp=127&euid=HsOASYgJtSpEvso8KLl6
date
Fri, 26 Nov 2021 06:10:11 GMT
server
nginx/1.19.0
content-length
0
match
www.acint.net/ Frame C1DE
Redirect Chain
  • https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
  • https://www.acint.net/match?dp=129&euid=no6hpg57we
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=129&euid=no6hpg57we
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271137.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
server
nginx/1.14.0
access-control-allow-origin
*
surrogate-control
no-store
vary
Origin
location
https://www.acint.net/match?dp=129&euid=no6hpg57we
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-request-id
99cc639d-1665-4a42-9403-1af6d0bd577e
expires
0
userbind
match.new-programmatic.com/ Frame C1DE 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=sape&id=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 26 Nov 2021 06:10:11 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
0100007F427AA0619F04021F02B06930
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame C1DE 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
x6HQ5YD6RYay0-t16MPQ2A
an.yandex.ru/setud/mts_banner/ Frame C1DE
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F427AA0619F04021F02B06930
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=D6YpWSpK7WcfeZqUD%2BFAjw
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=D6YpWSpK7WcfeZqUD%2BFAjw
  • https://tech.rtb.mts.ru/?dsp_uid=c7a1d0e5-80fa-4586-b2d3-eb75e8c3d0d8&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fx6HQ5YD6RYay0-t16MPQ2A%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
  • https://an.yandex.ru/setud/mts_banner/x6HQ5YD6RYay0-t16MPQ2A?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DD6YpWSpK7WcfeZqUD%252BFAjw&sign=632206556
43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/x6HQ5YD6RYay0-t16MPQ2A?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DD6YpWSpK7WcfeZqUD%252BFAjw&sign=632206556
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:11 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:11 GMT

Redirect headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/x6HQ5YD6RYay0-t16MPQ2A?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DD6YpWSpK7WcfeZqUD%252BFAjw&sign=632206556
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
sync.bumlam.com/ Frame C1DE 		0
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=sap1&uid=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.172 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
0100007F427AA0619F04021F02B06930
an.yandex.ru/mapuid/sapeis/ Frame C1DE 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/sapeis/0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:10 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3C71 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 26 Nov 2021 06:49:13 GMT
frame.html
s3.advarkads.com/modules/match/ Frame F2ED 		187 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F427AA0619F04021F02B06930
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
content-type
text/html
cache-control
max-age=60
last-modified
Wed, 13 Oct 2021 12:55:49 GMT
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b40f3c1ab4d3756-MXP
content-encoding
gzip
sync.html
cstatic.weborama.fr/iframe/ Frame CDCE 		336 B
268 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637907010157
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1637907009840
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8DB2) /
Resource Hash
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
332288
cache-control
max-age=604800
content-type
text/html
date
Fri, 26 Nov 2021 06:10:10 GMT
etag
"282943589+gzip"
expires
Fri, 03 Dec 2021 06:10:10 GMT
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server
ECAcc (lha/8DB2)
vary
Accept-Encoding
x-cache
HIT
content-length
207
/
wf.frontend.weborama.fr/stream/ Frame 82F5 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22rg.ru%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Frg.ru%252F2021%252F11%252F25%252Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html%22%2C%22ref%22%3A%22%22%7D&d.r=1637907010157
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.223.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.223.244.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 06:10:10 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT
5e67440155299c49170bd360
statsa.nativeroll.tv/nr/aserver/group/ Frame 82F5 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsa.nativeroll.tv/nr/aserver/group/5e67440155299c49170bd360?event=visit&gid=5e67440155299c49170bd360&v=1.19.10&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&title=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&ref=&block_enabled=0&width=300&height=0&offset_px=0&offset_pct=5&lenght_px=0&cookie_enabled=1&t=2021-11-26T06%3A10%3A10&mode=outstream&data_saver=false&places=0&nr_f=MTYzNzkwNzAxMDIzNw%3D%3D&ancestor_origins=https%3A%2F%2Frg.ru&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=1017c9ae-89f8-4cf2-b6de-4fab45d6b0b9
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.137.232.40 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host40.seedr.ru
Software
nginx /
Resource Hash
266d26c45034edc39f4113daa71c0916e4602d34f74378c4871ff94a369a72d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:10 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
https://rg.ru
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
Content-Type, *
external_libs.v2.js
cstatic.weborama.fr/iframe/ Frame CDCE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637907010157
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lha/8D1A) /
Resource Hash
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637907010157
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
server
ECAcc (lha/8D1A)
age
335453
etag
"3142978827"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-type
text/javascript
content-length
3062
expires
Fri, 03 Dec 2021 06:10:10 GMT
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=16&id=117202.596179.162878571&sid=61a07a41-a353-f8kk-fqnf-que7bazo63i0&ref=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&r=1637907010
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271137.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:10 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
csi
csi.gstatic.com/ Frame E920 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwfzjksb&c=5222909505314&slotId=2611454752657&qqid=CMHIgIyvtfQCFXrBEQgdUgsClA&gqid=QXqgYZPONdPvgQe9-LfIBg&fb=ima_html5-lima&sdkv=h.3.489.0&ppt=viads%2Fhtml5&mrd=20&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=21064201%2C44737473&vmfc=15&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E920 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUYRMQXqgYYGkN_qCx_AP0paIoAnO78TbZv-26ODGD4nH_d8FEAEgyYubcmC7ts-D4AqgAYLArJEByAEFqAMByAMTmAQAqgSZAk_Q2xp9DbLlFD5_1jqYqxEYtgxrt8MENuHOZmwERltkMtZXSyr3WQZJ1Nt3vLm4WQCxt1dHLYbjEG31r7f9MyzTKRQVs0nsFH2HRQc3r7WqKoae4Q_ttJs9B6jzPgdPiZL3w8yHpwuad2MtG5bZAMsf_EoSznMBau_wpVMu2598GGUJd0gWqK1SesVcmq1eL1qUjjqMJobfaBCS0yYKHRNpOBh0scs6Mo9n7cgWolHWZKNtpwrOeMg-vuBTA2yHErZxkF63lAtsdCmd3FX8WNJhOeQOSACCnp6gwf_se6SJhdV7pa51HeUlmSfRd9I4QV_LHtwwnElkJph7VWGKHGS52-pSKalld1aB6jcSnH8UD23A5_c0Zi7dwASh-KXp3APgBAOQBgGgBnaAB-a_0-4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi03MjI4NjI4MDkxNTQ4NTU4gAoDyAsB4AsBgAwBsBPK9rEN0BMA2BMKiBSqBtgUAdAVAYAXAQ&sigh=fro6qsJSOmc&label=show_ad&acvw=&sdkv=h.3.489.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTcwMDU3NDcwODVA-wQKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEyMDg4NjMyCTE2MDQwMDkzNkDJAVIzCL8HEA8lAADoQSgBOgszODgwMDUxMTUtMUIER0RCTVAAWhBwQUpHQXg0eU9vZEFuT1g3GAE.
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame E920 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Cm9vZQXqgYYGkN_qCx_AP0paIoAnO78TbZv-26ODGD4nH_d8FEAEgyYubcmC7ts-D4AqgAYLArJEByAEFqAMBmAQAqgSWAk_Q2xp9DbLlFD5_1jqYqxEYtgxrt8MENuHOZmwERltkMtZXSyr3WQZJ1Nt3vLm4WQCxt1dHLYbjEG31r7f9MyzTKRQVs0nsFH2HRQc3r7WqKoae4Q_ttJs9B6jzPgdPiZL3w8yHpwuad2MtG5bZAMsf_EoSznMBau_wpVMu2598GGUJd0gWqK1SesVcmq1eL1qUjjqMJobfaBCS0yYKHRNpOBh0scs6Mo9n7cgWolHWZKNtpwrOeMg-vuBTA2yHErZxkF63lAtsdCmd3FX8WNJhOeQOSACCnp6gwaftscaB1z1JN0m2qdDOLU0f37nx6VI22NPNciZ6LCRxfHlW_rq2Jg6BPYd9zYcxgf6YTWs4F4g2S8LfwASh-KXp3APgBAOIBfaG3p45kgUGCAMQAxgDkgUGCBsQAxgDkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfmv9PuAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcLEJi3xQEY-_mBuQHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTcyMjg2MjgwOTE1NDg1NTiACgPICwGwE8r2sQ3IE4OW794D0BMA2BMKiBSqBtgUAdAVAYAXAbIXHgocCAASFHB1Yi00MDkwNzA0NDA2NjI2NDk2GIz0bg&sigh=OWqXhO12QXI&cmd=Ch1jYS12aWRlby1wdWItNDA5MDcwNDQwNjYyNjQ5NhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&cid=CAQSOwCNIrLMgKMkaribQ8WyYgL-ia6nQuX9Wk5Lhk2s9NV5nvYFt1IbcWiFdIJcjYKQu852ZsNfByDAG-Ek&vt=10&sdkv=h.3.489.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTcwMDU3NDcwODVA-wQKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEyMDg4NjMyCTE2MDQwMDkzNkDJAVIzCL8HEA8lAADoQSgBOgszODgwMDUxMTUtMUIER0RCTVAAWhBwQUpHQXg0eU9vZEFuT1g3GAE.
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
processor.js
tag.digitaltarget.ru/ Frame C1DE 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/processor.js?i=416888521916371
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
Last-Modified
Tue, 16 Nov 2021 09:48:09 GMT
Server
nginx
ETag
"61937e59-3cda"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15578
csi
csi.gstatic.com/ Frame C969 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kwfzjkg3&c=5222909505314&slotId=2611454752657&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
48
r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/6b887c4ae109b12a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669443010/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6b887c4ae109b12a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669443010/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/6b887c4ae109b12a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669443010/sparams/acao,ctier,expire,id,ip,ipbits,ita...
3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/6b887c4ae109b12a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669443010/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/285567BBC278C92AC81CBCB6957634ED02D8A563.48E9BF645A5800C590C7DDF547F7A5C663CCFDB2/key/cms1/cms_redirect/yes/mh/Oq/mip/2001:ac8:21:23:2d9::1/mm/42/mn/sn-aigzrn7z/ms/onc/mt/1637906682/mv/m/mvi/2/pl/48?cpn=pAJGAx4yOodAnOX7&file=file.mp4
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
2a00:1450:401f:4::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Oct 2021 12:56:07 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-4195035/4195036
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4195036
Expires
Fri, 26 Nov 2021 06:10:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/6b887c4ae109b12a/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669443010/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/285567BBC278C92AC81CBCB6957634ED02D8A563.48E9BF645A5800C590C7DDF547F7A5C663CCFDB2/key/cms1/cms_redirect/yes/mh/Oq/mip/2001:ac8:21:23:2d9::1/mm/42/mn/sn-aigzrn7z/ms/onc/mt/1637906682/mv/m/mvi/2/pl/48?cpn=pAJGAx4yOodAnOX7&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
676
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=16795114807
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:10 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:11 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ 		11 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:11 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
11502
content-length
31
expires
-1
frame.js
s3.advarkads.com/modules/match/ Frame F2ED 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.js
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F427AA0619F04021F02B06930
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1c07ef4846bac16c72d0ba01a5f3df8a7abdd985e9f0f9f408910f3a434e518

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F427AA0619F04021F02B06930
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 13:41:26 GMT
server
cloudflare
age
51
etag
"0878fa38e1d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
cf-ray
6b40f3c30d993756-MXP
content-length
7378
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 06:10:10 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 21 Nov 2022 06:10:11 GMT
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 21 Nov 2022 06:10:11 GMT
match
api.advarkads.com/api/statistic/ Frame F2ED 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F427AA0619F04021F02B06930
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F427AA0619F04021F02B06930
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.29.80 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.18.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s3.advarkads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 06:10:11 GMT
Server
nginx/1.18.0
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
-1
v2
an.yandex.ru/adfox/5906/getBulk/ 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T06%3A10%3A10.612%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=2434638634&pr=2502037459&prr=&pv=6&pw=5&extid_loader=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148435685869589&is-turbo=0&skip-token=yabs.NzIwNTc2MDUzNzc4NjYwMDYKNzIwNTc2MDQ2MTU5NjA2NTgKNzIwNTc2MDUxNzQ3MDA0NDY%3D&ad-session-id=6991771637907003995&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1120%2C%22top%22%3A2670%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A21%2C%22ad_no%22%3A18%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=600&pp=vsn&screenType=desktop%20desktopFull&services=%5Bobject%20Object%5D&pk=nonr&p2=fjgg&ps=cgiu&slotNumber=28&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6MzgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxNTAwNzEyIn0seyJjYW1wYWlnbl9pZCI6ODc0Njk4LCJyZXNwb25zZV90aW1lIjoxMDgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI3MzI0ODUifSx7ImNhbXBhaWduX2lkIjo5OTg0NzQsInJlc3BvbnNlX3RpbWUiOjEyNSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjQzOnJnXzMwMNGFNjAwIn0seyJjYW1wYWlnbl9pZCI6ODczOTgxLCJyZXNwb25zZV90aW1lIjoxMTUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyOTQ4MzA5In0seyJjYW1wYWlnbl9pZCI6MTM1MjEzMywicmVzcG9uc2VfdGltZSI6NjIsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiJkaU5URjBNSU9JblFzSlFxNXpBMiJ9LHsiY2FtcGFpZ25faWQiOjE1OTczNDYsInJlc3BvbnNlX3RpbWUiOjExMywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjYwNWJkY2IwM2Q1YTJkYWIyNGQ2YTU4YiJ9XQ%3D%3D&utf8=%E2%9C%93&duid=MTYzNzkwNzAwNDYwODkyNzkzNQ%3D%3D&pcode-test-ids=446723%2C0%2C25%3B426975%2C0%2C69%3B460723%2C0%2C75%3B452124%2C0%2C18%3B461570%2C0%2C13%3B460286%2C0%2C50%3B452184%2C0%2C34%3B456228%2C0%2C62%3B457740%2C0%2C93%3B457305%2C0%2C7%3B457474%2C0%2C2%3B400734%2C0%2C75%3B451371%2C0%2C23%3B456499%2C0%2C36%3B461829%2C0%2C56&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22446723%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461570%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461570%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22460286%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452184%22%7D%5D%2C%22REMOVE_HORIZONTAL_ALIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456228%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457740%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22400734%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22456499%22%7D%5D%2C%22ADFOX_RELOAD_IF_AD_WAS_SEEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22456499%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2249374%22%2C%22testId%22%3A%22461829%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=tBDgt2MrVIEMGN6sThmwRBHY8Ez97JmAcWyfdxx9K0ZBXGzSexXWAzTMfVTKtpyPmCYGHy0kHD91iV0aQhVDmD9s8bw%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
08253cee753658d9e49739cb2ae61cb99cde444cd5ee4d8fed2f08a1620dc8f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 06:10:11 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637907011178396-1449522412094502062600245-production-app-host-sas-pcode-169
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 06:10:11 GMT
i
dmg.digitaltarget.ru/1/1093/i/ Frame C1DE 		49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/1093/i/i?i=323751049923596.488453599448440&a=77&e=0100007F427AA0619F04021F02B06930&pref=https%3A%2F%2Frg.ru%2F&c=ss:77.up:0100007F427AA0619F04021F02B06930.sync:up.xdua:duzEsEGLiwYU6OwBuzGrGJzo.xps:xpsS1BjzKUCRyF2ZN29KYIPDd.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
5
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true
i
dmg.digitaltarget.ru/1/1093/i/ Frame C1DE 		49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/1093/i/i?i=323751049923596.92006914225863&a=77&e=0100007F427AA0619F04021F02B06930&pref=https%3A%2F%2Frg.ru%2F&c=ss:77.up:0100007F427AA0619F04021F02B06930.sync:up.xdua:duzEsEGLiwYU6OwBuzGrGJzo.xps:xpsS1BjzKUCRyF2ZN29KYIPDd.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 06:10:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
5
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E920 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUYRMQXqgYYGkN_qCx_AP0paIoAnO78TbZv-26ODGD4nH_d8FEAEgyYubcmC7ts-D4AqgAYLArJEByAEFqAMByAMTmAQAqgSZAk_Q2xp9DbLlFD5_1jqYqxEYtgxrt8MENuHOZmwERltkMtZXSyr3WQZJ1Nt3vLm4WQCxt1dHLYbjEG31r7f9MyzTKRQVs0nsFH2HRQc3r7WqKoae4Q_ttJs9B6jzPgdPiZL3w8yHpwuad2MtG5bZAMsf_EoSznMBau_wpVMu2598GGUJd0gWqK1SesVcmq1eL1qUjjqMJobfaBCS0yYKHRNpOBh0scs6Mo9n7cgWolHWZKNtpwrOeMg-vuBTA2yHErZxkF63lAtsdCmd3FX8WNJhOeQOSACCnp6gwf_se6SJhdV7pa51HeUlmSfRd9I4QV_LHtwwnElkJph7VWGKHGS52-pSKalld1aB6jcSnH8UD23A5_c0Zi7dwASh-KXp3APgBAOQBgGgBnaAB-a_0-4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi03MjI4NjI4MDkxNTQ4NTU4gAoDyAsB4AsBgAwBsBPK9rEN0BMA2BMKiBSqBtgUAdAVAYAXAQ&sigh=fro6qsJSOmc&label=video_ad_loaded&acvw=&sdkv=h.3.489.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTcwMDU3NDcwODVA-wQKbggBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEyMDg4NjMyCTE2MDQwMDkzNkDJAVIzCL8HEA8lAADoQSgBOgszODgwMDUxMTUtMUIER0RCTVAAWhBwQUpHQXg0eU9vZEFuT1g3GAE.
