urlscan.io logo urlscan.io
SecurityTrails logo

rg.ru Open in urlscan Pro
194.190.37.226  Public Scan

Go To Rescan Add Verdict Report
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Submission: On November 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 105 IPs in 12 countries across 80 domains to perform 621 HTTP transactions. The main IP is 194.190.37.226, located in Russian Federation and belongs to TELESTAR, RU. The main domain is rg.ru.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 2nd 2021. Valid for: a year.
This is the only time rg.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 194.190.37.226 64409 (TELESTAR)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
15 46.235.190.61 34879 (CCT-AS NG...)
2 17 2a02:6b8:20::215 208722 (YNDX)
5 2a02:6b8:a::a 208722 (YNDX)
1 176.9.0.57 24940 (HETZNER-AS)
3 28 95.163.37.253 47764 (MAILRU-AS...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 47 77.88.21.179 13238 (YANDEX)
12 2a00:1450:400... 15169 (GOOGLE)
3 194.190.23.28 64409 (TELESTAR)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 16 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a02:6b8::16b 208722 (YNDX)
1 2a02:6b8::211 208722 (YNDX)
3 21 188.42.191.196 7979 (SERVERS-COM)
1 143.204.98.110 16509 (AMAZON-02)
18 104.19.217.61 13335 (CLOUDFLAR...)
3 185.162.95.76 41722 (MIRAN-AS ...)
1 6 217.69.133.145 47764 (MAILRU-AS...)
4 18 2a02:6b8::1:119 208722 (YNDX)
4 7 88.212.201.216 39134 (UNITEDNET)
1 3 2001:6d0:4001... 52016 (TNSMSK-)
1 39 2a02:6b8::90 208722 (YNDX)
4 2a02:2638::3 44788 (ASN-CRITE...)
16 2a00:1148:db0... 47764 (MAILRU-AS...)
10 195.209.111.20 52007 (ADRIVER-AS)
9 185.184.8.65 204995 (RTB-HOUSE...)
11 37.18.16.6 205675 (HYBRID-AS)
7 195.201.152.105 24940 (HETZNER-AS)
1 3 116.202.236.172 24940 (HETZNER-AS)
2 88.212.234.126 7979 (SERVERS-COM)
3 146.185.195.94 50340 (SELECTEL-MSK)
1 46.161.36.3 49505 (SELECTEL)
1 151.236.71.19 204720 (CDNETWORKS)
6 6 18.196.195.54 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
3 3 91.207.59.213 48061 (UMA-TECH-AS)
2 2 216.52.2.19 30282 (AS-INAPCD...)
8 8 31.172.81.158 44066 (DE-FIRSTC...)
28 178.250.2.131 44788 (ASN-CRITE...)
11 2a02:6b8::184 208722 (YNDX)
10 2a03:90c0:41:... 199524 (GCORE)
2 9 46.46.137.179 29470 (RETNNET-AS)
6 6 2a02:24b0:300... 29470 (RETNNET-AS)
3 3 138.201.139.144 24940 (HETZNER-AS)
3 2a02:6b8::36 208722 (YNDX)
2 2 3.120.83.159 16509 (AMAZON-02)
1 88.212.234.52 7979 (SERVERS-COM)
2 88.212.252.73 7979 (SERVERS-COM)
2 88.212.234.233 7979 (SERVERS-COM)
1 88.212.234.27 7979 (SERVERS-COM)
6 2a00:1450:400... 15169 (GOOGLE)
1 82.202.225.240 49505 (SELECTEL)
6 93.184.221.133 15133 (EDGECAST)
10 95.163.37.254 47764 (MAILRU-AS...)
3 4 195.209.108.51 52007 (ADRIVER-AS)
4 8 46.46.137.178 29470 (RETNNET-AS)
3 37.9.245.57 16345 (BEE-AS Ru...)
5 5 35.190.16.14 15169 (GOOGLE)
5 5 95.216.101.186 24940 (HETZNER-AS)
3 148.251.4.142 24940 (HETZNER-AS)
1 1 91.220.120.21 202173 (MAXIMATEL...)
7 8 89.108.120.76 197695 (AS-REG)
17 216.58.212.162 15169 (GOOGLE)
4 4 142.250.185.98 15169 (GOOGLE)
1 31.172.81.172 44066 (DE-FIRSTC...)
1 2a02:6b8::5:114 208722 (YNDX)
2 35.244.223.69 15169 (GOOGLE)
3 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 185.180.43.83 50340 (SELECTEL-MSK)
2 34.117.231.160 15169 (GOOGLE)
1 185.137.232.40 50340 (SELECTEL-MSK)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 10 2a00:1450:400... 15169 (GOOGLE)
1 1 195.54.48.25 12516 (WEBORAMA ...)
4 35.201.81.244 15169 (GOOGLE)
2 2 37.252.172.123 29990 (ASN-APPNEX)
2 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 35.244.174.68 15169 (GOOGLE)
1 3 35.201.80.102 15169 (GOOGLE)
1 3 35.227.248.159 15169 (GOOGLE)
1 2 52.95.126.160 16509 (AMAZON-02)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
8 37.18.16.20 205675 (HYBRID-AS)
3 37.18.16.16 205675 (HYBRID-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
2 37.18.16.17 205675 (HYBRID-AS)
1 18.192.223.130 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6b8::2:158 208722 (YNDX)
1 69.173.144.139 26667 (RUBICONPR...)
1 37.252.173.38 29990 (ASN-APPNEX)
1 51.89.9.254 16276 (OVH)
5 151.236.71.64 204720 (CDNETWORKS)
1 82.145.213.8 39832 (NO-OPERA)
2 3 142.250.181.226 15169 (GOOGLE)
1 104.19.136.78 13335 (CLOUDFLAR...)
2 3 83.222.115.14 42632 (MNOGOBYTE...)
11 212.76.131.50 42632 (MNOGOBYTE...)
1 1 80.64.106.149 20764 (RASCOM-AS...)
1 1 83.222.114.188 42632 (MNOGOBYTE...)
2 2 193.106.95.134 48614 (ITSOFT-AS)
5 7 185.15.175.145 43226 (SAFEDATA ...)
3 4 188.34.131.130 24940 (HETZNER-AS)
1 1 136.243.149.224 24940 (HETZNER-AS)
1 1 23.109.54.164 7979 (SERVERS-COM)
1 2 89.108.97.2 197695 (AS-REG)
2 2 217.66.147.165 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
5 5 176.9.8.252 24940 (HETZNER-AS)
1 1 81.163.17.245 49505 (SELECTEL)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 176.99.6.56 49352 (LOGOL-AS)
2 2 91.220.120.9 202173 (MAXIMATEL...)
1 1 217.65.2.150 3175 (CITYTELEC...)
1 212.76.131.55 42632 (MNOGOBYTE...)
2 212.76.131.37 42632 (MNOGOBYTE...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
621 105
2    194.190.37.226 (Russian Federation)