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame E920 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 23:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 23 Nov 2022 23:12:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E920 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame E920 		42 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=display&c=19&pli=1077259053&gdpr=&gdpr_consent=&adid=1085283028&pcp=$$${AUCTION_ID}$$&ord=${CACHEBUSTER}
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.18.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-18-238.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
image/gif
content-length
42
expires
Sun, 05-Jun-2005 22:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E920 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqNOhZA24s6dbfpwxJEByPgDFav3Y4gRArIKdBzsMO-1JBjcQVA2L-VxwZHbdq_pwkRzw62DfhOTs6qkRq2wEyYu9nfY4Ev89ZCb69d-qelN6oX1S8K3u0t1b0-vqt0bBPt5rp6aJP9pE2-E9BBDpAzSj7XmS4kfj9RlCNaHkVi47zzyBe0NUJ4Lt--nfnT1HDeu02TKeWEYe4TADiLp5M_UQbhM1JUJbagVOHCEzRoVqWPxc8rsircb0-j0DW6YZkNSDej5b02wBwQ4vfNhjvoQgnB6-8b9VLiaTlN7VzvDdfAWUNMk3m9V56QhQVPyXHId7wNZVb3xPba-fQAnF0eS8gNyNnfGer1-08NG5U0dV5O6-LKJhgwDKgV893dlaTRaOoAwBxwSQZR2ZNPQOr03C7VbgzHLlhzh38yypDA4D4yaDS6QEKq0jBtH0Nk2b2N8dBaoxrBih4yKxXB5SAZ8sCZzParqJZZbe0hOWaxOo7GpSkQ3aABD64wmbdIuAGNAcyn6N-xYAsO_WhUPpzyFbOtf3k9KRozu2Zu-151zNkfOrIbfPAz9aQ8W4Rcjuss2l2QMDXyH7HBo12R_957SuL3_WbRoJu0yJdje-VaPTcdEuFPfTRHAmoyAY2_3fZ5MSkd1G_JMlx9mqLhw0GkDZS3EwZZx7d6DwyAOIvOumtKqxYixBrBe2DCFHzKmT8M3yzvsY0G4-ho3QtMV44h1ECL7ex2FL1yiCF-qseLLB7UTtrHiq2st3gZbA7qdfhkUbHyVArB80Y3y9ujXXHkftnfUrbc0CJzyWqhAAXxfw4EPj0vMzQJkLttkmpzkimdoYUsO5JiMC2KmxxhUTET3UW8yT6NNjbdfKlkZ3eOU4MYcGD4HxU6s4ohZ7qlB3VqA4bMS-z4tgs5UNEjFruyGkXgXzckwGQ--NKWZC3kBNyis9kvmcfCrF5sSgkXk_w9wNc66tF_AQK9aiOfdRM3K1KDEKDabfVZVYf2GZgr6cv9YenEHINDN1OiDJIPm6rr-dKZNallgTE-138hiDPkiQlA1A77m1xrx9MSuBHh_WlC83kvuP5jPhn6sNC4TwhqwPnp13qZdapBD5vf45j4NWFQd320ZWYD-UWd4KZm_V2rR4Dii9eYvBBcscAzwsVubKsZ0Xhgrd_DYAyPT7jS9_Tjnu1CB5JdN9ogHRWBo3AnnQdI8AYDclzfh3Hi73NBOpsHHs0iszPGl7WIyfP2J4mgPFm33hb5ey7b9Tq3zhI2TWJcA379Q&sai=AMfl-YQo1rvRZdRpD6kAbkWJiANabL5WRC5MUiUsuuME608Rd48IU1G2dN8hQEoC1dPaaTec03u1dKYCLe5ZztJe26F55O0KBid8AJFr0Lcqz6X_W-jojAPALria8_ymVvp0KF75HKZenmbW1sOUqfXzJ6uLm8EiMg&sig=Cg0ArKJSzA_KoUG-1D7xEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.489.0&adurl=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 26 Nov 2021 06:10:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adServer.bs
bs.serving-sys.com/Serving/ Frame E920 		42 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=display&c=19&pli=1077259053&gdpr=&gdpr_consent=&adid=1085283028&pcp=$$ABAjH0iRoHHoaXFAb31rDPaATUNO$$&ord=1637907009905729
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.18.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-18-238.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
image/gif
content-length
42
expires
Sun, 05-Jun-2005 22:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E920 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEO7G5u8CGPv5gbkBIAEwAQ&v=APEucNUtnedj8OIR7hgrASLHozZKYh6O9vDOrydLdACZTIYHnfVKkKcmISYIiP5LK6803jXGkXkYzwUY-zcCT85z1IscwkVrpw
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E920 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUYRMQXqgYYGkN_qCx_AP0paIoAnO78TbZv-26ODGD4nH_d8FEAEgyYubcmC7ts-D4AqgAYLArJEByAEFqAMByAMTmAQAqgSZAk_Q2xp9DbLlFD5_1jqYqxEYtgxrt8MENuHOZmwERltkMtZXSyr3WQZJ1Nt3vLm4WQCxt1dHLYbjEG31r7f9MyzTKRQVs0nsFH2HRQc3r7WqKoae4Q_ttJs9B6jzPgdPiZL3w8yHpwuad2MtG5bZAMsf_EoSznMBau_wpVMu2598GGUJd0gWqK1SesVcmq1eL1qUjjqMJobfaBCS0yYKHRNpOBh0scs6Mo9n7cgWolHWZKNtpwrOeMg-vuBTA2yHErZxkF63lAtsdCmd3FX8WNJhOeQOSACCnp6gwf_se6SJhdV7pa51HeUlmSfRd9I4QV_LHtwwnElkJph7VWGKHGS52-pSKalld1aB6jcSnH8UD23A5_c0Zi7dwASh-KXp3APgBAOQBgGgBnaAB-a_0-4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi03MjI4NjI4MDkxNTQ4NTU4gAoDyAsB4AsBgAwBsBPK9rEN0BMA2BMKiBSqBtgUAdAVAYAXAQ&sigh=fro6qsJSOmc&label=vast_creativeview&ad_mt=0&acvw=sv%3D906%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1852,415,2221,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D29056%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1195%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D371326133%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1637907010836%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1637907010467&sdkv=h.3.489.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTcwMDU3NDcwODVA-wQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEyMDg4NjMyCTE2MDQwMDkzNkDJAVI2CL8HEA8lAADoQSgBOgszODgwMDUxMTUtMUIER0RCTUiGA1AAWhBwQUpHQXg0eU9vZEFuT1g3GAE.
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzaC1jK-19AIV2oOFCh2tGQgGEAAYACCojL5MQhMIwciAjK-19AIVesERCB1SCwKU;met=1;acvw=sv%3D906%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1852,415,2221,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame E920 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaC1jK-19AIV2oOFCh2tGQgGEAAYACCojL5MQhMIwciAjK-19AIVesERCB1SCwKU;met=1;acvw=sv%3D906%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1852,415,2221,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D29056%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1195%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D371326133%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1637907010838%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637907010467;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E920 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-LQi-aJdG6nurAX8B2vZAVp4HdhWvpuDoe-xpRWftoT8lgDmBnkKsN_BGr-CUMdlD_eoCwdk9fPZ2EK8mwrdPvkS7VyKJQR4QG56le4uMgkxpfSRv4g&sai=AMfl-YQ5h5xMheZ2ne9OMYqONDcINtrRRmrf807V7TpUZDZrKmRWIBtVefvVaInq3KTBC7rOIRpM7P9nzSaPLKfqMWEM8Xb8_RfQ11FtOs_0JkiHYTnpQ-Rc1OhKMZE&sig=Cg0ArKJSzJkGGt83AjN1EAE&cid=CAASEuRozqZjfd8GowmTJJ7LZueu7g&id=lidarv&acvw=sv%3D906%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1852,415,2221,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D29056%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1195%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D371326133%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1637907010838%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637907010467&avm=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzaC1jK-19AIV2oOFCh2tGQgGEAAYACCojL5MQhMIwciAjK-19AIVesERCB1SCwKU;met=1;acvw=sv%3D906%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1852,415,2221,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame E920 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaC1jK-19AIV2oOFCh2tGQgGEAAYACCojL5MQhMIwciAjK-19AIVesERCB1SCwKU;met=1;acvw=sv%3D906%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1852,415,2221,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D29056%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1195%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D371326133%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1637907010840%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637907010467;dc_rfl=1,https%253A%252F%252Frg.ru%252F2021%252F11%252F25%252Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html%240;ecn1=1;etm1=0;eid1=11;
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E920 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUYRMQXqgYYGkN_qCx_AP0paIoAnO78TbZv-26ODGD4nH_d8FEAEgyYubcmC7ts-D4AqgAYLArJEByAEFqAMByAMTmAQAqgSZAk_Q2xp9DbLlFD5_1jqYqxEYtgxrt8MENuHOZmwERltkMtZXSyr3WQZJ1Nt3vLm4WQCxt1dHLYbjEG31r7f9MyzTKRQVs0nsFH2HRQc3r7WqKoae4Q_ttJs9B6jzPgdPiZL3w8yHpwuad2MtG5bZAMsf_EoSznMBau_wpVMu2598GGUJd0gWqK1SesVcmq1eL1qUjjqMJobfaBCS0yYKHRNpOBh0scs6Mo9n7cgWolHWZKNtpwrOeMg-vuBTA2yHErZxkF63lAtsdCmd3FX8WNJhOeQOSACCnp6gwf_se6SJhdV7pa51HeUlmSfRd9I4QV_LHtwwnElkJph7VWGKHGS52-pSKalld1aB6jcSnH8UD23A5_c0Zi7dwASh-KXp3APgBAOQBgGgBnaAB-a_0-4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi03MjI4NjI4MDkxNTQ4NTU4gAoDyAsB4AsBgAwBsBPK9rEN0BMA2BMKiBSqBtgUAdAVAYAXAQ&sigh=fro6qsJSOmc&label=part2viewed&ad_mt=0&acvw=sv%3D906%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1852,415,2221,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D29056%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1195%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D371326133%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1637907010840%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637907010467&sdkv=h.3.489.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTcwMDU3NDcwODVA-wQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEyMDg4NjMyCTE2MDQwMDkzNkDJAVI2CL8HEA8lAADoQSgBOgszODgwMDUxMTUtMUIER0RCTUiGA1AAWhBwQUpHQXg0eU9vZEFuT1g3GAE.
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIzaC1jK-19AIV2oOFCh2tGQgGEAAYACCojL5MQhMIwciAjK-19AIVesERCB1SCwKU;met=1;acvw=sv%3D906%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1852,415,2221,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame E920 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaC1jK-19AIV2oOFCh2tGQgGEAAYACCojL5MQhMIwciAjK-19AIVesERCB1SCwKU;met=1;acvw=sv%3D906%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1852,415,2221,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D16%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D16%26pst%3D-1%26dur%3D29056%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D16%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1195%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D371326133%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1637907010845%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637907010467;ecn1=1;etm1=0;eid1=16;
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E920 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUYRMQXqgYYGkN_qCx_AP0paIoAnO78TbZv-26ODGD4nH_d8FEAEgyYubcmC7ts-D4AqgAYLArJEByAEFqAMByAMTmAQAqgSZAk_Q2xp9DbLlFD5_1jqYqxEYtgxrt8MENuHOZmwERltkMtZXSyr3WQZJ1Nt3vLm4WQCxt1dHLYbjEG31r7f9MyzTKRQVs0nsFH2HRQc3r7WqKoae4Q_ttJs9B6jzPgdPiZL3w8yHpwuad2MtG5bZAMsf_EoSznMBau_wpVMu2598GGUJd0gWqK1SesVcmq1eL1qUjjqMJobfaBCS0yYKHRNpOBh0scs6Mo9n7cgWolHWZKNtpwrOeMg-vuBTA2yHErZxkF63lAtsdCmd3FX8WNJhOeQOSACCnp6gwf_se6SJhdV7pa51HeUlmSfRd9I4QV_LHtwwnElkJph7VWGKHGS52-pSKalld1aB6jcSnH8UD23A5_c0Zi7dwASh-KXp3APgBAOQBgGgBnaAB-a_0-4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi03MjI4NjI4MDkxNTQ4NTU4gAoDyAsB4AsBgAwBsBPK9rEN0BMA2BMKiBSqBtgUAdAVAYAXAQ&sigh=fro6qsJSOmc&label=admute&ad_mt=0&acvw=sv%3D906%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1852,415,2221,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D16%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D16%26pst%3D-1%26dur%3D29056%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D16%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1195%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D371326133%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1637907010845%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637907010467&sdkv=h.3.489.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTcwMDU3NDcwODVA-wQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEyMDg4NjMyCTE2MDQwMDkzNkDJAVI2CL8HEA8lAADoQSgBOgszODgwMDUxMTUtMUIER0RCTUiGA1AAWhBwQUpHQXg0eU9vZEFuT1g3GAE.
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player
logs.viadata.store/event/ Frame D42D 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/player?sid=101752&proto=https&vi_width=656&vi_height=369&&tid=6208&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&event=rtb&event2=impression&cb=1637907006991&dur=29&vis=0
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:11 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
player
logs.viadata.store/event/ Frame D42D 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/player?sid=101752&proto=https&vi_width=656&vi_height=369&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&event=rtb&tid=6208&event2=start
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:11 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
dc_oe=ChMIzaC1jK-19AIV2oOFCh2tGQgGEAAYACCojL5MQhMIwciAjK-19AIVesERCB1SCwKU;met=1;acvw=sv%3D906%26cb%3Dima%26e%3D6%26nas%3D1%26sdk%3Dh%26p%3D1832,415,2201,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame E920 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzaC1jK-19AIV2oOFCh2tGQgGEAAYACCojL5MQhMIwciAjK-19AIVesERCB1SCwKU;met=1;acvw=sv%3D906%26cb%3Dima%26e%3D6%26nas%3D1%26sdk%3Dh%26p%3D1832,415,2201,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D50%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D31%26pst%3D50%26dur%3D29056%26vmtime%3D18%26dvs%3D0%26dfvs%3D0%26dvpt%3D34%26is%3D18%26i0%3D18%26ic%3D1024%26cs%3D5138%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1195%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D371326133%26psm%3D-2147483647%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1637907010879%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637907010467;ecn1=1;etm1=0;eid1=15;
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E920 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CUYRMQXqgYYGkN_qCx_AP0paIoAnO78TbZv-26ODGD4nH_d8FEAEgyYubcmC7ts-D4AqgAYLArJEByAEFqAMByAMTmAQAqgSZAk_Q2xp9DbLlFD5_1jqYqxEYtgxrt8MENuHOZmwERltkMtZXSyr3WQZJ1Nt3vLm4WQCxt1dHLYbjEG31r7f9MyzTKRQVs0nsFH2HRQc3r7WqKoae4Q_ttJs9B6jzPgdPiZL3w8yHpwuad2MtG5bZAMsf_EoSznMBau_wpVMu2598GGUJd0gWqK1SesVcmq1eL1qUjjqMJobfaBCS0yYKHRNpOBh0scs6Mo9n7cgWolHWZKNtpwrOeMg-vuBTA2yHErZxkF63lAtsdCmd3FX8WNJhOeQOSACCnp6gwf_se6SJhdV7pa51HeUlmSfRd9I4QV_LHtwwnElkJph7VWGKHGS52-pSKalld1aB6jcSnH8UD23A5_c0Zi7dwASh-KXp3APgBAOQBgGgBnaAB-a_0-4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi03MjI4NjI4MDkxNTQ4NTU4gAoDyAsB4AsBgAwBsBPK9rEN0BMA2BMKiBSqBtgUAdAVAYAXAQ&sigh=fro6qsJSOmc&label=adpause&ad_mt=19&acvw=sv%3D906%26cb%3Dima%26e%3D6%26nas%3D1%26sdk%3Dh%26p%3D1832,415,2201,1071%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D50%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D31%26pst%3D50%26dur%3D29056%26vmtime%3D18%26dvs%3D0%26dfvs%3D0%26dvpt%3D34%26is%3D18%26i0%3D18%26ic%3D1024%26cs%3D5138%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1195%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D371326133%26psm%3D-2147483647%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1637907010879%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1637907010467&sdkv=h.3.489.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw1NTcwMDU3NDcwODVA-wQKcQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1MTEyMDg4NjMyCTE2MDQwMDkzNkDJAVI2CL8HEA8lAADoQSgBOgszODgwMDUxMTUtMUIER0RCTUiGA1AAWhBwQUpHQXg0eU9vZEFuT1g3GAE.