ASN64409 (TELESTAR, RU)
PTR: pda.rg.ru
rg.ru
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
10    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
15    46.235.190.61 (Russian Federation)

ASN34879 (CCT-AS NGENIX, RU)
PTR: cdn.ngenix.net
cdnimg.rg.ru
17    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
5    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
1    176.9.0.57 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz-s-fr52.rutarget.ru
cdn.rutarget.ru
28    95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io
relap.io
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
47    77.88.21.179 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net
ads.adfox.ru
12    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    194.190.23.28 (Russian Federation)

ASN64409 (TELESTAR, RU)
PTR: front.rg.ru
front.rg.ru
8    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
16    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
matchid.adfox.yandex.ru
1    2a02:6b8::211 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
zen.yandex.ru
21    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net
widgets.sprinklecontent.com
18    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.lentainform.com
c.lentainform.com
cdn.lentainform.com
servicer.lentainform.com
s-img.lentainform.com
cm.lentainform.com
autocounter.lentainform.com
3    185.162.95.76 (Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ads5-3.smir10.imcmdb.net
smi2.ru
6    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
18    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
7    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
3    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
39    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
4    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
16    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
10    195.209.111.20 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
pb.adriver.ru
9    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
adfox-c2s-ams.creativecdn.com
11    37.18.16.6 (Netherlands)

ASN205675 (HYBRID-AS, RU)
hbe199.hybrid.ai
7    195.201.152.105 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.105.152.201.195.clients.your-server.de
yhb.p.otm-r.com
3    116.202.236.172 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.172.236.202.116.clients.your-server.de
exchange.buzzoola.com
2    88.212.234.126 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-3.sser4.imcmdb.net
static.smi2.net
3    146.185.195.94 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel23.imcmdb.net
stat.media
1    46.161.36.3 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: target2-1.sselp2.imcmdb.net
target.smi2.ru
1    151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
6    18.196.195.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-195-54.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
3    91.207.59.213 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp8.sender.ltmse.com
px.adhigh.net
2    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
8    31.172.81.158 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
sync3.adsniper.ru
28    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
11    2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
avatars.mds.yandex.net
10    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn01.nativeroll.tv
cdn01.seedr.com
cdn02.nativeroll.tv
9    46.46.137.179 (Moscow, Russian Federation)

ASN29470 (RETNNET-AS, RU)
mediatoday.ru
6    2a02:24b0:300:2::31 (Russian Federation)

ASN29470 (RETNNET-AS, RU)
idntfy.ru
3    138.201.139.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de
cm.p.altergeo.ru
3    2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
favicon.yandex.net
2    3.120.83.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-83-159.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    88.212.234.52 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-1.sser3.imcmdb.net
static2.smi2.net
2    88.212.252.73 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-1.sser5.imcmdb.net
static3.smi2.net
2    88.212.234.233 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-3.sser2.imcmdb.net
static1.smi2.net
1    88.212.234.27 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-1.sser2.imcmdb.net
static6.smi2.net
6    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    82.202.225.240 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net
smi2.net
6    93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST, US)
cstatic.weborama.fr
10    95.163.37.254 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: cdn.relap.io
cdn.relap.io
4    195.209.108.51 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
8    46.46.137.178 (Moscow, Russian Federation)

ASN29470 (RETNNET-AS, RU)
instreamvideo.ru
3    37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)
voo2mhq75byesxo-mdt.ops.beeline.ru
von2dghxap4iosm-mdt.ops.beeline.ru
19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e-vdn.ops.beeline.ru
5    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
5    95.216.101.186 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de
sync.1dmp.io
3    148.251.4.142 (Ballenstedt, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.4.251.148.clients.your-server.de
sync.dmp.otm-r.com
1    91.220.120.21 (Russian Federation)

ASN202173 (MAXIMATELECOM, RU)
tms.dmp.wi-fi.ru
8    89.108.120.76 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru
x01.aidata.io
17    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    31.172.81.172 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
1    2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
ysa-static.passport.yandex.ru
2    35.244.223.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.223.244.35.bc.googleusercontent.com
wf.frontend.weborama.fr
3    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
st.hbrd.io
2    185.180.43.83 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host83.seedr.ru
statsb.nativeroll.tv
2    34.117.231.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.231.117.34.bc.googleusercontent.com
ds.frontend.weborama.fr
1    185.137.232.40 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host40.seedr.ru
statsa.nativeroll.tv
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
18    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
2cf980604263f33e5ced0888867d8f4f.safeframe.googlesyndication.com
515ad06a5de5c8ec73c13cbac309a501.safeframe.googlesyndication.com
2ba75d1ebbc5822591ce4f0f9c859d93.safeframe.googlesyndication.com
10    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    195.54.48.25 (France)

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: aub-collect-lb-c03-01-vip.weborama.fr
wam-google.solution.weborama.fr
4    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    35.201.80.102 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 102.80.201.35.bc.googleusercontent.com
dx.frontend.weborama.com
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
17    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
fp.hybrid.ai
8    37.18.16.20 (Netherlands)

ASN205675 (HYBRID-AS, RU)
ssp.hbrd.io
3    37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    37.18.16.17 (Netherlands)