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player
logs.viadata.store/event/ Frame D42D 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/player?sid=101752&proto=https&vi_width=656&vi_height=369&uid=0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc&event=rtb&tid=6208&event2=pause
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:11 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame BBAC 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Tue, 23 Nov 2021 20:01:57 GMT
expires
Wed, 23 Nov 2022 20:01:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
209294
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
pagead2.googlesyndication.com/bg/ Frame BBAC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 13:27:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
146545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13296
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 13:27:46 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 64A5 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71c6ea85dba250b22bc1baaa084572f76dcbb99cb2779e5a603aa867717889a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1055 / 482 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26863
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 06:10:11 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmo&hash=32112fb0bc7d4d37&duid=1637907004608927935&pxo=f4cT_NNfZGnsR46LZwaNNUV-iv6_GP9F9YAQYnif0HgsSZNKfjU6MV1g9c3uPG6dUh5t42k5fB2coUrb51Yqr1F3hF3tOp_6z8s0HVWLuNIQ0Zw7i6Na7scSp7IL_XH29IyY02aH0xWrzMJkIetgqJFNIyIeGyMM2_-DMY_kHg2hJGeQGWE%3D&p5=gdhai&rand=fvdlhtd&sj=4z4Zln69DH2Um6dSPrdzlasn96bVdgT5Kx6aPFmR9G3dQo0gOq1TH561nfRrgQ%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjn&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=chfiz&rqs=POaighaSwEhDeqBhX4A6XdbInkHwaQws&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:11 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
truncated
/ 		494 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c3c917f4f2fec833b3b61e610a5ef7bc6ea420a3e35a165bca1c1d2cf61e30d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame 64A5 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 06:10:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BBAC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.489.0&bgai=BwWyNQnqgYc33LtqHlgSts6AwAAAAADgB4AQC&bg=!rK-lr-vNAAZQLpa_UC47ACkAdvg8Wvov8nyZ-ho4o-zufyk2J9d4cjRSBmthN_B5WPRTMkoR8mpgZAIAAABsUgAAAA1oAQcKAMyUxZWtSZ4bwdHzbqNZNowqOiEJ_sIl-eH5egX7DZEexdzNFnSz6V4pASKP7lKbETAyNFkPdd4TCHGycDvEEuamHmDHXtD9IEoXew1b1stKNu_bMD3lAkPwyLY4X_FgxbqID3fY65-hTtpzHsRpFJZ-MCnEpM9Q2vyvgUYm9B2VBr-DlQG8TVbsd48NCr2vD3Wr5VJEyrkm9jGL3bG0PcEg2t-KXyYl1hkYG4Dgyo4u2Mxh5TStabXG6RZEWWakSYRBpuiw9gn7eTsD1LmZAqfyvgDgRfFEgq5Ehcz8rzrjy5wtfMTii3-DjbF90F-LjfUD1RRdlgpPvEMRep_xC2gRNHfGyOj5mOq_X13ixxCn6hYuuzx91yDwfc8WeHKkmWBUVE7qhBTPJ0uTlHpEKwlFugmLw09GDJxIXNpVBgrgD-8G5NH1XhUoGGtn99stuApWy-gNQn_G1_n504mFKpijFFnGiyDyo5c8IpvdxC6MMHmslCp-wBACFCFhdkj1eavcMb0af3VY1pagZGD0GQjInEjJ2Qy2Ipa03HiL4dq4iGIVuAqSKAwpvfw6xIWw0R7apqcoCON2b9PuULTr9y2mXDOq8USrOBXAr5Ail22XN8euxvliL88htL4da2Tnv2lmysXcz86OZ8tOWs0qsSd62dl9rywjfrmh3pQeop0MEiw5XGfeKF4FrzVlymEcbE6ide4QbaT6qfTgZ0AprqMfah2GddkFCuJgpHamBAEpenL8p-WOsLBk0GHAfLqXd3PbWh5a7eys0UYDj3hflhWuPhbcYii9eXPDqgXFLtxJy4J826erdP_Bgc51vuVCbullK5jPNeJDrMDpDfMuteQaDLEp8OWsgFLc4KYioUwgXomL2CE7nusebrcypCTmRd2TWAJf-rImFcK4WDuc8za4m9R8hF-yIMHAHCbtjMwoEhXQsiHrOxtuzISFpP9OuEm88OwYVu7q-8kPa77_MfGxih0TEXrf92mNyguo8_wMMOj_GxVgeDDkkjxlY3ZO6_tDgjQ1BT_ZiQEcLchmxG80T9d0rvC38wlyn7fgLWwnwVjX4JpPSx9xWtHvxYEI0HW6M30v8gVnx-8Uh-Ui1IZSTSqp2EX86_vRFYWLoj0ON5USnJIzeVGeT8p1F5Y5kGNRzvm2R-MVjRNc2L13jQV2JQYF4eCA
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame 64A5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 64A5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 64A5 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=359312371597328&correlator=1672604715365645&output=ldjh&impl=fifs&eid=31063257%2C31060889%2C31061165&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21770387747%2Cdm_300x600_m28&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C2x1&cust_params=key_value_dm2%3D10&cookie=ID%3D405a5082a0807474%3AT%3D1637907006%3AS%3DALNI_MZLsSkdY_ZJ91lA4aPufGj_xE4M8w&cdm=rg.ru&bc=31&abxe=1&lmt=1637907011&dt=1637907011185&dlt=1637907010971&idt=193&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=1120&adys=2670&adks=3422496845&ucis=9reynlxnrn5p&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&top=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=370508847.1637907004&ga_sid=1637907011&ga_hid=166322460&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2bb4c1964dfc3410a962b6ae0e3133dc64c08530927690455693b21c8360883b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11806
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 64A5 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43df8c71ca79ed13ebe0c3be20937dd4f7b7c5c33de0f934eafefc32a2131b13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 06:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9233
x-xss-protection
0
container.html
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C52B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 06:10:11 GMT
expires
Sat, 26 Nov 2022 06:10:11 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 64A5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 26 Nov 2021 06:10:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BCB2 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 25 Nov 2021 20:35:24 GMT
expires
Fri, 25 Nov 2022 20:35:24 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
34487
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 91C0 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6dae39790bce3c399f0fb88fe802f7d91e1272507175f9c30a93d72bec31aee4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z5yGsPAkXciSGn9Fr9wa4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 26 Nov 2021 06:10:11 GMT
date
Fri, 26 Nov 2021 06:10:11 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-z5yGsPAkXciSGn9Fr9wa4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 91C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=359312371597328&rc=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame BCB2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 10:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 10:57:49 GMT
container.html
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA86 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 06:10:11 GMT
expires
Sat, 26 Nov 2022 06:10:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmu&hash=542aa3bd6b11a19b&duid=1637907004608927935&pxo=f4cT_NNfZGnsR46LZwaNNUV-iv6_GP9F9YAQYnif0HgsSZNKfjU6MV1g9c3uPG6dUh5t42k5fB2coUrb51Yqr1F3hF3tOp_6z8s0HVWLuNIQ0Zw7i6Na7scSp7IL_XH29IyY02aH0xWrzMJkIetgqJFNIyIeGyMM2_-DMY_kHg2hJGeQGWE%3D&p5=gdhai&rand=jokligu&sj=4z4Zln69DH2Um6dSPrdzlasn96bVdgT5Kx6aPFmR9G3dQo0gOq1TH561nfRrgQ%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjn&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=chfiz&rqs=POaighaSwEhDeqBhX4A6XdbInkHwaQws&rtb-si=b&p2=fjgg&resp-time=582
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:12 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 64A5 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=359312371597328&bg=!_P-l_7vNAAZQLpa_UC47ACkAdvg8WoAKcooH6nSGRQXUHcd1kHTP-o7IoT6XDaET_pjg6xiQeiOZFgIAAABiUgAAABpoAQeZAoKWmnZROkIY4FiB4J5Y96M34gRku4lr8T6oPDoTLUmH8mAdDVU7Av72CAzJsIKKs2-gwCzcS5lf0y35KcjGbNbLsQT3jq4ZJv3czP-rATCumKsNOzBteVpYdA-SkWV5I0Pxq3yM5PmoNq92y9km8zeE1GQQVpaVVLeSf5w5wE37G-JL1eJvFEaRrhsHoFvk6Opo3nd7XRie1zpglWlQ5tR9zJZFrSapEADB9YlGFQlVZqZNPX37EAa2bP97eq3xdb6sBlmgUtiX7Kifqv9p5u2mSwZeS9pv-XQAooCxH3Wpge5n8IdgotJ75P_l9dq38tO75L-3_xQZIcldQl7z7dCrWYG9j6dFPJcRxeEDpAopYunZms3PPm6zTuBIofW1RdnjbGm-HCut7KgXqzmBuBJv7fJmBJX4NC6XH7siDgo1o--da3NyxFfTtIm_5Kw7PflG3q7YlUryexTIpwXtrvp0cRqPKOCJklrJ-HS3Ot-jmX6evjqLWZRJ8FRbrLIyMnUr8Srh8-DKs3IVZ-ut_pLZLml7AcIhbFz5E9_45ldMc3m75amY0VZETDZkCNVLxrfF5VNsGIbRvsPVEDktJfZoNnvsZQPbDTi_GmWTJsGch2yMTMdT_fgwICfr3MUkGrT3ahB0KfIhQ6foP8udOUY6thb42pGCofnC8aXzUs_f_2sM-xnyGRI5temRMQ3t1tZPQMB9fCuz5X0Fi1lpKCpzYoxbJ--Nl8_Cv_9AvID60Hcn2JCOcckzsV2PSTGNnPez2o3NmAJ0Jd4b_jDCyysQl6S3N4n8tKATqHkPLb_3TzoLyTINBgq03mSSfy99aEhjYI8HayAhi_rELaKAX3AOdjY
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 229F 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIY8NGJqgEwAQ&v=APEucNUBh1cO9nrg196HZRzAOdQCpJGseJLKpg2RWIOOyQqx7qprumxMX-LcjtT7A0KZtDdPNCPdgIZieZvgWooOWUUaQFt5RuIPzfy95dvtxPC5o59VCt17fN54rT_9bLwLK_dEFiIZQiUMpmNUk3-XeGJ9e-uZFZuPFPTMPFC5gHcV7Gfuth8
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 26 Nov 2021 06:10:12 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame DA86 		13 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cn4sCNjK9BzuWZiAoYy0JMNrSqt5QMo3atJ0V_9zWmcY8Jhpg7CpQPdnJ9LnjQ0mwC_4VzNTnP6Xwmd-sEggWhNCA79fR6-0LEztSKPUx4Rp3yEO-TDEUIt6qVXeoh9odcFBG47uayowSuXTQcx7_pngJ4kg&dbm_d=AKAmf-CAqILlF6YtZrErbBelzDqhR7-BUcne7NWL2pE58aevMPEBxFk_gQavv8PtLjT_JXZgUYO-qnva19ZP6Ez4a1VvreaqBrQTdez8fh2W_ErEzRjtc8EkEveplOceYr9K7-Sha7kQWOXOvTzr-7cKA_fl4O2vSxQp6EoXQfqaQkkQMMyIaY02qZWgthrZV4RGpbWOxdlpAJMCQg5DHn7TfDH_pmmhlPsREcSOC1Tq4CE-AYDIvNGG_fw6Q2-UvN3HXCcVdjfSI7Lul0yXSLA0CSr8F397G5z0YwC2A31cuNmK3up1eQpoTlGpIIX3QFzJAwPdCbm-iV4Kn-vnXMqJO6HQGyf7Xikhp3UtZ0jx2eA6-VgBMGhfi16i1etOOT3RTuAhytnsF54fMsG_RDpMRMDgoJHrAThZpZrguosz4vGy9SmjpdBsbZLZ6-mKaPtOd2rmmDktXLasaQSmKHEpZD9TYXSK2aw8eX-XWOgEAx_61__qNz7JltodtTduz_i3n4iNbMWnrp9_q-Wnv4_H2E7C7KPp9UcldHr79F_PYhXXv81F4yGzSGOgHmu39-uNCB-SEkpDgSRJjep8biLASfzIg_UcoFX_QrQ4xX1e-gUYmkSoluuGRx9W0QBY5UfBR6o_iZy2b5B8GABasRpVIW67I0Qm0Xjw2DM96EhYALslOAlAr5YjA9sSxIkSp3xtjqD8HcRzamsE1gBwhOkiyMDAa-DRnmWwVSPuCY-ghSL6wW57-qQPX1UtamlhRZOWV6ABMp3vpQgv4X6CopLrIphZJhzoNhE3_OMGqgn5uh-aH7DzDfUC8CvQ7X4s9HXTpAaLpGN7L86pCND0_aIUU7vOI-j6DrFNuFABh4Q3ceG-JI_7BUKA6lTkZxcsAGMjaPdIFWWvMK3F9_0CJogxHcV0athkLZ0YgER6zYdFKPGh9ZtPOaqqrzOPbpwHpMeRwwlOge8QiLnMH9G72hBSjCcgrTIqNr0qjEPdI8e38mvOWSZ7yANKFaUjUGzDDYVmDRiFPLKw9dslKtLVvj7qMu8Q5nUQoCAoJ8Tsjzj_f_bFm6MzZl-igcwfXJsDvzoskq79_8i7oYfhx0rnwVSTghhIMxQYusBWr-MZkBvPl8BZti05LJ5ANZNp03noFQUuTnXLwt6ddaVkTli5LmYZG2GcaxB-gI70C0e1ZaR0KOIV8D9Wfvs0Out_9O9UdjemUDwaWdFRWRbfmASmDsfF4H6JcBnW8RawhadQIa0iiCpdZCc5KkVSZA-dKWwgJJt_s-_Q--T9bsQ81FzVv3JN5FBjHnjA7DkKlcHSXrluDMmmSrhvmWOqsXaOEEiXrfqaIBPoiZYiGof2ACzfYABrbHyiM6xctpvYB_6mzF6l6FoM6jhprLYeALQtjCEBl2h6coflV4KFkAv9Irjk_GCbivZTG6dj_6AHaK3ete9D0dRb0nCwbq7Y0O-HD09GSDyZZdPF9cecREfG2n4uM9k7WZjtQA-Z-ZP7haBZn-8-hBMBoIuXf-ZZBdqFy7JcI6jli_7fn905W4Bsw3SIYKNi4M5vgwZ2Rdh0XFxIyMg7baKW54UQaF4e7X1cWDmBeoXu__UCOUhRCefIGCcd2oH8kiv1YtNBk18B5g02y3RAwu7LZH6EBmNzM8K1aX-g2dqP73VaIj8Akkd-baD8yToY6AOhza5eYNicbcifEMCYcagAYfbEKsvH8Nn4Wo4Gj0baq0KHwHjuFXwr0yMhaZ1fAeK9XX6uMa6RrloL0Gg9SjcK3QPeCtPpsZH3nG_v-QgoFvPe8NpDo_AtZq4-tTcSOFA7nRNzgr0AUmz3Z708Qf3k45ihkf3SCkHC1V5zeIUlbY6uj-CrN-sGP_c0WJp8nw2RZUny69HC4jsQMmo1pNVnsRtsqwO8gHa1DgL5mRgvSoaPRvkbHEodGZrOHGwOvlSp4eEBVmbQ0EbEnbW-IkQ38Q9LYNszGVpeHrk1oq4BFqMqIVVk44IfkuQuNOEpgG8ns1KU5s5l-_ONAuj5ILFZ1EVZgryz6Xy4HvWADaZIEwcQWoDmz5bxckVClKAnsjyImLj1N51mA040_wCEdcEhOx-Vh95t1sUvFEDolfzD_ELslYWU5UpLfnna-M26NhWORf2i9rNgADLvPie-glRVYKyrSc3zL4UBPdKA2Gd_Prb0K9Jrj-LVJ9xNjCEAGwCgH0oeC5SfjDSRBMTsn1fb0JpuZw9rhEa8oYH9F2vHI6BWoRh4zKXP2NwLzvV2WW8-37h2ymDGX4jGiLgqQOHSHucB4j6f5g3OeN1ptg_qi5M8q5k0f5YHEZ_ZMwrwnWghAWMKTLVC2MyojiECRUUJ-Pbmd4eFBmoT6ccKSPYT6yALgs6Hx3eq0tSx0G1eqdC7LjEpCTyqSqvATr0qNW6x2m16zRUwwiGYo-_zvjfapo4Qb_qv6Bw8K5PD9VjTBSvkOP0GjFAtXcwNyaF56YMNtncYvFSiTLimtGtbhCvpCbPPlaEABBPOSZ-M3JeRC9yVdXW7ak6rhm-mb78ByozUW5QXtHcBimE-aFLwiWfq2vcxy0ct9nJ6YqQu0yRRn5LQo2tronpOZVwXPkGjAKfk62uy0KyeqsiPOM4IpUbAXmUsLy0i7vmmLb38E1W4R2uclYMeqw&cid=CAASEuRorN_aqvz5vwLhGoFTsgKWmg&rfl=2%2Chttps%253A%252F%252Frg.ru%242%2Chttps%253A%252F%252Frg.ru%252F%240
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a159148c8b1206ea0f2282bf9644d62c732f12ff095f9ae905a0d3e07a324f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9531
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA86 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAFUsnho398OAmy1ePfrnPd42I2g8M9xdaHOYPIBWnayaZwE2VbMo0526T7UIu618VmdRc6SliKm_MH6t8yx2fMQc6FlsWJQ_e9K8uCwMWBUi3QQQ
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DA86 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:26:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:26:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DA86 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 Nov 2021 06:10:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DA86 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 05:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 05:48:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DA86 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cn4sCNjK9BzuWZiAoYy0JMNrSqt5QMo3atJ0V_9zWmcY8Jhpg7CpQPdnJ9LnjQ0mwC_4VzNTnP6Xwmd-sEggWhNCA79fR6-0LEztSKPUx4Rp3yEO-TDEUIt6qVXeoh9odcFBG47uayowSuXTQcx7_pngJ4kg&dbm_d=AKAmf-CAqILlF6YtZrErbBelzDqhR7-BUcne7NWL2pE58aevMPEBxFk_gQavv8PtLjT_JXZgUYO-qnva19ZP6Ez4a1VvreaqBrQTdez8fh2W_ErEzRjtc8EkEveplOceYr9K7-Sha7kQWOXOvTzr-7cKA_fl4O2vSxQp6EoXQfqaQkkQMMyIaY02qZWgthrZV4RGpbWOxdlpAJMCQg5DHn7TfDH_pmmhlPsREcSOC1Tq4CE-AYDIvNGG_fw6Q2-UvN3HXCcVdjfSI7Lul0yXSLA0CSr8F397G5z0YwC2A31cuNmK3up1eQpoTlGpIIX3QFzJAwPdCbm-iV4Kn-vnXMqJO6HQGyf7Xikhp3UtZ0jx2eA6-VgBMGhfi16i1etOOT3RTuAhytnsF54fMsG_RDpMRMDgoJHrAThZpZrguosz4vGy9SmjpdBsbZLZ6-mKaPtOd2rmmDktXLasaQSmKHEpZD9TYXSK2aw8eX-XWOgEAx_61__qNz7JltodtTduz_i3n4iNbMWnrp9_q-Wnv4_H2E7C7KPp9UcldHr79F_PYhXXv81F4yGzSGOgHmu39-uNCB-SEkpDgSRJjep8biLASfzIg_UcoFX_QrQ4xX1e-gUYmkSoluuGRx9W0QBY5UfBR6o_iZy2b5B8GABasRpVIW67I0Qm0Xjw2DM96EhYALslOAlAr5YjA9sSxIkSp3xtjqD8HcRzamsE1gBwhOkiyMDAa-DRnmWwVSPuCY-ghSL6wW57-qQPX1UtamlhRZOWV6ABMp3vpQgv4X6CopLrIphZJhzoNhE3_OMGqgn5uh-aH7DzDfUC8CvQ7X4s9HXTpAaLpGN7L86pCND0_aIUU7vOI-j6DrFNuFABh4Q3ceG-JI_7BUKA6lTkZxcsAGMjaPdIFWWvMK3F9_0CJogxHcV0athkLZ0YgER6zYdFKPGh9ZtPOaqqrzOPbpwHpMeRwwlOge8QiLnMH9G72hBSjCcgrTIqNr0qjEPdI8e38mvOWSZ7yANKFaUjUGzDDYVmDRiFPLKw9dslKtLVvj7qMu8Q5nUQoCAoJ8Tsjzj_f_bFm6MzZl-igcwfXJsDvzoskq79_8i7oYfhx0rnwVSTghhIMxQYusBWr-MZkBvPl8BZti05LJ5ANZNp03noFQUuTnXLwt6ddaVkTli5LmYZG2GcaxB-gI70C0e1ZaR0KOIV8D9Wfvs0Out_9O9UdjemUDwaWdFRWRbfmASmDsfF4H6JcBnW8RawhadQIa0iiCpdZCc5KkVSZA-dKWwgJJt_s-_Q--T9bsQ81FzVv3JN5FBjHnjA7DkKlcHSXrluDMmmSrhvmWOqsXaOEEiXrfqaIBPoiZYiGof2ACzfYABrbHyiM6xctpvYB_6mzF6l6FoM6jhprLYeALQtjCEBl2h6coflV4KFkAv9Irjk_GCbivZTG6dj_6AHaK3ete9D0dRb0nCwbq7Y0O-HD09GSDyZZdPF9cecREfG2n4uM9k7WZjtQA-Z-ZP7haBZn-8-hBMBoIuXf-ZZBdqFy7JcI6jli_7fn905W4Bsw3SIYKNi4M5vgwZ2Rdh0XFxIyMg7baKW54UQaF4e7X1cWDmBeoXu__UCOUhRCefIGCcd2oH8kiv1YtNBk18B5g02y3RAwu7LZH6EBmNzM8K1aX-g2dqP73VaIj8Akkd-baD8yToY6AOhza5eYNicbcifEMCYcagAYfbEKsvH8Nn4Wo4Gj0baq0KHwHjuFXwr0yMhaZ1fAeK9XX6uMa6RrloL0Gg9SjcK3QPeCtPpsZH3nG_v-QgoFvPe8NpDo_AtZq4-tTcSOFA7nRNzgr0AUmz3Z708Qf3k45ihkf3SCkHC1V5zeIUlbY6uj-CrN-sGP_c0WJp8nw2RZUny69HC4jsQMmo1pNVnsRtsqwO8gHa1DgL5mRgvSoaPRvkbHEodGZrOHGwOvlSp4eEBVmbQ0EbEnbW-IkQ38Q9LYNszGVpeHrk1oq4BFqMqIVVk44IfkuQuNOEpgG8ns1KU5s5l-_ONAuj5ILFZ1EVZgryz6Xy4HvWADaZIEwcQWoDmz5bxckVClKAnsjyImLj1N51mA040_wCEdcEhOx-Vh95t1sUvFEDolfzD_ELslYWU5UpLfnna-M26NhWORf2i9rNgADLvPie-glRVYKyrSc3zL4UBPdKA2Gd_Prb0K9Jrj-LVJ9xNjCEAGwCgH0oeC5SfjDSRBMTsn1fb0JpuZw9rhEa8oYH9F2vHI6BWoRh4zKXP2NwLzvV2WW8-37h2ymDGX4jGiLgqQOHSHucB4j6f5g3OeN1ptg_qi5M8q5k0f5YHEZ_ZMwrwnWghAWMKTLVC2MyojiECRUUJ-Pbmd4eFBmoT6ccKSPYT6yALgs6Hx3eq0tSx0G1eqdC7LjEpCTyqSqvATr0qNW6x2m16zRUwwiGYo-_zvjfapo4Qb_qv6Bw8K5PD9VjTBSvkOP0GjFAtXcwNyaF56YMNtncYvFSiTLimtGtbhCvpCbPPlaEABBPOSZ-M3JeRC9yVdXW7ak6rhm-mb78ByozUW5QXtHcBimE-aFLwiWfq2vcxy0ct9nJ6YqQu0yRRn5LQo2tronpOZVwXPkGjAKfk62uy0KyeqsiPOM4IpUbAXmUsLy0i7vmmLb38E1W4R2uclYMeqw&cid=CAASEuRorN_aqvz5vwLhGoFTsgKWmg&rfl=2%2Chttps%253A%252F%252Frg.ru%242%2Chttps%253A%252F%252Frg.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 12:48:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 24 Nov 2022 12:48:36 GMT