ASN205675 (HYBRID-AS, RU)
ssp.hybrid.ai
1    18.192.223.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-223-130.eu-central-1.compute.amazonaws.com
ssp.afp.ai
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
encrypted-tbn2.gstatic.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    2a02:6b8::2:158 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
banners.adfox.ru
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
5    151.236.71.64 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
static.videonow.ru
init.videonow.ru
cdn.videonow.ru
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
1    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
3    83.222.115.14 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
data.videonow.ru
11    212.76.131.50 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
PTR: vs25.videonow.ru
sync.videonow.ru
1    80.64.106.149 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru
videonow-sync.rutarget.ru
1    83.222.114.188 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
2    193.106.95.134 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
prodmp.ru
7    185.15.175.145 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
4    188.34.131.130 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.130.131.34.188.clients.your-server.de
adx.com.ru
1    136.243.149.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.149.243.136.clients.your-server.de
dmp.vihub.ru
1    23.109.54.164 (Netherlands)

ASN7979 (SERVERS-COM, US)
sync.omnidsp.com
2    89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru
ut.rktch.com
2    217.66.147.165 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-165-147-66-217.spbmts.ru
sm.rtb.mts.ru
1    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
5    176.9.8.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-21.community.moscow
sync.upravel.com
202107fc-2a71-4ff9-a17f-19577684b0da.sync.upravel.com
1    81.163.17.245 (Russian Federation)

ASN49505 (SELECTEL, RU)
mitdmp.whiteboxdigital.ru
1    2606:4700:3039::6815:c07d (United States)

ASN13335 (CLOUDFLARENET, US)
a.utraff.com
1    176.99.6.56 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: ops11.ad4tech.net
dsp.e-contenta.com
2    91.220.120.9 (Russian Federation)

ASN202173 (MAXIMATELECOM, RU)
d.wi-fi.ru
1    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
1    212.76.131.55 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.videonow.ru
2    212.76.131.37 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
PTR: vs09.videonow.ru
stats2.videonow.ru
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
Apex Domain
Subdomains		 Transfer
52 yandex.ru
yandex.ru
matchid.adfox.yandex.ru
zen.yandex.ru
mc.yandex.ru
an.yandex.ru
ysa-static.passport.yandex.ru
510 KB
48 adfox.ru
ads.adfox.ru
banners.adfox.ru
141 KB
40 googlesyndication.com
pagead2.googlesyndication.com
303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
2cf980604263f33e5ced0888867d8f4f.safeframe.googlesyndication.com
515ad06a5de5c8ec73c13cbac309a501.safeframe.googlesyndication.com
2ba75d1ebbc5822591ce4f0f9c859d93.safeframe.googlesyndication.com
tpc.googlesyndication.com
264 KB
38 relap.io
relap.io
cdn.relap.io
350 KB
31 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
pubads.g.doubleclick.net
646 KB
30 criteo.com
bidder.criteo.com
gum.criteo.com
6 KB
23 google.com
www.google.com
adservice.google.com
5 KB
22 videonow.ru
static.videonow.ru
init.videonow.ru
cdn.videonow.ru
data.videonow.ru
sync.videonow.ru
rtb.videonow.ru
stats2.videonow.ru
214 KB
22 mail.ru
top-fwz1.mail.ru
ad.mail.ru
22 KB
22 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
10 KB
20 weborama.fr
cstatic.weborama.fr
redirect.frontend.weborama.fr
wf.frontend.weborama.fr
ds.frontend.weborama.fr
wam-google.solution.weborama.fr
idsync.frontend.weborama.fr
22 KB
20 gstatic.com
www.gstatic.com
fonts.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
485 KB
20 rg.ru
rg.ru
cdnimg.rg.ru
front.rg.ru
2 MB
18 lentainform.com
jsc.lentainform.com
c.lentainform.com
cdn.lentainform.com
servicer.lentainform.com
s-img.lentainform.com
cm.lentainform.com
autocounter.lentainform.com
215 KB
17 hybrid.ai
hbe199.hybrid.ai
fp.hybrid.ai
dm.hybrid.ai
ssp.hybrid.ai
16 KB
17 yastatic.net
yastatic.net
539 KB
15 yandex.com
mc.yandex.com
5 KB
15 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
664 KB
14 yandex.net
avatars.mds.yandex.net
favicon.yandex.net
134 KB
14 adriver.ru
pb.adriver.ru
ad.adriver.ru
5 KB
14 google.de
www.google.de
adservice.google.de
2 KB
12 nativeroll.tv
cdn01.nativeroll.tv
cdn02.nativeroll.tv
statsb.nativeroll.tv
statsa.nativeroll.tv
308 KB
11 hbrd.io
st.hbrd.io
ssp.hbrd.io
24 KB
10 otm-r.com
yhb.p.otm-r.com
sync.dmp.otm-r.com
2 KB
9 mediatoday.ru
mediatoday.ru
6 KB
9 smi2.net
static.smi2.net
static2.smi2.net
static3.smi2.net
static1.smi2.net
static6.smi2.net
smi2.net
216 KB
9 creativecdn.com
adfox-c2s-ams.creativecdn.com
2 KB
8 aidata.io
x01.aidata.io
4 KB
8 instreamvideo.ru
instreamvideo.ru
3 KB
8 google-analytics.com
www.google-analytics.com
77 KB
7 digitaltarget.ru
dmg.digitaltarget.ru
6 KB
7 yadro.ru
counter.yadro.ru
5 KB
6 googletagservices.com
www.googletagservices.com
168 KB
6 idntfy.ru
idntfy.ru
2 KB
6 bumlam.com
sync.bumlam.com
4 KB
6 bidswitch.net
x.bidswitch.net
3 KB
5 upravel.com
sync.upravel.com
202107fc-2a71-4ff9-a17f-19577684b0da.sync.upravel.com
3 KB
5 com.ru
rtb.com.ru
adx.com.ru
3 KB
5 ampproject.org
cdn.ampproject.org
103 KB
5 1dmp.io
static.1dmp.io Failed
sync.1dmp.io
3 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 criteo.net
static.criteo.net
77 KB
4 smi2.ru
smi2.ru
target.smi2.ru
7 KB
3 googleadservices.com
www.googleadservices.com
15 KB
3 tapad.com
pixel.tapad.com
1 KB
3 weborama.com
dx.frontend.weborama.com
481 B
3 adnxs.com
secure.adnxs.com
ib.adnxs.com
3 KB
3 mts.ru
sm.rtb.mts.ru Failed
tech.rtb.mts.ru
2 KB
3 wi-fi.ru
tms.dmp.wi-fi.ru
d.wi-fi.ru
1 KB
3 beeline.ru
voo2mhq75byesxo-mdt.ops.beeline.ru
von2dghxap4iosm-mdt.ops.beeline.ru