sd
us-u.openx.net/w/1.0/ Frame 229F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMT9YjYm-awCLLJSiT8xlT8&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMT9YjYm-awCLLJSiT8xlT8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIY8NGJqgEwAQ&v=APEucNUBh1cO9nrg196HZRzAOdQCpJGseJLKpg2RWIOOyQqx7qprumxMX-LcjtT7A0KZtDdPNCPdgIZieZvgWooOWUUaQFt5RuIPzfy95dvtxPC5o59VCt17fN54rT_9bLwLK_dEFiIZQiUMpmNUk3-XeGJ9e-uZFZuPFPTMPFC5gHcV7Gfuth8
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.220.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
via
1.1 google
server
OXGW/16.220.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMT9YjYm-awCLLJSiT8xlT8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 229F 		43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIY8NGJqgEwAQ&v=APEucNUBh1cO9nrg196HZRzAOdQCpJGseJLKpg2RWIOOyQqx7qprumxMX-LcjtT7A0KZtDdPNCPdgIZieZvgWooOWUUaQFt5RuIPzfy95dvtxPC5o59VCt17fN54rT_9bLwLK_dEFiIZQiUMpmNUk3-XeGJ9e-uZFZuPFPTMPFC5gHcV7Gfuth8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.220.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
content-encoding
gzip
server
OXGW/16.220.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 229F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEMF_qxa_AwXtT2QBUBsYw8g&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEMF_qxa_AwXtT2QBUBsYw8g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIY8NGJqgEwAQ&v=APEucNUBh1cO9nrg196HZRzAOdQCpJGseJLKpg2RWIOOyQqx7qprumxMX-LcjtT7A0KZtDdPNCPdgIZieZvgWooOWUUaQFt5RuIPzfy95dvtxPC5o59VCt17fN54rT_9bLwLK_dEFiIZQiUMpmNUk3-XeGJ9e-uZFZuPFPTMPFC5gHcV7Gfuth8
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 26 Nov 2021 06:10:12 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEMF_qxa_AwXtT2QBUBsYw8g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 229F 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIY8NGJqgEwAQ&v=APEucNUBh1cO9nrg196HZRzAOdQCpJGseJLKpg2RWIOOyQqx7qprumxMX-LcjtT7A0KZtDdPNCPdgIZieZvgWooOWUUaQFt5RuIPzfy95dvtxPC5o59VCt17fN54rT_9bLwLK_dEFiIZQiUMpmNUk3-XeGJ9e-uZFZuPFPTMPFC5gHcV7Gfuth8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 26 Nov 2021 06:10:12 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
bsi.js
z.moatads.com/pbb847483933/ Frame DA86 		44 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/pbb847483933/bsi.js
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65f16db16de18a47fbd856c4157d1ddeb2be3e294e00150b01159e08b33a5849

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:12 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 15:30:31 GMT
server
AmazonS3
x-amz-request-id
E2MDXEXN9QPGRS7Y
etag
"1d690f9ccf4ca7da7291be8123505e46"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=28811
accept-ranges
bytes
content-length
20589
x-amz-id-2
9fpHQhzWQcEp9+Be5J202jRHQ1xpwwMJTKbVOD0UyT/rj5sjPU6KSZKQGjrZrA0j8UVZpNKbroA=
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C361 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Wed, 24 Nov 2021 12:48:37 GMT
expires
Thu, 24 Nov 2022 12:48:37 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
148895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame C361 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 10:57:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 10:57:49 GMT
a.js
mb.moatads.com/ Frame DA86 		402 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/a.js?callback=MoatHandleJsonpResponse_19749644&url=https%3A%2F%2Frg.ru%2F&id=0&level1=25927350&level2=6688358&level3=303889082&level4=154638429&pcode=crystalskiukftdisplaybs363091935889&tv=503c7d4-clean&ol=1459133166&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-bmUFgxJkDqyRa9Pcg6GRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&sc=1&os=1-vg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&slicer1=rg.ru&slicer2=rg.ru&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJS=3%3A-
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.222.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-222-185.eu-west-1.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
99ff866b0c6863805c215b77d6336e815da86164d8237ad19eb2874573eb1476

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:12 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"cfaed9cf34371cf686b54ea6e317ec47e239af7e"
content-length
402
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame DA86 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&i=PBB_HC&d=crystalskiukftdisplaybs363091935889%3A25927350%3ADBM%20TUI%20UK%201494559211-CSKI_UK_DIS%3A303889082&gw=crystalskiukftdisplaybs363091935889&bq=0&de=90418107&t=1637907011881&ac=1&ar=0d6bd0b-clean&oi=4&ob=1&na=1766943881&cs=0
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 26 Nov 2021 06:10:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8289 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 26 Nov 2021 05:53:44 GMT
expires
Sat, 27 Nov 2021 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
988
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DA86 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f826dc0172c07f4c676df76ef0b10df8500bfd6c38055b50413e37153b2088dd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 8289
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB1n739qgJHGK15kgNjNcgY&google_cver=1&google_push=AYg5qPIGhTvNPJOCwI2wdxfRWjxMGCO7LPnJ2BlRGtkESRRrNX3f0UA5TZ10FoTqb6FxkePdDSXixbhUkKoJLhou...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIGhTvNPJOCwI2wdxfRWjxMGCO7LPnJ2BlRGtkESRRrNX3f0UA5TZ10FoTqb6FxkePdDSXixbhUkKoJLhoubXj4ACp0-xx8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIGhTvNPJOCwI2wdxfRWjxMGCO7LPnJ2BlRGtkESRRrNX3f0UA5TZ10FoTqb6FxkePdDSXixbhUkKoJLhoubXj4ACp0-xx8
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 26 Nov 2021 06:10:12 GMT
Server
MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIGhTvNPJOCwI2wdxfRWjxMGCO7LPnJ2BlRGtkESRRrNX3f0UA5TZ10FoTqb6FxkePdDSXixbhUkKoJLhoubXj4ACp0-xx8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 26 Nov 2021 06:10:11 GMT
i.match
s.tribalfusion.com/z/ Frame 8289
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEO5QzLRMgJlfjLyPGWlD_p8&google_cver=1&google_push=AYg5qPKGpTAw9qJtJzW7pI2GTrSzIG_taYCjTeZKfHNtNGlPzzMdlPCQMR7WvwFAyL0MbK3PwuB2ysjfRWeTLHT5PL8uZ-p4rtUKY...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO5QzLRMgJlfjLyPGWlD_p8&google_cver=1&google_push=AYg5qPKGpTAw9qJtJzW7pI2GTrSzIG_taYCjTeZKfHNtNGlPzzMdlPCQMR7WvwFAyL0MbK3PwuB2ysjfRWeTLHT5PL8uZ-p4rtU...
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO5QzLRMgJlfjLyPGWlD_p8&google_cver=1&google_push=AYg5qPKGpTAw9qJtJzW7pI2GTrSzIG_taYCjTeZKfHNtNGlPzzMdlPCQMR7WvwFAyL0MbK3PwuB2ysjfRWeTLHT5PL8uZ-p4rtUKYg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKGpTAw9qJtJzW7pI2GTrSzIG_taYCjTeZKfHNtNGlPzzMdlPCQMR7WvwFAyL0MbK3PwuB2ysjfRWeTLHT5PL8uZ-p4rtUKYg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:13 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b40f3cf58a8374b-MXP
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b40f3cd1da6374b-MXP
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO5QzLRMgJlfjLyPGWlD_p8&google_cver=1&google_push=AYg5qPKGpTAw9qJtJzW7pI2GTrSzIG_taYCjTeZKfHNtNGlPzzMdlPCQMR7WvwFAyL0MbK3PwuB2ysjfRWeTLHT5PL8uZ-p4rtUKYg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKGpTAw9qJtJzW7pI2GTrSzIG_taYCjTeZKfHNtNGlPzzMdlPCQMR7WvwFAyL0MbK3PwuB2ysjfRWeTLHT5PL8uZ-p4rtUKYg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8289
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEL2m8otl-3P50O8OeGjmqws&google_cver=1&google_push=AYg5qPJxt6pxO2jChtFpt_XYkaQpU99tOknbK0Z0EPOF9rHwP5mywsk5Ofxbod6QlcSciS6wTbO4EIuCfsvgdR...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNDc1NzA1MDQ0MDM0OTg0OA%3D%3D&google_push=AYg5qPJxt6pxO2jChtFpt_XYkaQpU99tOknbK0Z0EPOF9rHwP5mywsk5Ofxbod6QlcSciS6wTbO4EIuCfsvgdR_LT9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNDc1NzA1MDQ0MDM0OTg0OA%3D%3D&google_push=AYg5qPJxt6pxO2jChtFpt_XYkaQpU99tOknbK0Z0EPOF9rHwP5mywsk5Ofxbod6QlcSciS6wTbO4EIuCfsvgdR_LT9dmcO4uS1y2hg
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzNDc1NzA1MDQ0MDM0OTg0OA%3D%3D&google_push=AYg5qPJxt6pxO2jChtFpt_XYkaQpU99tOknbK0Z0EPOF9rHwP5mywsk5Ofxbod6QlcSciS6wTbO4EIuCfsvgdR_LT9dmcO4uS1y2hg
Date
Fri, 26 Nov 2021 06:10:12 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
dot.gif
s0.2mdn.net/ Frame 8289 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGF_xBVw9PpNew2QA2DwFCs&google_cver=1&google_push=AYg5qPKApEpFSbjv3p_sn0unx2W8ScazTFBeJPvLJS04U_3WQPrtY822RlI7FsoS2KtKk3ZArO6yR0WsdQnxKka8WKUI3Pq8W0Nl
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Nov 2021 06:10:12 GMT
pixel
cm.g.doubleclick.net/ Frame 8289
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIP6BEBXkkw3gUeLr7BqcMA&google_cver=1&google_push=AYg5qPJDsW29VCRQEvVNpCAMGe064t6JiLnr15lbL1PuSnky5wnO-jIsFTvhAHzvJDMtPo421yG...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dGWkpORUstMS1EVlVE&google_push=AYg5qPJDsW29VCRQEvVNpCAMGe064t6JiLnr15lbL1PuSnky5wnO-jIsFTvhAHzvJDMtPo421yGpocwRjwbhGXnMYf7x9p2xDHScVw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dGWkpORUstMS1EVlVE&google_push=AYg5qPJDsW29VCRQEvVNpCAMGe064t6JiLnr15lbL1PuSnky5wnO-jIsFTvhAHzvJDMtPo421yGpocwRjwbhGXnMYf7x9p2xDHScVw
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dGWkpORUstMS1EVlVE&google_push=AYg5qPJDsW29VCRQEvVNpCAMGe064t6JiLnr15lbL1PuSnky5wnO-jIsFTvhAHzvJDMtPo421yGpocwRjwbhGXnMYf7x9p2xDHScVw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8289
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.targeting.unrulymedia.com/csync/RX-b8675657-4c03-447d-98e4-aa17a0469e85-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKJ351xrh-c348kh9V2W...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKJ351xrh-c348kh9V2WVVwaqy7pERvy2g6awI4ADtn64htZIImZZkJ5l41ZgR6wM6XjvrTLLNCjMMIHFvysORWuq2btU4x&google_hm=A7hnVldMA0R9mOSqF6BGnoU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKJ351xrh-c348kh9V2WVVwaqy7pERvy2g6awI4ADtn64htZIImZZkJ5l41ZgR6wM6XjvrTLLNCjMMIHFvysORWuq2btU4x&google_hm=A7hnVldMA0R9mOSqF6BGnoU
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKJ351xrh-c348kh9V2WVVwaqy7pERvy2g6awI4ADtn64htZIImZZkJ5l41ZgR6wM6XjvrTLLNCjMMIHFvysORWuq2btU4x&google_hm=A7hnVldMA0R9mOSqF6BGnoU
date
Fri, 26 Nov 2021 06:10:12 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXb86756574c03447d98e4aa17a0469e85003
content-type
text/html
dot.gif
s0.2mdn.net/ Frame 8289 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEN_oOM63n3TKyxawbuVf1N8&google_cver=1&google_push=AYg5qPLB9DdypBrc1x8TLF5WIaxeCkFBjeXO7ip5tXAAzjiz0WHmYGmAfpPR1tWm-zDFpRP5HbDHhT1-4xoEqPWbCZJ-JLbgkSJYQl4
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Nov 2021 06:10:12 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8289 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBtNqdcfqeiBIhwwyWSuXkr4Qj2OCw0mk7iOXGEoRoib5IywucHZyTYsMT0F5Pi-jvDEoQXw
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame C361 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOMMXRHqgYaWZCaak9u8PupOu4AQAAAAAOAHgBAI&bg=!l5SllNDNAAZQLpa_UC47ACkAdvg8WgQvcEgv1ImEmnP72DRkWIYfrBwOf-YGKDTaUdtKFmRyzaENqQIAAAC2UgAAAAtoAQeZAsiv8B6WMDhM8OG0t4L9xVncz9NNaoWrZDbG_Sn20Y-dVAmNgHNuU-HjEgXI3wYAUo1P6H-u-4hqelYsfCT1Un-Wzzxjlqe5sZXDYr69tik3gsJTrQq1gh16XLAUoeWdzVtLgrlP8QLNc7qbV2H08S8Qd1PevKXAa6rehPycpoIJh493bmth03Z7sSPlxAphQQb8cMcdvvoao_xLKZjHchGuMyXAdG8HvcG9ucd0BrI8zMOsbt1ufc7RJTSm07eQY5ySUEZ-j0yTpbgySWd1Hnjgprosb8y8jxlIC_vVuggaBmIIxpGjlK41p0-EFh38PPibveltVDoycfYfkiBRAosRBQbJwZ-UgRn9dmoSuar2SnkUZRO1WQPKrBldR_-dVU9iQh_Z8lc4gpT3r9H7dmja05rJaPADmgbzAKp4YMWvpgBYG89_5yY2j8efKB0N_philfHB0yxFGOyvbiXRXQddEaZ_K7GG_1OJtYHw5Nd5RF7_uGQQu3qde6ARUqWXPw5ys47H_GW3qNu1mrSjzvj4WpgFBtVcTEDVGZGIJ-mIbM4e5C0w58dktCKu_CZ-h8oRzZf5Qgo97Fgga-mjDyq2ddYjeLnF70UVUOmfUBNYBk2-63ijdCPcC5f9UFmDw2mtrA1-dbXpiAjAYmtr6HeOT_9Ix9yR6_dDVHs0W2tPM6mAnEJ3Sw25-Tg4birUfZHLqrqjP82QVGTJdw0SouS8Tov5sH_N0zAbfjhjgv5z74_jyGkDbtQCZmePJ87ftwHRjALorr4TCTmoHwoKb9fUgANiHoTik7OjfQ_DCBbEzYu4fbPUDa0RVrMkew7z4X0b1N1t_Fi5lal5Q-bE0AH9cgs1WGHTn-vEQtc785MR-tLod72ldgIyObmSU8YuuxicEi7_rNH8-jh_qwJ88xuy10MpVIx--aLOlkUPR5avRT6W6EllJ_Ae
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad.js
z.moatads.com/fallback/ Frame 4F99 		200 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/fallback/ad.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a917f4179203230547c3fcb75808e5360c61fd052e072a851863f574cdcbd7b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:12 GMT
last-modified
Mon, 11 Feb 2019 21:49:15 GMT
server
AmazonS3
x-amz-request-id
8FAB8DB9E5929BC2
etag
"91b3c96c3750422ec5dd1d7c37bc9c00"
content-type
application/x-javascript
cache-control
max-age=33061
accept-ranges
bytes
content-length
200
x-amz-id-2
x/W1uaB3kPSlKurYiyXCZ9l5MmK+gIbwab+TrfNusE3WZ+itPUfURX7fPk7r7CuulEGg7jtKnZY=
moatad.js
z.moatads.com/crystalskiukftdisplaybs363091935889/ Frame DA86 		303 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/crystalskiukftdisplaybs363091935889/moatad.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cf4d00dd42246b7df61786a7be305dda120450aa50373e2c45f6b392ecc211b7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:12 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 14:29:25 GMT
server
AmazonS3
x-amz-request-id
XQKXDQQMSRDHR4WQ
etag
"03aa8e33378c210620474093c63f16ff"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31484
accept-ranges
bytes
content-length
105368
x-amz-id-2
YQqCsYEO666iOe4VTLgqbpUTUjf4xVIkTLp1bLvNU0CpeeAaQx54PBmO5J2qnHJCNwMiJu9FayI=
pixel.gif
px.moatads.com/ Frame DA86 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CRYSTALSKI_UK_FT_DISPLAY1&d=25927350%3A6688358%3A303889082%3ABLOCKED&gw=crystalskiukftdisplay187263321212&bq=0&de=15423522&t=1637907012091&ac=1&ar=0d6bd0b-clean&gu=https%3A%2F%2Frg.ru%2F&id=0&ii=9&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJS=3%3A-&bo=rg.ru&bd=rg.ru&zMoatLT=%7B%22t0%22%3A1637907011706%2C%22ta%22%3A1637907011881%2C%22t1%22%3A1637907011915%2C%22t2%22%3A1637907012090%2C%22t3%22%3A1637907012090%7D&oj=175&gq=23&zMoatDTYPE=0&ob=1&oc=1&oi=4&zMoatGSTS=0&hw=1&gv=gs_business%2Cgs_law_misc%2Cgs_society_misc%2Cgs_politics_misc%2Cgv_crime%2Cgs_entertain%2Cdomain_unsafe%2Cgs_economy_misc%2Cgs_health%2Cgs_covid19%2Cgv_death_injury%2Cgs_health_misc%2Cmoat_unsafe%2Cgv_military&zGSRC=1&na=1445726772&cs=0
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 26 Nov 2021 06:10:12 GMT
ad.png
z.moatads.com/fallback/ Frame 4F99 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z.moatads.com/fallback/ad.png
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef1f342a3e85285f6192a4b04d741a3018a8be6e882da7d9180a869dac3823f8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 06:10:12 GMT
last-modified
Mon, 11 Feb 2019 20:23:54 GMT
server
AmazonS3
x-amz-request-id
49D31C1D0D873285
etag
"52ebe64201143a9c37ce86939fdc09e8"
content-type
image/png
accept-ranges
bytes
content-length
3937
x-amz-id-2
dAbrrL7VAH/ZEGcAu/BQ6XP5+G0ezSIfjiRDK6wOgJR472IymXY3N5B9Qbl2mauJaJ6Iiek2iJ4=
pixel.gif
px.moatads.com/ Frame DA86 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CRYSTALSKI_UK_FT_DISPLAY_BS2&zMoatUrl=https%3A%2F%2Frg.ru%2F&zMoatBSWFFID=_moatApi98144337&zMoatJPCN=MoatHandleJsonpResponse_19749644&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=25927350&zMoatL2=6688358&zMoatL3=303889082&zMoatL4=154638429&zMoatJS=3%3A-&zMoatBo=rg.ru&zMoatBd=rg.ru&zMoatAISJS=1&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0&zMoatLT=%7Bt0%3A1637907011706%2Ct1%3A1637907011915%2Ct2%3A1637907012090%2Ct3%3A1637907012090%2Cta%3A1637907011881%7D&zMoatNL=-&zMoatPRTJ=%7BconnectEnd%3A492%2CconnectStart%3A409%2CdecodedBodySize%3A402%2CdomainLookupEnd%3A409%2CdomainLookupStart%3A367%2Cduration%3A174%2CencodedBodySize%3A402%2CfetchStart%3A367%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A492%2CresponseEnd%3A541%2CresponseStart%3A540%2CsecureConnectionStart%3A431%2CstartTime%3A367%2CtransferSize%3A702%2CworkerStart%3A0%7D&zMoatDUR=175&zMoatF3D9Z4=b&zMoatCHNLS=gs_business%2Cgs_law_misc%2Cgs_society_misc%2Cgs_politics_misc%2Cgv_crime%2Cgs_entertain%2Cdomain_unsafe%2Cgs_economy_misc%2Cgs_health%2Cgs_covid19%2Cgv_death_injury%2Cgs_health_misc%2Cmoat_unsafe%2Cgv_military&zMoatINS=4&zMoatGSCACHE=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frg.ru&lp=https%3A%2F%2Frg.ru&t=1637907012204&de=952273609695&m=0&ar=553ffc12ef5-clean&iw=85376cc&q=2&cb=0&ym=0&cu=1637907012204&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=25927350%3ADBM%20TUI%20UK%201494559211-CSKI_UK_DIS%3A303889082%3A-&zMoatDTYPE=0&zMoatGSE=1&zMoatPRTM=-&zMoatF3D9Z3=-&zMoatPTNS=-&zGSRC=1&gv=gs_business%2Cgs_law_misc%2Cgs_society_misc%2Cgs_politics_misc%2Cgv_crime%2Cgs_entertain%2Cdomain_unsafe%2Cgs_economy_misc%2Cgs_health%2Cgs_covid19%2Cgv_death_injury%2Cgs_health_misc%2Cmoat_unsafe%2Cgv_military&hw=1&gu=https%3A%2F%2Frg.ru%2F&id=0&ii=9&bo=undefined&bd=rg.ru&gq=23&oj=175&gw=crystalskiukftdisplaybs363091935889&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A384&fs=195402&na=1575453427&cs=0
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 26 Nov 2021 06:10:13 GMT
pixel.gif
px.moatads.com/ Frame DA86 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&zMoatUrl=https%3A%2F%2Frg.ru%2F&zMoatBSWFFID=_moatApi98144337&zMoatJPCN=MoatHandleJsonpResponse_19749644&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=25927350&zMoatL2=6688358&zMoatL3=303889082&zMoatL4=154638429&zMoatJS=3%3A-&zMoatBo=rg.ru&zMoatBd=rg.ru&zMoatAISJS=1&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0&zMoatLT=%7Bt0%3A1637907011706%2Ct1%3A1637907011915%2Ct2%3A1637907012090%2Ct3%3A1637907012090%2Cta%3A1637907011881%7D&zMoatNL=-&zMoatPRTJ=%7BconnectEnd%3A492%2CconnectStart%3A409%2CdecodedBodySize%3A402%2CdomainLookupEnd%3A409%2CdomainLookupStart%3A367%2Cduration%3A174%2CencodedBodySize%3A402%2CfetchStart%3A367%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A492%2CresponseEnd%3A541%2CresponseStart%3A540%2CsecureConnectionStart%3A431%2CstartTime%3A367%2CtransferSize%3A702%2CworkerStart%3A0%7D&zMoatDUR=175&zMoatF3D9Z4=b&zMoatCHNLS=gs_business%2Cgs_law_misc%2Cgs_society_misc%2Cgs_politics_misc%2Cgv_crime%2Cgs_entertain%2Cdomain_unsafe%2Cgs_economy_misc%2Cgs_health%2Cgs_covid19%2Cgv_death_injury%2Cgs_health_misc%2Cmoat_unsafe%2Cgv_military&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A99%2CencodedBodySize%3A0%2CfetchStart%3A544%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A643%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A544%2CtransferSize%3A0%2CworkerStart%3A0%7D&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2F582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com%2F%2Fsafeframe%2F1-0-38%2Fhtml%2FIFRAME&i=CRYSTALSKI_UK_FT_DISPLAY_BS2&ol=1459133166&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiIrBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&zGSRC=1&gv=gs_business%2Cgs_law_misc%2Cgs_society_misc%2Cgs_politics_misc%2Cgv_crime%2Cgs_entertain%2Cdomain_unsafe%2Cgs_economy_misc%2Cgs_health%2Cgs_covid19%2Cgv_death_injury%2Cgs_health_misc%2Cmoat_unsafe%2Cgv_military&hw=1&zMoatGSE=1&gu=https%3A%2F%2Frg.ru%2F&id=0&ii=9&f=1&j=https%3A%2F%2Frg.ru&lp=https%3A%2F%2Frg.ru&t=1637907012204&de=952273609695&cu=1637907012204&m=NaN&ar=553ffc12ef5-clean&iw=85376cc&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=604&le=1&gm=1&io=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A384&im=0&in=0&pd=0&em=0&en=0&bu=0&cd=0&ah=0&am=0&rf=0&re=1&cl=0&at=0&d=25927350%3ADBM%20TUI%20UK%201494559211-CSKI_UK_DIS%3A303889082%3A-&bo=undefined&bd=rg.ru&gq=23&zMoatDTYPE=0&oj=175&gw=crystalskiukftdisplaybs363091935889&zMoatF3D9Z3=-&zMoatPTNS=-&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&ti=0&ih=1&tc=0&fs=195402&na=1725073814&cs=0
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 26 Nov 2021 06:10:13 GMT
pixel.gif
px.moatads.com/ Frame DA86 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&zMoatUrl=https%3A%2F%2Frg.ru%2F&zMoatBSWFFID=_moatApi98144337&zMoatJPCN=MoatHandleJsonpResponse_19749644&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=25927350&zMoatL2=6688358&zMoatL3=303889082&zMoatL4=154638429&zMoatJS=3%3A-&zMoatBo=rg.ru&zMoatBd=rg.ru&zMoatAISJS=1&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0&zMoatLT=%7Bt0%3A1637907011706%2Ct1%3A1637907011915%2Ct2%3A1637907012090%2Ct3%3A1637907012090%2Cta%3A1637907011881%7D&zMoatNL=-&zMoatPRTJ=%7BconnectEnd%3A492%2CconnectStart%3A409%2CdecodedBodySize%3A402%2CdomainLookupEnd%3A409%2CdomainLookupStart%3A367%2Cduration%3A174%2CencodedBodySize%3A402%2CfetchStart%3A367%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A492%2CresponseEnd%3A541%2CresponseStart%3A540%2CsecureConnectionStart%3A431%2CstartTime%3A367%2CtransferSize%3A702%2CworkerStart%3A0%7D&zMoatDUR=175&zMoatF3D9Z4=b&zMoatCHNLS=gs_business%2Cgs_law_misc%2Cgs_society_misc%2Cgs_politics_misc%2Cgv_crime%2Cgs_entertain%2Cdomain_unsafe%2Cgs_economy_misc%2Cgs_health%2Cgs_covid19%2Cgv_death_injury%2Cgs_health_misc%2Cmoat_unsafe%2Cgv_military&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A99%2CencodedBodySize%3A0%2CfetchStart%3A544%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A643%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A544%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1637907011549&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CRYSTALSKI_UK_FT_DISPLAY_BS2&ol=1459133166&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiIrBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-tkHTYX5EcAEJWg%3D%3D&sc=1&os=1-sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=600&w=300&zGSRC=1&gv=gs_business%2Cgs_law_misc%2Cgs_society_misc%2Cgs_politics_misc%2Cgv_crime%2Cgs_entertain%2Cdomain_unsafe%2Cgs_economy_misc%2Cgs_health%2Cgs_covid19%2Cgv_death_injury%2Cgs_health_misc%2Cmoat_unsafe%2Cgv_military&hw=1&zMoatGSE=1&gu=https%3A%2F%2Frg.ru%2F&id=0&ii=9&f=1&j=https%3A%2F%2Frg.ru&lp=https%3A%2F%2Frg.ru&t=1637907012204&de=952273609695&cu=1637907012204&m=253&ar=553ffc12ef5-clean&iw=85376cc&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=604&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A384&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=215&cd=0&ah=215&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=25927350%3ADBM%20TUI%20UK%201494559211-CSKI_UK_DIS%3A303889082%3A-&bo=undefined&bd=rg.ru&gq=23&zMoatDTYPE=0&oj=175&gw=crystalskiukftdisplaybs363091935889&zMoatF3D9Z3=-&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=1&tc=0&fs=195402&na=1051487694&cs=0
Requested by
Host: 582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
URL: https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 26 Nov 2021 06:10:13 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmp&hash=c6cb1378db84b157&duid=1637907004608927935&pxo=f4cT_NNfZGnsR46LZwaNNUV-iv6_GP9F9YAQYnif0HgsSZNKfjU6MV1g9c3uPG6dUh5t42k5fB2coUrb51Yqr1F3hF3tOp_6z8s0HVWLuNIQ0Zw7i6Na7scSp7IL_XH29IyY02aH0xWrzMJkIetgqJFNIyIeGyMM2_-DMY_kHg2hJGeQGWE%3D&p5=gdhai&rand=pzqhrj&sj=4z4Zln69DH2Um6dSPrdzlasn96bVdgT5Kx6aPFmR9G3dQo0gOq1TH561nfRrgQ%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjn&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=chfiz&rqs=POaighaSwEhDeqBhX4A6XdbInkHwaQws&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:13 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:13 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmr&hash=3cbcb656d8a5aeba&duid=1637907004608927935&pxo=54dDASc59tRXgaORfaq9_04I3kyWD-R9AhEyVoBZqsvko7zlT-9CcZLB_0kBwWKpm6HokDFJAPnBu7W4iIsZAen9lsGTWhalCEF4DcTYXR0yjPN3s6D2nN6yfP9Cns7o8gmjDbEi02DNATeH5mpBGSN3l4m2y6XXdf1JJMLjEKHdq-FRW_4%3D&p5=gdhai&rand=kcakcnu&sj=aKkj2ZEr38VOPq_VG4muLzxKLsi1NdSIp_IZRlv9L2w5SWKtIT9tj6KaEFqW2Q%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bzqke&rqs=PPahGs_-5Fw9eqBhMxYW9qOLeOkC2ndH&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:15 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmr&hash=95efedae81b01068&duid=1637907004608927935&pxo=I_DPdXmKnIROcqFgJTCV8G7CZNGihc9wkeNi-fyZ3PWzlGtnTbm-E4m03tm6fe_bxd5DAwWzoIyxuk705qbYNqzYKm_-ClMjYR0idUnPk6BuKW-lijvCO5Q-qArsQBznEfjCh45pL52Tb6rKMSd9g6zze92vRCNkikdMCSxUzRhUdWkRacY%3D&p5=gdhai&rand=hnguizq&sj=7VRlxHjgurJTDZMx1d9nh3lDZBGcLjlfq3VAz3vE9IW1iLKo21FzO83rlvOfDA%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvneu&rqs=POaighaSwEg9eqBhpFG9YLbPJc4OCZv4&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:15 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmr&hash=db8c7df11b4c5c0b&duid=1637907004608927935&pxo=IAm924wwL7uLi0fVMHOrcqGLLQUlhuSNW5Ys-_2HXhD2o1ynzpw8gwJTB6ZVKhnA8XV-nC2-WTd_QpjLkBz7ZUz96pQqW60PzcR6Evhk3IBTY_bG-I0lOf-fb-49sPz9SrI4tyvnVhWODDDAQ8osYC599FlirS-9NwMju3D_4I3YCsOcp9M%3D&p5=gdhai&rand=ctmakpk&sj=GrVsVdkOJ9U08ZYCWMqJY9MUXREsmfIEGwQhniX7Gl1BAQ04Tigui4jIUB3xOg%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435686000661&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvpww&rqs=POaighaSwEg9eqBh2COz6xqagxemaBrU&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:15 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmr&hash=0ea11d4a3fcfa8c1&duid=1637907004608927935&pxo=xDMYnMcop6_TUj4FbHnalWlNvp2l4IZ_V1ICVRgmOoBACgXrz2yUHDTnr8YJjo99qxNwzKBJfeV11zMhqxUxSsj-gIqmibjI1jmtZIJKDRHQLpZRKl6bmtL3DajZqpZ93Ok61HwY2_heeN-aktEV1Jv71ui4rS0WEy62eLQl54jpEN9Xz5o%3D&p5=gdhai&rand=vrnimx&sj=_wr7lK1zx1UlgMJa3Zyy4Ly8kNkHLmne4CKLxeOinQth_v5QkhMMOoxtbgpWhw%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjh&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=bvobk&rqs=POaighaSwEg9eqBhPJj61zH5Id4yuY-l&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:15 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmq&hash=c7d82bc76de076f1&duid=1637907004608927935&pxo=f4cT_NNfZGnsR46LZwaNNUV-iv6_GP9F9YAQYnif0HgsSZNKfjU6MV1g9c3uPG6dUh5t42k5fB2coUrb51Yqr1F3hF3tOp_6z8s0HVWLuNIQ0Zw7i6Na7scSp7IL_XH29IyY02aH0xWrzMJkIetgqJFNIyIeGyMM2_-DMY_kHg2hJGeQGWE%3D&p5=gdhai&rand=fmqgaqi&sj=4z4Zln69DH2Um6dSPrdzlasn96bVdgT5Kx6aPFmR9G3dQo0gOq1TH561nfRrgQ%3D%3D&ad-session-id=6991771637907003995&utg=bdvoy&lts=fhwfzjn&ytt=148435685869589&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=icpfivz&p1=chfiz&rqs=POaighaSwEhDeqBhX4A6XdbInkHwaQws&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 06:10:16 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 06:10:16 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.1dmp.io
URL
https://static.1dmp.io/tm.js?id=78c12ed7-f586-4fe6-a75f-3a9ff1918f54
Domain
nativeroll-sync.rutarget.ru
URL
https://nativeroll-sync.rutarget.ru/sync
Domain
dm.hybrid.ai
URL
https://dm.hybrid.ai/bobid/features
Domain
ad.mail.ru
URL
https://ad.mail.ru/dist/vkAuth.html
Domain
ad.mail.ru
URL
https://ad.mail.ru/adq/?callback=mailru_ad1637907009088&q=199847&vk=0&_=685212062