19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e-vdn.ops.beeline.ru
2 KB
3 altergeo.ru
cm.p.altergeo.ru
2 KB
3 adhigh.net
px.adhigh.net
1 KB
3 stat.media
stat.media
29 KB
3 buzzoola.com
exchange.buzzoola.com
1 KB
3 tns-counter.ru
www.tns-counter.ru
1 KB
2 2mdn.net
s0.2mdn.net
33 KB
2 rktch.com
ut.rktch.com
683 B
2 prodmp.ru
prodmp.ru
2 KB
2 pubmatic.com
image6.pubmatic.com
445 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com
2 KB
2 rlcdn.com
idsync.rlcdn.com
702 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 admedo.com
pool.admedo.com
715 B
2 rutarget.ru
cdn.rutarget.ru
nativeroll-sync.rutarget.ru Failed
videonow-sync.rutarget.ru
2 KB
1 new-programmatic.com
match.new-programmatic.com
263 B
1 e-contenta.com
dsp.e-contenta.com
84 B
1 utraff.com
a.utraff.com
823 B
1 whiteboxdigital.ru
mitdmp.whiteboxdigital.ru
798 B
1 omnidsp.com
sync.omnidsp.com
385 B
1 vihub.ru
dmp.vihub.ru
267 B
1 mgid.com
cm.mgid.com
684 B
1 opera.com
t.adx.opera.com
410 B
1 onetag-sys.com
onetag-sys.com
814 B
1 afp.ai
ssp.afp.ai
448 B
1 sniperlog.ru
sync3.sniperlog.ru
516 B
1 seedr.com
cdn01.seedr.com
243 B
1 sprinklecontent.com
widgets.sprinklecontent.com
20 KB
1 cloudflare.com
cdnjs.cloudflare.com
2 KB
621 80
Domain Requested by
47 ads.adfox.ru 3 redirects rg.ru
yastatic.net
39 an.yandex.ru 1 redirects yastatic.net
rg.ru
yandex.ru
an.yandex.ru
28 bidder.criteo.com static.criteo.net
28 relap.io 3 redirects rg.ru
relap.io
21 ads.betweendigital.com 3 redirects rg.ru
yastatic.net
yandex.ru
18 pagead2.googlesyndication.com securepubads.g.doubleclick.net
rg.ru
tpc.googlesyndication.com
www.googletagservices.com
srcdoc
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
rg.ru
303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
17 yastatic.net 2 redirects yastatic.net
rg.ru
yandex.ru
an.yandex.ru
16 ad.mail.ru yastatic.net
relap.io
rg.ru
yandex.ru
16 www.google.com 3 redirects rg.ru
tpc.googlesyndication.com
303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
15 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
rg.ru
15 mc.yandex.com 3 redirects rg.ru
mc.yandex.ru
15 cdnimg.rg.ru rg.ru
cdnimg.rg.ru
12 fonts.gstatic.com fonts.googleapis.com
rg.ru
11 sync.videonow.ru rg.ru
11 avatars.mds.yandex.net rg.ru
11 hbe199.hybrid.ai yastatic.net
yandex.ru
10 s-img.lentainform.com rg.ru
10 cdn.relap.io rg.ru
relap.io
10 pb.adriver.ru yastatic.net
yandex.ru
10 fonts.googleapis.com rg.ru
relap.io
cdn01.nativeroll.tv
303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
9 mediatoday.ru 2 redirects rg.ru
9 adfox-c2s-ams.creativecdn.com yastatic.net
yandex.ru
9 www.google.de rg.ru
8 ssp.hbrd.io st.hbrd.io
8 x01.aidata.io 7 redirects rg.ru
8 instreamvideo.ru 4 redirects rg.ru
8 www.google-analytics.com rg.ru
cdnimg.rg.ru
www.google-analytics.com
cdn01.nativeroll.tv
7 dmg.digitaltarget.ru 5 redirects rg.ru
7 googleads.g.doubleclick.net 2 redirects rg.ru
www.googleadservices.com
7 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
7 yhb.p.otm-r.com yastatic.net
yandex.ru
7 counter.yadro.ru 4 redirects rg.ru
6 cstatic.weborama.fr cdn01.nativeroll.tv
cstatic.weborama.fr
6 www.googletagservices.com yastatic.net
securepubads.g.doubleclick.net
303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
6 idntfy.ru 6 redirects
6 sync.bumlam.com 6 redirects
6 x.bidswitch.net 6 redirects
6 top-fwz1.mail.ru 1 redirects cdnimg.rg.ru
rg.ru
top-fwz1.mail.ru
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
5 sync.1dmp.io 5 redirects
5 redirect.frontend.weborama.fr 5 redirects
5 cdn01.nativeroll.tv rg.ru
cdn01.nativeroll.tv
5 yandex.ru rg.ru
yastatic.net
4 imasdk.googleapis.com cdn.videonow.ru
imasdk.googleapis.com
4 adx.com.ru 3 redirects rg.ru