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| RG function| $ function| jQuery object| YaHeaderBiddingSettings function| _ function| Ractive object| PubSub function| moment function| Cookies object| Lockr function| Quill string| fotoramaVersion boolean| mCustomScrollbar object| jQuery111304020749321482835 object| lsbridge function| Waypoint function| io object| tingle function| fetchJsonp object| pbjs function| _toConsumableArray function| _classCallCheck function| _createClass function| _extends function| _typeof number| $scrollTop number| $windowHeight number| $windowWidth number| $currentWindowWidth string| GoogleAnalyticsObject function| ga object| core object| __core-js_shared__ object| firebase object| rutarget object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackChunkrelap_widgets object| perfTiming function| relapSendStorageAvailability object| preinitScope object| Ya object| pcodeJsonp49422TXG1FdQQcA number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| __activeTestIds object| __pcodeAllActiveTestIds object| ya object| yandexZenAsyncCallbacks object| t object| s function| Hammer object| AdfoxOuterData object| dmpkitdl object| ShareResponse object| _tmr function| ym object| Criteo boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions object| SPKLW undefined| callbackPartners function| _jsload object| jsapi object| ttsmi2_data object| smi2TrackerSend object| __statmedia_callbacks object| _mgIntExchangeNews object| LentaInformInfC1140036 function| LentaInformCContextBlock1140036 function| LentaInformCMainBlock1140036 function| LentaInformCInternalExchangeBlock1140036 function| LentaInformCRejectBlock1140036 function| LentaInformCCriteoBlock1140036 function| LentaInformCInternalExchangeLoggerBlock1140036 function| LentaInformCObserverBlock1140036 function| LentaInformCSendDimensionsBlock1140036 function| LentaInformCRtbBlock1140036 function| LentaInformCDiscountBlock1140036 function| LentaInformCContentPreviewBlock1140036 boolean| mg_loaded_706556_1140036 object| yaCounter22322746 object| seedrInit function| SeedrPlayer number| _mt_rnd string| _mt_referrer string| _mt_location function| _MT_jsLoadDelayed object| googletag object| criteo_pubtag object| criteo_pubtag_116 object| Criteo_116 object| relapCbRegistry object| relapAPI object| relapTasks object| __statmedia object| T function| StatMedia object| statmedia37846 object| yaCounter29789 object| jsapi_ object| JsAPI boolean| seedrAdBlock object| e33picq5gvl4 object| closure_lm_277609 function| nrReport object| __uspClient object| __cmpClient function| getCompvideoviads function| secondInitnoviads function| passViads string| __placeId string| __classImage function| __setAdContainer function| __setAdScript object| images object| _tx function| avPlayer function| viadsClosePlayer object| onClickExcludes function| mgReject1140036 function| mgLoadAds1140036_12f99 function| LentaInformCReject1140036 function| LentaInformLoadGoods1140036_12f99 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint706556 string| _mgPvid function| MVPT object| moevideoQueue function| getCompvideomoevideo function| secondInitnomoevideo function| runStub function| runStubcomplete boolean| _mgPageView706556 function| Hls object| webpackChunkdelivery_content object| storageAni string| viPlayerStatus object| moevideo object| $jscomp object| HybridBobId object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| LoadCriteoAllPlaces1140036_12f99 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgRequests number| google_global_correlator object| closure_lm_417397 object| closure_lm_916086 object| layoutConfig function| getCompnr function| secondInitnr object| yaCounter453595 object| yaCounter71281900 object| closure_lm_188663 function| on function| once function| off

199 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
rg.ru/2021/11/25 Name: seedr_cid
Value: 1017c9ae-89f8-4cf2-b6de-4fab45d6b0b9
bs.serving-sys.com/Serving Name: S_1077259053
Value: 7393158847440972347
.mediatoday.ru/core Name: idntfy
Value: VOta5ik8v8t2Dmu
.instreamvideo.ru/core Name: idntfy
Value: VOta5ik8v8t2Dmu
.rg.ru/ Name: uidtrack
Value: wr4l4mGgejskUAoddyrzAg==
.rg.ru/ Name: _ga
Value: GA1.2.370508847.1637907004
.rg.ru/ Name: _gid
Value: GA1.2.2046267680.1637907004
.rg.ru/ Name: _gat_digital
Value: 1
.adfox.ru/ Name: luid1
Value: nkg:wuj:nkg:wuj:a
.adfox.ru/ Name: luid1_ts
Value: fhwfzjg:fhwfzjg
.rg.ru/ Name: rguniqueid
Value: 5874213e5f5a10fd07cc9d5d630a9cd4
.rg.ru/ Name: _gat_customGaScope_0
Value: 1
.rg.ru/ Name: _gat
Value: 1
.rg.ru/ Name: _gat_site
Value: 1
rg.ru/ Name: promo_fullscreen
Value: 1
.smi2.ru/ Name: _sm_uid
Value: 68e0925a-b77d-46de-bc1c-6a97e98ad605
.smi2.ru/ Name: _sm_udt
Value: 1637907004646
.smi2.ru/ Name: _sm_sid
Value: f8acecd3-1e0b-4504-8061-d8d395f4102e
.smi2.ru/ Name: nid
Value: ads5-1smir11
.otm-r.com/ Name: mpid
Value: NjFhMDdhM2MwYzYwMjY5NQ==
.exchange.buzzoola.com/ Name: uuid
Value: cfa6ae27-0e17-4700-7e49-578f587154bb
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.yadro.ru/ Name: FTID
Value: 1Xe7ey1cMbOD1Xe7ey000GLx
.rg.ru/ Name: tmr_lvid
Value: e57a94c0f85227f3fc2fecbf6e4b5b3a
.rg.ru/ Name: tmr_lvidTS
Value: 1637907004290
.rg.ru/ Name: tmr_reqNum
Value: 1
.betweendigital.com/ Name: tuuid
Value: 48d4807e-4c47-534a-8f44-d55ceee4af60
.rg.ru/ Name: _ym_uid
Value: 1637907004608927935
.rg.ru/ Name: _ym_d
Value: 1637907004
.yadro.ru/ Name: VID
Value: 0hG-2o1ocweD1Xe7ey000GTR
.tns-counter.ru/ Name: guid
Value: 3503693261A07A3CX1637907004
mc.yandex.ru/ Name: yabs-sid
Value: 2249840241637907004
.rg.ru/ Name: _ym_isad
Value: 2
.relap.io/ Name: fsts
Value: 1637907004
.relap.io/ Name: rlprp
Value: eZJFUg--6f79badecc2374dd0949d76ce63464132467d72e62b6c85b07112fe12efcdb97
.relap.io/ Name: 3rdpce
Value: 1
.rg.ru/ Name: _ym_visorc
Value: b
.relap.io/ Name: unique
Value: fd4UhV6S
.relap.io/ Name: suid
Value: d019b98b16ef97bd49dcb1c8ecd520804a643d62--4ba819e275c944632fbc98782565d93b0187270b4d8d6d057730c4496272c607
.lijit.com/ Name: ljt_reader
Value: 99cffbe32fc8061e1cfec5ce
.bidswitch.net/ Name: tuuid
Value: d9472326-3f72-43ef-915b-ee22abeb2c51
.bidswitch.net/ Name: c
Value: 1637907005
.bidswitch.net/ Name: tuuid_lu
Value: 1637907005
.adhigh.net/ Name: gi_u
Value: usLbcellYKCe.AikABlF9Wt1_QA
.yandex.ru/ Name: yandexuid
Value: 5242350591637907004
.yandex.ru/ Name: ymex
Value: 1669443005.yrts.1637907005#1669443005.yrtsi.1637907005
.stat.media/ Name: _sm_uid
Value: 68e0925a-b77d-46de-bc1c-6a97e98ad605
.stat.media/ Name: _sm_udt
Value: 1637907004646
.stat.media/ Name: _sm_sid
Value: f8acecd3-1e0b-4504-8061-d8d395f4102e
.stat.media/ Name: _sm_cm
Value: 6
.adhigh.net/ Name: btw_sync
Value: IGg
.yandex.ru/ Name: yuidss
Value: 5242350591637907004
.yandex.ru/ Name: i
Value: IJpXXfpNzGxSeWzXang0pAjAxpfT9ARwdU0PYBZHfHGE/E2Yxra8JRe1FCoyU8vgTMXlEjTb8eXl3cJtPOAVjDHZ4sw=
.idntfy.ru/ Name: idntfy
Value: VOta5ik8v8t2Dmu
.adsniper.ru/ Name: uuid3
Value: IiQ3ZmU0OTkxZS00ZTdmLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.relap.io/ Name: hllc
Value: 2
.relap.io/ Name: rlpagcs
Value: eyJ1aWQiOiJDTU1YY0ZOQ2V6UjlHdDZiIHlZblltamc9PSIsInRzIjoxNjM3OTA3MDA1fQ--a206e25b33838b37d6ff3e96459d297e84d49c4314ea46188f0cf39ca4073e2d
.creative-serving.com/ Name: tuuid
Value: fc382313-402e-4cbd-bf8a-a8783a2021b6
.creative-serving.com/ Name: c
Value: 1637907005
.creative-serving.com/ Name: tuuid_lu
Value: 1637907005
.viadata.store/ Name: viads_uid
Value: 0d4a14c2-6b6d-4071-ae04-45c48b0fcbfc
.bumlam.com/ Name: suuid3
Value: IiQ3ZmU0OTkxZS00ZTdmLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
pool.admedo.com/ Name: tuuid
Value: 63ad473b-2880-49f7-b50b-cc6a9e3c4a8c
pool.admedo.com/ Name: c
Value: 1637907005
.relap.io/ Name: rlpisvcs
Value: eyJ1aWQiOiJWT3RhNWlrOHY4dDJEbXUiLCJ0cyI6MTYzNzkwNzAwNX0--bef3131c409aebc8013e188634196ccc4c1729319cc08a6b955f4e5404a4972c
pool.admedo.com/ Name: tuuid_lu
Value: 1637907006
.mail.ru/ Name: VID
Value: 0BQL6Q0m4SY600000Y14H4I6:::0-0-0-6bad2fc:CAASEJ_1928K3i4R_JQSKsozH6gaYNEtOuRufp-EXwbOXUrNSP0Q-6iPk6b6ggxAb_DTdaeQ1r6Pzyi-bQDcdehrE1MYCXzxfOBhIZFAhd5dE9b-Wb0daze329FcJTl3Oi0OI43wxRf-JmhwhRXKhs1X8zetzw
.weborama.fr/ Name: AFFICHE_W
Value: S81SHH7s9QNL78
.1dmp.io/ Name: uid
Value: 80548a80-4e7f-11ec-ae6b-901b0ea4a41b
.ops.beeline.ru/ Name: BeeAID
Value: 38c84868-d1fe-46bd-a4c1-6a1591e4df8b
.adriver.ru/ Name: cid
Value: AHRegIF2TTmeIn0mf66KH2Q
.aidata.io/ Name: __upints
Value: 1637907006
.wi-fi.ru/ Name: dmpuid
Value: o6P8AmHRSGyFDHDSZFV2wQ
.nativeroll.tv/ Name: cid
Value: 1017c9ae-89f8-4cf2-b6de-4fab45d6b0b9
.nativeroll.tv/ Name: wdata[social_class]
Value: 0
.nativeroll.tv/ Name: wdata[age]
Value: 0
.nativeroll.tv/ Name: wdata[gender]
Value: 0
.nativeroll.tv/ Name: wdata[expire]
Value: 1637914206
.nativeroll.tv/ Name: nr[expire]
Value: 1638079806
.aidata.io/ Name: __upin
Value: D6YpWSpK7WcfeZqUD+FAjw
.relap.io/ Name: rlpvp
Value: eZJFUg--975c6075d6f293646149c08270ebbf47ea641d543cd2fa172c505bfff9f8464d
.relap.io/ Name: rlpdp
Value: S1dqZU9nAQ--08e1122a21dae5ceda8d9eeba54a29173a68837ccab536957356dba4d99ceae6
.relap.io/ Name: rlpvff
Value: 7RpEUgc1KVI-eqBhAAFnmQkAPnqgYQEBOR9JUj56oGEAAdu9PlI-eqBhAAE--8ced9f0217e56cd60a94699e789b9950aaf56d2a5cbfc808668825ba6bcac0e9
cstatic.weborama.fr/ Name: _xttrk2_ids_sync
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_ids
Value: 1
cstatic.weborama.fr/ Name: _xttrk2
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_mpub
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_uk
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUn_QtxoCuOCkI3mbpDAS13GIl5Po1TNyVhni1wZgHS5jQzvKgWVxVBsTIFIFJg
.tapad.com/ Name: TapAd_TS
Value: 1637907006953
.tapad.com/ Name: TapAd_DID
Value: 19c8a096-c6e3-416c-97b5-ffd9b9da07d8
.rlcdn.com/ Name: rlas3
Value: 5cf31v9ODY/meZ05qzd5owfvY+RJ72Gv/BqycZkm2Gk=
.rlcdn.com/ Name: pxrc
Value: CAA=
.weborama.com/ Name: wui
Value: E57439D2-1F55-4074-9761-B88798FA8B3C
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 28931708-65E3-4CF2-B0AD-C66C1735255F
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
servicer.lentainform.com/ Name: __mglb
Value: b77c90ace61932b85ead847cc0fcb78b
.lentainform.com/ Name: muidn
Value: lap7fPD6RZam
.weborama.com/ Name: wam-sync
Value: ok
.sniperlog.ru/ Name: guid
Value: DFF1A0F455B52F2A
.amazon-adsystem.com/ Name: ad-id
Value: Az7YmIB-DE76p8J6IXOVcmI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.viadata.store/ Name: viads_sc
Value: %7B%220%22%3A1637907007%2C%2230%22%3A1637907007%2C%2227%22%3A1637907007%7D
rg.ru/ Name: tmr_detect
Value: 0%7C1637907006952
rg.ru/ Name: LentaInformStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1140036%22%3A%7B%22page%22%3A1%2C%22time%22%3A1637907007014%7D%7D
adx.com.ru/ Name: yabbi-user
Value: 61a07a3ff0e015867d94ab7d
.spotxchange.com/ Name: audience
Value: 812f4023-4e7f-11ec-9614-1bce7de30206
.dmg.digitaltarget.ru/ Name: viuserid
Value: pZvrXqNrx4yVTBi7i-a-
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: COC+ehCRUxgB
.rutarget.ru/ Name: userId
Value: OOb-B9bI6hFl
.rktch.com/ Name: b_uid
Value: 29e47450d5a2fac7e6038b57561c0dd8e6c8
.casalemedia.com/ Name: CMPS
Value: 698
cm.lentainform.com/ Name: mg_sync
Value: {"433147":1637907007}
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hbx_C`7L!1yIE`fS1ueD1W-044)d+]Uf0q@1#tAFX7sDL0aCWI95RTag#R0zj-?Dp]?W9RFMZ9T5_m!x(Bv)]`tD
.casalemedia.com/ Name: CMID
Value: YaB6P22zOleo0tMOV6DJyQAA
.casalemedia.com/ Name: CMPRO
Value: 327
.casalemedia.com/ Name: CMST
Value: YaB6QGGgekAA
.casalemedia.com/ Name: CMRUM3
Value: 2d61a07a402760CAESEFti-nYqR6qh2F7ruIlcM08
.adnxs.com/ Name: uuid2
Value: 4863743292323822385
playreplay.me/ Name: mvuid
Value: 0f94e05973351ac47009
playreplay.me/ Name: mvsid
Value: 7b43e501-20b6-4136-a74e-492f4db931f5
.mgid.com/ Name: muidn
Value: lap7fPD6RZam
.mgid.com/ Name: __cf_bm
Value: 9KPE0urTOThUs0AuBpFv.Yo8FRvSJdx5TAaaVFJ3d0Q-1637907008-0-AW41UrYEPQTGVM1SNVfhow8XuDpearZ1P20T81K6xI9n/YP5gYegpeBxyBJZH/F/jLjL6lMCxyLCsMrzhmdE1F0=
.hybrid.ai/ Name: vid
Value: 0d82f69d2702b6784349
moevideo.biz/ Name: mvuid
Value: 0f94e05973351ac47009
moevideo.biz/ Name: mvsid
Value: 7b43e501-20b6-4136-a74e-492f4db931f5
thesame.tv/ Name: mvuid
Value: 0f94e05973351ac47009
thesame.tv/ Name: mvsid
Value: 7b43e501-20b6-4136-a74e-492f4db931f5
cs-0.moevideo.biz/ Name: mvuid
Value: 0f94e05973351ac47009
cs-0.moevideo.biz/ Name: mvsid
Value: 7b43e501-20b6-4136-a74e-492f4db931f5
playreplay.net/ Name: mvuid
Value: 0f94e05973351ac47009
playreplay.net/ Name: mvsid
Value: 7b43e501-20b6-4136-a74e-492f4db931f5
eda.video/ Name: mvuid
Value: 0f94e05973351ac47009
eda.video/ Name: mvsid
Value: 7b43e501-20b6-4136-a74e-492f4db931f5
ssp.bidvol.com/ Name: bvuid
Value: no6hpg57we
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWGgekIfAgSfMGmwAom6PFjrNFR4n7ZrCt7sEyK0P8EY
.adx.opera.com/ Name: UID
Value: d482294b72b54ec9a4942cc816310da7
.acint.net/ Name: cSyncDp7v2
Value: 1637907010
.acint.net/ Name: cSyncDp14v3
Value: 1637907010
.acint.net/ Name: cSyncDp17
Value: 1637907010
.acint.net/ Name: cSyncDp32
Value: 1637907010
.acint.net/ Name: cSyncDp45v3
Value: 1637907010
.acint.net/ Name: cSyncDp53
Value: 1637907010
.acint.net/ Name: cSyncDp54v2
Value: 1637907010
.acint.net/ Name: cSyncDp62
Value: 1637907010
.acint.net/ Name: cSyncDp67v2
Value: 1637907010
.acint.net/ Name: cSyncDp68
Value: 1637907010
.acint.net/ Name: cSyncDp77
Value: 1637907010
.acint.net/ Name: cSyncDp84
Value: 1637907010
.acint.net/ Name: cSyncDp85
Value: 1637907010
.acint.net/ Name: cSyncDp88
Value: 1637907010
.acint.net/ Name: cSyncDp95v2
Value: 1637907010
.acint.net/ Name: cSyncDp101
Value: 1637907010
.acint.net/ Name: cSyncDp104v2
Value: 1637907010
.acint.net/ Name: cSyncDp107
Value: 1637907010
.acint.net/ Name: cSyncDp110
Value: 1637907010
.acint.net/ Name: cSyncDp111v2
Value: 1637907010
.acint.net/ Name: cSyncDp112v2
Value: 1637907010
.acint.net/ Name: cSyncDp125v2
Value: 1637907010
.acint.net/ Name: cSyncDp126
Value: 1637907010
.acint.net/ Name: cSyncDp127
Value: 1637907010
.acint.net/ Name: cSyncDp129
Value: 1637907010
.acint.net/ Name: cSyncDp136
Value: 1637907010
.acint.net/ Name: cSyncDp138
Value: 1637907010
.acint.net/ Name: cSyncDp144
Value: 1637907010
.acint.net/ Name: cSyncDp146
Value: 1637907010
.acint.net/ Name: cSyncDp149
Value: 1637907010
.acint.net/ Name: cSyncDp151
Value: 1637907010
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWGgekIr2QAYgpc7AtNrp3mP8COj7f0Unj+Ius/ocBPs
.adhigh.net/ Name: sape_sync
Value: IGg
x01.aidata.io/ Name: mts
Value: 1
.relap.io/ Name: lsts
Value: 1637907010
.relap.io/ Name: rlpsprcs
Value: eyJ0cyI6MTYzNzkwNzAxMCwidWlkIjoiMDEwMDAwN0Y0MjdBQTA2MTlGMDQwMjFGMDJCMDY5MzAifQ--0c6888ee4b9d8b01a6ce6d6a8235d359ddcbae0969c106d79ea55ecf2c6b5527
.betweendigital.com/ Name: ut
Value: YaB6QgAKxdCLIHgS3F7yotXMVbCxTn6PIdM-_g==
.rg.ru/ Name: __gads
Value: ID=405a5082a0807474:T=1637907006:S=ALNI_MZLsSkdY_ZJ91lA4aPufGj_xE4M8w
.utraff.com/ Name: preutid
Value: 1
.republer.com/ Name: ruid
Value: 9d442c0b-cd38-4941-8941-bcde7a536ada
.uuidksinc.net/ Name: jcsuuid
Value: HsOASYgJtSpEvso8KLl6
.mts.ru/ Name: dspid
Value: 9251fb2a-963b-4026-9860-f159e9d39aaf
prodmp.ru/ Name: rai
Value: 1877fb55d10fb37794a0a0ab14043ba5
.gnezdo.ru/ Name: uid
Value: XV9maWGgekNxN5j56h86Ag==
.advarkads.com/ Name: u
Value: EAIuQQYIwUiPZviZTjZaJA
.mts.ru/ Name: mts_id_last_sync
Value: 1637907011
.mts.ru/ Name: mts_id
Value: 6f632988-1e69-4741-b22d-f783c3b35f22
.serving-sys.com/ Name: A6
Value: 10I1HkvVV61006CX000000000
.serving-sys.com/ Name: u2
Value: f40a53a9-d2dc-4f1b-a9b3-d9ce933077ff4Ed060
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b8675657-4c03-447d-98e4-aa17a0469e85-003%22%7D
.adfarm1.adition.com/ Name: UserID1
Value: 7034757050440349848
.mathtag.com/ Name: uuid
Value: 2f2d61a0-7a44-4800-a4f8-a5a78ce6aa37
.mathtag.com/ Name: mt_mop
Value: 4:1637907012
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b8675657-4c03-447d-98e4-aa17a0469e85-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aintmIt3er76AxvPABp45X1ZdBXOb3EbX0FyVZbZckqkSq0YZbWtkQWUeZbZa0AkWLOZamjJG5pIrvqTHXgxFVCrUSVT8r1

7 Console Messages

Source Level URL
Text
network error URL: https://front.rg.ru/geo/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://relap.io/cookie_checker?_s=Se8ZOg&callback=window.relapCbRegistry.relapCb3726436645
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nativeroll-sync.rutarget.ru/sync
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 547)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://an.yandex.ru/setud/mts_banner/x6HQ5YD6RYay0-t16MPQ2A?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DD6YpWSpK7WcfeZqUD%252BFAjw&sign=632206556
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://z.moatads.com/crystalskiukftdisplaybs363091935889/moatad.js(Line 132)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f427aa0619f04021f02b06930-sp.ops.beeline.ru
09a1ae2b3e114ef6ac1c767b0a888984.safeframe.googlesyndication.com
542c324d60275ff1d95c45e141b7fb7a.safeframe.googlesyndication.com
582f0b208f16c01b12da094f05835b2e.safeframe.googlesyndication.com
5f64ec0225f24ee931b8acb7a4b59cd9.safeframe.googlesyndication.com
a.tribalfusion.com
a.utraff.com
aax-eu.amazon-adsystem.com
acint.net
ad.adopx.net
ad.adriver.ru
ad.invamia.com
ad.mail.ru
ad.mediawayss.com
ad.mox.tv
ad.outstream.today
ad.vidver.to
ad.vidverto.io
ade.googlesyndication.com
adfox-c2s-ams.creativecdn.com
adlmerge.com
ads.adfox.ru
ads.adlook.me
ads.betweendigital.com
ads.creative-serving.com
adservice.google.co.uk
adservice.google.com
adx.com.ru
ajax.googleapis.com
am-0.moevideo.biz
an.yandex.ru
ap.lijit.com
api.advarkads.com
autocounter.lentainform.com
avatars.mds.yandex.net
banners.adfox.ru
bid.g.doubleclick.net
bidder.criteo.com
bs.serving-sys.com
c.lentainform.com
cache.betweendigital.com
cdn-rtb.sape.ru
cdn.ampproject.org
cdn.lentainform.com
cdn.relap.io
cdn.rutarget.ru
cdn.viadata.store
cdn01.nativeroll.tv
cdn01.seedr.com
cdn02.nativeroll.tv
cdnimg.rg.ru
cdnjs.cloudflare.com
clientside-video-bidder.rutarget.ru
cm.adform.net
cm.g.doubleclick.net
cm.lentainform.com
cm.mgid.com
cm.p.altergeo.ru
code.createjs.com
counter.yadro.ru
cs-0.moevideo.biz
csi.gstatic.com
cstatic.weborama.fr
dm-eu.hybrid.ai
dm.hybrid.ai
dmg.digitaltarget.ru
ds.frontend.weborama.fr
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dx.frontend.weborama.com
eda.video
eus.rubiconproject.com
exchange.buzzoola.com
f2b82955d098be6ad966467258a63f5b.safeframe.googlesyndication.com
favicon.yandex.net
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
fp.hybrid.ai
front.rg.ru
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbe199.hybrid.ai
ib.adnxs.com
idntfy.ru
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
instreamvideo.ru
jsc.lentainform.com
logs.viadata.store
match.new-programmatic.com
matchid.adfox.yandex.ru
mb.moatads.com
mc.yandex.ru
mediatoday.ru
moe.video
moevideo.biz
nativeroll-sync.rutarget.ru
onetag-sys.com
pagead2.googlesyndication.com
pb.adriver.ru
pixel.rubiconproject.com
pixel.tapad.com
pl.viadata.store
playreplay.me
playreplay.net
pool.admedo.com
prodmp.ru
pubads.g.doubleclick.net
px.adhigh.net
px.moatads.com
r2---sn-aigzrn7z.c.2mdn.net
redirect.frontend.weborama.fr
relap.io
rg.ru
rs.mail.ru
rtb-msk-2.viadata.store
s-img.lentainform.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s3.advarkads.com
sape-sync.rutarget.ru
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.lentainform.com
sm.rtb.mts.ru
smi2.net
smi2.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bidvol.com
ssp.hbrd.io
ssp.hybrid.ai
st.hbrd.io
stat.adlabs.ru
stat.media
static.1dmp.io
static.criteo.net
static.smi2.net
static1.smi2.net
static2.smi2.net
static3.smi2.net
static5.smi2.net
static6.smi2.net
static8.smi2.net
stats.g.doubleclick.net
statsa.nativeroll.tv
statsb.nativeroll.tv
sync.1dmp.io
sync.1rx.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.mathtag.com
sync.republer.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
tag.digitaltarget.ru
target.smi2.ru
tech.rtb.mts.ru
thesame.tv
tms.dmp.wi-fi.ru
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
us-u.openx.net
ut.rktch.com
viadata.store
vomqvllrvahc3ei-mdt.ops.beeline.ru
vota5ik8v8t2dmu-mdt.ops.beeline.ru
vtg1.rktch.com
wam-google.solution.weborama.fr
wf.frontend.weborama.fr
widgets.sprinklecontent.com
www.acint.net
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
yhb.p.otm-r.com
ysa-static.passport.yandex.ru
z.moatads.com
zen.yandex.ru
ad.mail.ru
dm.hybrid.ai
nativeroll-sync.rutarget.ru
static.1dmp.io
104.109.78.125
104.111.242.245
104.19.136.78
104.19.216.61
104.19.217.61
109.248.237.36
116.202.82.143
13.225.78.32
138.201.139.144
138.201.55.243
138.201.55.248
142.250.184.194
142.250.185.130
142.250.186.34
142.250.186.98
146.185.195.92
148.251.9.22
151.236.71.82
168.119.8.212
176.99.5.169
178.250.2.131
18.192.161.141
18.193.195.133
18.196.18.238
185.137.232.40
185.15.175.130
185.15.175.146
185.162.95.86
185.165.240.175
185.180.220.208
185.180.223.221
185.180.223.67
185.180.43.83
185.184.8.65
185.29.132.241
185.94.180.125
188.34.131.134
188.42.29.80
190.2.153.150
193.106.92.202
193.232.148.140
194.190.117.93
194.190.23.28
194.190.37.226
195.201.152.107
195.201.243.72
195.209.108.37
195.209.111.22
195.54.48.25
198.47.127.19
2.18.234.21
2.18.235.40
2.19.35.65
2001:4860:4802:32::3
2001:6d0:4001::226
212.8.250.228
213.19.147.44
213.87.44.187
216.58.212.162
217.65.2.150
217.66.147.170
217.69.133.145
23.111.115.172
23.111.115.236
23.111.115.244
23.111.119.12
23.111.211.20
2606:4700:10::6816:457
2606:4700:3039::6815:c0be
2606:4700::6810:135e
2606:4700::6812:c05
2a00:1148:db00::17
2a00:1450:4001:801::2001
2a00:1450:4001:801::2003
2a00:1450:4001:803::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c0d::9c
2a00:1450:401f:4::7
2a02:24b0:300:2::1
2a02:2638::3
2a02:26f0:6c00::210:ba2a
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::211
2a02:6b8::2:158
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a02:6ea0:c700::1
2a02:6ea0:c700::2
2a03:90c0:41:2801::254
31.172.81.159
31.172.81.172
31.220.27.134
34.117.231.160
34.98.64.218
35.190.16.14
35.201.80.102
35.201.81.244
35.210.53.219
35.227.248.159
35.244.174.68
35.244.223.69
37.157.2.237
37.18.103.21
37.18.16.17
37.18.16.22
37.18.16.6
37.252.173.27
37.9.245.57
46.4.114.109
46.46.165.171
5.200.44.35
5.9.141.118
51.75.86.98
52.31.222.185
54.239.38.253
65.108.1.47
69.173.144.139
69.173.144.165
72.251.249.13
74.125.140.155
77.88.21.179
78.41.109.15
80.64.106.148
80.64.106.152
81.222.128.214
82.145.213.8
82.202.225.227
82.202.225.240
85.114.159.93
88.212.201.210
88.212.234.124
88.212.234.52
88.212.252.73
88.99.129.243
88.99.129.244
88.99.213.228
89.108.119.28
89.108.97.2
91.220.120.21
92.223.103.202
92.223.103.218
92.223.103.54
92.223.103.7
92.223.106.16
92.38.138.107
92.38.138.27
93.184.221.133
93.95.102.105
95.163.37.253
95.163.37.254
95.181.171.233
95.211.66.35
96.46.186.57
0042d508c0caeb7dc0fe620937e0edd5ec719587315f3cfe76d020341d2a9cb5
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
0483649b6a0fdaab8c2ec74f373b38c32800ca61bbdd89d4af9536ada154f8b4
057090af1ce176b28f05a1f3ae3a5b7d7ba8e4fbc2ddb3a0a4c6a9a7627c5f1b
06017f88e4ad82823dee96e0cfa038604f18ceacc9805dbfc6742c84a4fddb98
06ff05da654aafd185cbc53f9121809602b4d9bdb3bb3aa697c6199a36dc0541
08253cee753658d9e49739cb2ae61cb99cde444cd5ee4d8fed2f08a1620dc8f9
08c708c8c10055875df8a95bfa487326945b3444a1af798b7703b46a3c39f570
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0980c84f480a7ce75347815b0e8d7d523158ffa820a75f9aef79c4ead3a1868d
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb417968ba7450c22cb3ba8dd9b22c95a5ec077164d5b85684ee142ad93f953
0cc977ac733b360ff4bb7f4ee86723a854a8d43d3d998878b675d891ff738cfc
0d2ccfb1ceafcd7927fe5b1febcdcffcb1a69a5e91c9efc7b8a6486b58e1f757
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0fa17907e1c98d916e515dcaa207c77aab5846ad2b9417fdb95ff721fb00dbd0
115efdeb351fcfa7961fe34ca2ad4919c88cbd5a92cd4a0c6f8af8ec749896d2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14bb9a281eb7801192a0228d1b5b55753ffdf0a3a6d772b5a6dc1644d8b0ae1b
1512ceae7357bbb30a0e5513fb0aada7a37b73f53e60ca9fd0b6dbb0f3af1396
15a9a894edb144de090cefb13a365c185860e462310de2f379c20fc0bb8a1f6b
17b96d67dbd77d0fa20d6f83b56d8ad6e3cdd45f5a14d8c755e9a3a83f6a8e8f
17cca1ca98461fed6c8f14c2ea54c8291ede3a8962df8ce7a3450c255ba32126
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1c2bfe9d772c7b1180eae8a5d34e74eef4b2f7f1b3eee42efef6bc9ce7148a09
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1ecc1911e40ecfd3c2e41f99a0712bedf87eea14e6f89d7b6c232c111c2e2ee8
1eec55342d3c385315e63c367aa6c5fdabbdb33f1ef7a9f0ba3c0df8691576d8
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f75b50975fa775ad330267def21c59c07e495ba35387ae3afe68b95da0114a6
1fbc3131fbf7583bd17f40fd352ea0870275d92acfbd2b304397aa77686e6fc5
202ed59e544d078fce2811123a66ce5614ac9317f3f509e53562c44d0d69b93e
20fda92f80716527a18dc4e6542c3465c0577d2c26df2c385a009679e2b065f5
248110270bdff27930d92c3947525114f7e690150242fac2e955a5304a059ed2
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
266d26c45034edc39f4113daa71c0916e4602d34f74378c4871ff94a369a72d8
27d95c533d5095fbe93d49f258734b6b59358d88f1ed6628e529fbaf12471475
280c333130164f5b0f3a096e220434eb33e1115b6cf9fce41a10e502f29e7dba
28136aa193424d3e563327e7f8ee30cc0bcd5f08a413c080bda978dcecd679bb
2868724fe077cabcb342fc23c4821cf7a0632c96345ee8315ebe466d3c94777e
28b1ecd782783d2b7167933b3cfc16ccdad2efabafaab59fd7370c47e81f17a2
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afe6f28326b78ef3bc413d8feedffc464b280c6111b4ae6649d12f8da7a4c66
2bb4c1964dfc3410a962b6ae0e3133dc64c08530927690455693b21c8360883b
2bf767ddbfabd1c25f0abcf9f4416cab55034e773d37d274fb6eba0505cf009c
2ced3122d79655bf0d60bd5a2b84a7ad9772737ef3cc367c838ff61dfde6e06b
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3224976f57868dc3d4dbfceddfc956fbd9e7760431e74b4a25323ae06f7ce4c7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3515caf66ba8ed3ffb79bc5839c441e1a1a6f800ad69f73e8937b59822f35d9d
3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5
35da8089f027ddbf8127e0603a619dd63f790f3f45d59c65638d203f680dbd2f
360c6ce9cde0594ceacc3fb178293b41a9df002b66e4532f62fce02ab924df3b
363aea9da29163ae57b4a4d14447fd6dfdf50f270463c1116fef60d9612c6565
365069116bc27694af2acc83cab0226a89f97517038d52752873155dabeef5d6
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
377c5ed17c5d59840538afd9daca3e942af7ed7af192163682b7a740f5ea20af
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f
3a0213f98a13917ee3a0aab8e3425802c80bbb60a633387ff05b5f47658afa62
3b80334011e2b10cdb61cb145661e37e99f2b73402e99570e353ee5301c29fc5
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c3c917f4f2fec833b3b61e610a5ef7bc6ea420a3e35a165bca1c1d2cf61e30d
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7
3e9d31178fe3b7702946fa35728ca6e0d41f44bb710ce9638813c8fbbe7ee4ef
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3ef72d6351ad4e8dc514eb4233f981f498d9a507376ec4e7619ce1635f1f87a1
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4007b7ee51f283060b485c67ffe2556fc9a30920cfcb4ca12f7ca11bafaec546
401f5e7f64fda24c05805debde3bdf484592e7f00ff616a198eda5409e97284a
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
42f778eacf147663de14a5a700f83fef31c1dbdf56001b1f71478145c9391369
43a9774f63e4b1a14e80add9da838fc9ce199599f5422931442469947b50c5cb
43df8c71ca79ed13ebe0c3be20937dd4f7b7c5c33de0f934eafefc32a2131b13
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4582d73eab54c3a2b381816269a97555a81ce959a7db863417c0f7fd368aa9e2
45f0f17894ab482b67a6d7f5fa80bd19fb44da017e93a2df668311c9409c0970
46fbbeb3845050309de5701a63f9117444971193188cecf84b8e22bf02b9ecd4
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
471d22432b588e6585a8e5b66d117d11bd9ee20fb0e08f7cbed1e1c53d283a44
47214152fc864c783c927c1ca30530660999899403e834050320edc868186681
473de33c410dd7a6e0ea018c4493d0d3aca4978c81acba6822f2cab580473f49
48581726df10d7afd2016b10a136d43d23908885aff7e41cae6a45ceea7ae8f5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e754b1f4e9d2759981f4f898f2434952ebec34ab17f12e9106e75e2113d85f9
4e87b0833dbc4021d64216db82295cda42836ba949bbd077c29e6317a65faddf
4efc7bae0f267c675c4cce712fd7b6dd7d69528899330340228259013376ba64
4f224927fbdfc9c0703d628bf79842d60e91ec66c9a3f4291704b70ec964ec5f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
50423be0fdb7c8bcbb86b9a82e8f0cef0955c550dd9901f63af80262eb397b76
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5328dcab3adab710876123de00c0434f1517249191ffebb9f9b0640479361ba0
535524c55391dda20a27f50944978ec4306ee8666bf5e997a554b67af6a6a113
535ab2f2779b29b6ed18af6aa8fb3ecd2e387bdef80583a2dc8ff6caa31f75a1
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
558d5e336c2f88720f789156903043cc4f620d3bae21da7675fbd5deaca3ead0
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
59ea3c81d8242322a563cb906b6a466d874439201fa749d7cc18230b260d36c0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5c13d724b8085425cd5185d134fd27abeb80f2c6640186dff20b32acd284f32b
5cafbcb1e043b6a9425bdaf283a64a6ecec632424e9258e6fa72788e40714a7c
5ce50030d5f36790254a4ec5325ce051848fa702c563e28899027e517e8438ba
5da3e68bb30d7e3a867338bace916d245f4dce6b1a8d470c505973bcd1f6adf5
5f9d9c3be7d460dcb34637217d85dab0ef07da9dcac954b911ef33b46f6091fe
60d19ba6b114c80a735d2294a070c7e4ea87138005b622385f1e3e104e8b1a51
6269438a7b3bf142f2126a5a9512b81167d495e7d654a5a386eae9d1c8a50830
6278f4711d008b11899f4240e23c61abbacd4957d938309d686917d43e4c0cf4
6289857880b44507ede0cf1f9868b7219b56831b0001ab74dafa447a300149c0
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63b4dfd1de3e46da49ddcee1b041c6315efc6c0317770b6e64c0c8f13599e544
64056396a58baedf6266d92983a55f236236901516ae77113cca60290b32b5a2
6419bab4c5a5cea30716e110104e6e59ff637021c8777db7b0d8de34ea3d86d0
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6
64effeec521ec90fad1591e96a260fb49e06a70dae2e1967bf6ff8f5ec62add4
652e38f1ab932ee6d1e61cc8181160d48211f1904b4b2c35670b4ac62dfbb497
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65a30a3960fa6e35f0c5ddea3691b3737f0eff4433166971fd0448b0de639887
65f16db16de18a47fbd856c4157d1ddeb2be3e294e00150b01159e08b33a5849
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
66f5ad12b678679a1b9ea08d55d40e65640bbedf632bfb8299780d77ad18598a
6823dea10949344170cc602ab77daa8e267c3939427e6956318aa4cea3b5b36d
691308d822671760ffba7195c2a6c535d46542cab67b0e674ffef449fc4d1a40
696847d4fee1e6e28b4687a7c113f1f20067af307bf90b491ac114f3b5bf2f44
699e2b32f73c89ae3245e97c97aa96bba425f756e946b2015507c78510fa0665
6a3cce4627b0362ecd0864a9051fdaf4b83c762498d155bda559faaaea81c61f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67
6b4425b521fda664af1b90d0aa7223670c33a653bebeef1981617bff727110bc
6b88d69cea6a9ea72d89fb6949974a83b3146270b680c1e3dd3edb1db5528a9a
6bbb8190f406c9e4b62506e3b631ee791592a5a9dd3e29bc49f3614801a03102
6c8f12934769d44db458b48918c6a3b8d77a808fc280eb0dd849edebdc637398
6dae39790bce3c399f0fb88fe802f7d91e1272507175f9c30a93d72bec31aee4
6e751ab537394229bcef6eabef21082df904e9a9658a1ec50ca71033172f7401
6e785b6ec22145a7e43d7b72cb2ad512987f62aeb9fcdd64835f8e50a633f726
6f9ab9c8edd798835473b909862ab62d984d6c6e8a939665842124bf86d2a28d
712550e15b7e1eeb1f48b8ad3670ed0b2c9a52389c1b2e19fc785fcaffe6a813
7170b733d833751c5a054598db93cb06aa3573194556a1adfd242e6c271632c4
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71c6ea85dba250b22bc1baaa084572f76dcbb99cb2779e5a603aa867717889a6
7217a5b95f7c782ad83a9432a86301ef6464bbf02afb0b2c3b0b707ed92f6519
723960244d90684211579c828dcf959d686b6632c71c428feff20fb729992987
752b584142bd8ce13218ba3a53bf07a89b9cff2f0cf001d6b396b35df335c5a6
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81
77c8a804dcee1c93d64824abb6bf00cd6457cfbbd4ce63f82c854636df6d9192
7a4c14e9a2d7157708224a7936250edec30b389670bd73469a552fba9920f761
7a82a77b5c4272c2d8aeb7207cf8a7c02fd38eac2ecdcb968459d9371ad6bc90
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7adee2bef3d5d2fd7ea4af71b6a81df494c0a61cd3a920b572df22d04c427128
7b2ca6ead7860fe6c344f6f0c6cf7e76591b3703eaea872400474f7899a6b761
7bb365943ed1649e62a95b0ddcbdd8ed1ce7979a14b46f8beaf852037dbcb358
7e0ce8e821f7865d4f65debe643e8021f634367f48b9d3fb9bc7d83bdcea0db2
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
81a04c3c7061efcff4ab4eea7e4ff975fb56341aab0f0596047ff40a2ad00c7a
823df63b722983994088d6b84cbae95a8c3b7d0c99182c072653ed5348c6350d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f800302618e037306433542788bbf1cfb36bd22857d3b5b95ccbc3602ffe79
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
855d4fa8ec1f110f2023edb51eb9c5d4c0038c3aa426fc3812bf2ae9cc1d9ed0
85e3aa4cf8d6ecaf2ca9e0da66ef8e20aa5bb54ddae1cfcf8e2ea968d987078a
872246c7d6deb504f99c864548e57d2f516ba5fc0556e77e40287ac089d00d6f
87b101bad1a1bc8e2ea4bc03ad383bb723bd9a7c2d35ec83e16a2c32e9dbedda
8950a028f4996e05de73bf7eb50ea18749dcc0f3bb3986b062f8170a8737c5e5
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8c7b82324fd79ec22d7666b0f2f93b8553125fc17d5885f220a1dfab817aac05
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d7cfdaf66eda543cf5bf782ab6d7948addc68be67302b29f26b4140d7fe44b0
8dfeb8f598c707c50c8c765cd5417f5990ca2dc1d26db4f9cb07df669857fc08
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ed13ec80a8334ed1ff0de1dad6fd56084b5dcb3be8ac12059f4a7e63df34f15
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9009e7ab169a443db49c625bb9888a8c422546b2a71fa75962d10bf248d155e1
901372bd76d8f0c047f3e5806f5aa690afebd9c2174c5a1579ef44819370585f
9061f372e65347081ccc226f73a3c961fdf266629e5f4490cea8fa4fb8637582
908e2e45f6fb0f0435b8cc5500f819fdb19b72d242e455da0e0797b7e49e767f
90c7bb82a913577903e0f66fbf9d2eb18bb90a7b11ad888e4d636df75a932ac0
91243a795858fc025e7866c38de057bdf13441aec6992b302cfb58cfef772bac
932285b1c72191b8626c34daec03abe2a9c0005bb39928133c3af70501e49ed8
93c047f6bcfb7f7e8173521abe23a3f2ef3e31424ef5e4d27bef44cf5297d72c
93c0a14776b3dca2d17581f6828d40604bb38de7562da8b55ba0e87247642b1a
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528
958a47a7c00818c5f32210c743ccf6c3b011689f46d55edfb83a94852aa7a0ad
96a44a9d7d9ffd05d1fb1de1994d4769fad6bed09b641097447dec156305fd49
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
98dd7aa8984ebae70843fb97a1d958ff8d078ffe67a1da01599e1d073cf1ca8b
99ff866b0c6863805c215b77d6336e815da86164d8237ad19eb2874573eb1476
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af93a284e8e0277c164297cae960fba85af4e34f4d98ce7c4001886a31e6351
9b384e7d43b60407a175a2b82b5e73a6393622e1079685c9ad4b61f54aee02d4
9be7d0940cf4957dc46e3255b04c9f75ad8b5fc9eff048bfbf38e54b37ca9917
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9d28761f3c06a4b2e289a5a15bd874ca02a00a19528da39be7d5940f1b98bbcb
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e2abc68d9dfa011ee08129e29f4990bfbddac2ef230bbebb8c7b5ad409cc8d8
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a159148c8b1206ea0f2282bf9644d62c732f12ff095f9ae905a0d3e07a324f27
a16e5102908cbb3fa1300e289c071e33edc1cfa3443ef2293c81a1e36f428d7b
a188bd505c47a939849a5783eaf86020d672ecb0a33d21cdc7484db774ecd489
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a3a041676beb72630fef1c9b53b10d1592bc0423738fdfdcf15ff1894aa8c3a5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6d4ebeb88e000c475937d484c0f4304d7e923f7e919bcca5106a4fed59f31c7
a702a22c5c00227fd32f7c4cf5acda196fd32ffe7da435de7a9df2040e14abce
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75fe9acfb784bda910aec728288489aed0d6afcd101c109af4d9726e32da7a6
a889c075c878c4c27e1095f8630013f5b922c35436ec2c03874c5df449db2ade
a89fbde8f82fae8a55c9df51b5b8c65a4fb1f3a1e099b3282e8e7296d79d0885
a917f4179203230547c3fcb75808e5360c61fd052e072a851863f574cdcbd7b1
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9
abdaaf1a8fd1ca5329112ce5e753b538d8dd110e10c76a82a3625c023a9d1196
ac79745b4d6eb28edb5bf1eac3c074dfd8773c68ba8609b1660aaffe5e313be4
acf0c0b83e4d5c7f114e4fbd6d05830d4d12e40f8e7f502e8c3f031fa2436e05
ad630d1d137701ad49ca03183f107f056148e4c3ae852aff4e029189bcb80b88
add19a7278a49ece665979ffa5510bb4902b99e15f6130570796ab5e16016b12
add28eafa341fb9f3ceb35938a250c1daa5b8ddafc2479e41b2afb3537145bef
ae95cdf7c42e415dfa88cd874a6f24e0722a23977b43a0fabfcd93ffa1fde4e6
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3735fcd4fbda0ad5e196976b386b8f269f3b6b72a51f9547db44b20622eb34
af60a09556b9e71cf5cc0770144436fc1b68fa23da3709d766bb36b57d0ff92d
afc9a2d1cae70809cd71b3b47cfbc044404391d6e6fa76999aa2fa3e1d59c691
b0017a15904e3a25bb4c70e7e335cb8f0f8e0a5e038f80050ad815836e0f11b4
b032cb242ab03326172619f89ee59cc244e6a569f98e7fb23989914bc7d6ab61
b093eca41085ec21a15f7151356b7356f71c5f893ac9b46e8015581143c0e36e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a95e7a7dc4c998b846be9c71cdb4109305ed6628d1da4ebe5607bbd9c228d9
b4b78a3fa9eb97f009e7359c963fcc645bb25fc2b030d713788ec8478d0d2529
b63bb61d126715cdabe020cf5c4831788a1eba333985b55a72c68bed3be8057c
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c
b9b002d04f00960844720d16d6eac8882f6846e7965a88dfac29ce577b76e6b2
ba21fbb46af1680aa5753e8bb57d998f3b3a450b89b1497307a3852a82c3e01a
bb8152d6157a6d5b3b1a71429b9b3d71af5a5c375616feb09b9281feff1d19f5
bbb2bfc125999f8bc8fa4b38d2aceebec032d94f1021769d0bb339621979f31a
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcfcbc9781b6440d4957fb3a1e6ccd6706095357dbe5e648c6752bb55a27f764
bcfd5d5aace781ae593dfcaf873d1579fbb8aed914585c9aef7356dc97d66645
bee7dda6799c6b9e586c040dbdb35426dd0f6c30367ef0e3c804b5a4205a8a76
bf0105913cb2ea2f78c095ead435163d02e6fb074bd97a0ec1fa8bc8c0baec90
bf1a39dc6f9d3ad6ca8c54847e874d59f3672a49d47e761cab2b1d6c7b2778ad
bf1f3a3b46784b13d9193cab91ab5bcd0fd5fde87d9ded4c19605e5ae1b0c7be
bfa163fa09b200dd716a31c1e08c15174d921ae1052001d465c4fb2760c39bf8
bfb69cf6747dfa5c252ef25e86e6e2c3180d27ae6de9b7ec00e453d963d7f523
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef
c1fa42f83754d24e2a0d6bfae41cd7ea7719dd873730e064fdc3c7f5d118e1bb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23814e7b238180ab5d0245f1aa2f19dac5cabfcb8400aee5055449116372cf1
c2d9324ed8a3749631689c2035a044424b33852429483517714e135b5823b0b1
c36f3b593590af94724cf5ff439dcc4c41a329b4b2250edde7616c9dffd3fdef
c3dbc35e1a53fc5d8c653aadc46378484ee90314e32a22d5ef3e53f2749f6625
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c
c49017ac2fe4ca4064db2ae091a585a2e57b6b006350cd4e2bc61ad03471706f
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c8ee8ca7c61b06547dc1d69cffd2ba3704a116e2dbd9d258ad39fa9de617c349
c9106b1e9383d276785b8f325090d47bd39aca4392ee2b304ececbf16195a8fd
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397
cb3454f90458ee2f2abe7da33680bbffa9869baf7a6e6e39783947fb5db31b16
cc06e0839b8c3e8054a4daaba2fa9ed5a4d0d509a3ffbe3799cc749f7bc4720c
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ce21c21d3ffa1f87a0b48391b639a7a79b26aa02a0d9d79618b4349efb7297f9
cf276a61f2d823c333ac93fe53be7a63f6db731eeab62358d61e7c180b6b9786
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4d00dd42246b7df61786a7be305dda120450aa50373e2c45f6b392ecc211b7
cf5e3e9deaf9e8292c89f99b3490982d17324205434d8af0c876bcf0a82a2f97
cf9943b3977b82cf600a6f65fa5d70980f7c2d23f44131bdb3d46aa77c342763
cfead8a31f9c8c62ad37a6e0deaaa3fd6b385f45b267453319f9cac3fea67033
d092353ec96bb9f3af3a3940f6e145f8756051dceb0924cadc9750128b080b0f
d0b5320c7ee495ef362d6eec85659531382dd2b993fa5154d12bfec51a6296e9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1dd79e82ca704a6b280382838e579204ca7ca3726b1852ff6099e4c7b138b35
d45558a6d103269e24b2cd158398e580a0898145e0dd8cd1b305736f21ced288
d55cd2139402a0d380fde56d74ec885df5effa0234c7da6fc7c26360660bad61
d73179fa76903c021a985cf945e31855acd7fb27965ac07539ccf2c7d460adb7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97
d9c9b9f80c7fbdcc2ef6abe5d2182e9891d6f273830b00a744d05552a21b896f
dad7730e8295c62ac978c7c81e1965e8d248ad008d0c96d92bde4c02887218dd
db923b93614b59e0f141b53683cf626bbdca17612564017c18166dddf290b349
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd153b251400d547ea9443795575b3e00a5716ee7fae484e14c1ad23c4c4e479
ddfb872eca3ef18e312ddb7986b7b0b68bf1ab057461430e16d398b02ac47898
df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956
e027a11489e8864132df4da6c7ddfc270b1f2298c8e92c01479cdafed3e30c04
e159793d0995ec33447cd89926dc1d44b9e8fb080cf3a6e114b9ff89f7fe6820
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e25de9aa65b33a5ff0b079694d5de44784e77ac4d1967ebf0fed6c5ce04bbcd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4168186be7967ce91530be5fbdbef469fce9622f1f93a6e340c7fd8b5d1961d
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6bfd9e33349c155f32901ef1936652ec07b4ecd4d3767fba7395ceef77a1f16
e6c5f03061e87abb87df7e24965955b3162a2ed61e7a4d7a18030a087db944c6
e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e81023cb3137de9f13fb10f1fc27523d0fbaf12b21b7f2db4ebf37a596f21cc5
e8519b0a96ee2009b36d2c3a595b2aa1e713c9192fc02b815e8adf5428fdfd24
e863ef88e253283730e5d59e7440ec4f81011798a9bf08a4a8b6d415020c4579
e8f0156e57f05e8eb114725faba399da09d3706afb1e867ae5e6014c77490127
ea7c08207bf016c414051b132152afb005bfd6cd3382b95987fb70ee6a96e2db
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
eaece72a7fee3c7ca65305b9d8c14e19c81ffe68c00251b0e2c1d1f14509453f
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ebaaa00d7a0d03e309230bc91cf4b9e6994130b9170786840315da05a04aac94
ebcbb2d6286ad58e3dd102b03a96c9d1181129737b5a1c5ed2cad57f5a5d42d9
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
ee2e167f91d27769c2aa549ed9efff18d28eae96a7eef2601aca17c9c53f5cd8
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eeb583c9e691ceabf7118c7370dac201a09e0db5c680ff2534712bf6203bb79b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1f342a3e85285f6192a4b04d741a3018a8be6e882da7d9180a869dac3823f8
ef77496826c03c87abbeeebd68d2eb1ec067432b60c1785b70d5c5391ff7fb83
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f116b3f716b35000be63c8696a5944572939d85bb21f97672a7eaa1405b543f7
f12903e34288b0d00155509c6613edeac90845f72477db0f41046662f79a63aa
f1c07ef4846bac16c72d0ba01a5f3df8a7abdd985e9f0f9f408910f3a434e518
f3b466b1d0993ee0b4e97a5385e0c9a35c4808300c59b104fbd57e1be09a9237
f449d638832bc897eb6ba35ffd579b7f799f0348a67b3216223605d8918b7fb0
f4eac72adfb58e629829e2569a475eddb0fcbe0d3c3dc95c395c58da8acdb59e
f714130a5f0c8f66d5df83b9c3104bcf024f146086b51ed78e1d2d6c21c962e2
f7175332826ca375adc125ae4d8fb2cffd336d1acb99bb790549c8dde9b76273
f826dc0172c07f4c676df76ef0b10df8500bfd6c38055b50413e37153b2088dd
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
fa49e45c5c75aaa7e204be41fea7bba467dbbdd4ac1a0152cb8be698c165759e
fc75311bf80a77f040c7e159661eb5b716ab15938679e4c53570b80438e2f73f
feaf110392011d08268e5ab7fd6f5fddc372b1974c11f81662bf3d2f1cb046c1
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6