4 idsync.frontend.weborama.fr cstatic.weborama.fr
4 cm.g.doubleclick.net 4 redirects
4 ad.adriver.ru 3 redirects rg.ru
4 cdn02.nativeroll.tv cdn01.nativeroll.tv
4 static.criteo.net yastatic.net
rg.ru
yandex.ru
3 sync.upravel.com 3 redirects
3 data.videonow.ru 2 redirects rg.ru
3 cdn.videonow.ru static.videonow.ru
cdn.videonow.ru
3 www.googleadservices.com 2 redirects yastatic.net
3 dm.hybrid.ai fp.hybrid.ai
st.hbrd.io
rg.ru
3 pixel.tapad.com 1 redirects cstatic.weborama.fr
3 dx.frontend.weborama.com 1 redirects cstatic.weborama.fr
3 st.hbrd.io rg.ru
st.hbrd.io
3 sync.dmp.otm-r.com rg.ru
3 favicon.yandex.net rg.ru
3 cm.p.altergeo.ru 3 redirects
3 px.adhigh.net 3 redirects
3 stat.media smi2.ru
stat.media
3 exchange.buzzoola.com 1 redirects rg.ru
yastatic.net
3 www.tns-counter.ru 1 redirects rg.ru
3 mc.yandex.ru 1 redirects cdnimg.rg.ru
yastatic.net
3 smi2.ru cdnimg.rg.ru
static.smi2.net
rg.ru
3 matchid.adfox.yandex.ru yastatic.net
yandex.ru
3 stats.g.doubleclick.net www.google-analytics.com
3 front.rg.ru cdnimg.rg.ru
3 www.gstatic.com rg.ru
303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 s0.2mdn.net imasdk.googleapis.com
2 stats2.videonow.ru rg.ru
2 d.wi-fi.ru 2 redirects
2 202107fc-2a71-4ff9-a17f-19577684b0da.sync.upravel.com 2 redirects
2 ut.rktch.com 1 redirects rg.ru
2 prodmp.ru 2 redirects
2 cm.lentainform.com jsc.lentainform.com
2 encrypted-tbn2.gstatic.com 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
2 encrypted-tbn3.gstatic.com 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
2 ssp.hybrid.ai st.hbrd.io
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 image6.pubmatic.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects cstatic.weborama.fr
2 idsync.rlcdn.com cstatic.weborama.fr
2 gum.criteo.com 2 redirects
2 secure.adnxs.com 2 redirects
2 sm.rtb.mts.ru rg.ru
2 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ds.frontend.weborama.fr cstatic.weborama.fr
2 statsb.nativeroll.tv cdn01.nativeroll.tv
rg.ru
2 wf.frontend.weborama.fr rg.ru
2 static1.smi2.net rg.ru
2 static3.smi2.net rg.ru
2 ads.creative-serving.com 2 redirects
2 sync3.adsniper.ru 2 redirects
2 ap.lijit.com 2 redirects
2 pool.admedo.com 2 redirects
2 static.smi2.net smi2.ru
rg.ru
2 jsc.lentainform.com cdnimg.rg.ru
jsc.lentainform.com
2 rg.ru rg.ru
1 rtb.videonow.ru cdn.videonow.ru
1 match.new-programmatic.com 1 redirects
1 dsp.e-contenta.com rg.ru
1 a.utraff.com rg.ru
1 mitdmp.whiteboxdigital.ru 1 redirects
1 tech.rtb.mts.ru 1 redirects
1 sync.omnidsp.com 1 redirects
1 dmp.vihub.ru 1 redirects
1 rtb.com.ru 1 redirects
1 19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e-vdn.ops.beeline.ru rg.ru
1 videonow-sync.rutarget.ru 1 redirects
1 autocounter.lentainform.com jsc.lentainform.com
1 cm.mgid.com rg.ru
1 t.adx.opera.com rg.ru
1 init.videonow.ru static.videonow.ru
1 servicer.lentainform.com jsc.lentainform.com
1 cdn.lentainform.com rg.ru
1 static.videonow.ru rg.ru
1 onetag-sys.com cache.betweendigital.com
1 c.lentainform.com jsc.lentainform.com
1 ib.adnxs.com rg.ru
1 token.rubiconproject.com eus.rubiconproject.com
1 banners.adfox.ru rg.ru
1 encrypted-tbn1.gstatic.com 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
1 ssp.afp.ai yastatic.net
1 secure-assets.rubiconproject.com 1 redirects
1 fp.hybrid.ai st.hbrd.io
1 ajax.googleapis.com yastatic.net
1 2ba75d1ebbc5822591ce4f0f9c859d93.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 wam-google.solution.weborama.fr 1 redirects cstatic.weborama.fr
1 515ad06a5de5c8ec73c13cbac309a501.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 2cf980604263f33e5ced0888867d8f4f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 statsa.nativeroll.tv cdn01.nativeroll.tv
1 ysa-static.passport.yandex.ru rg.ru
1 sync3.sniperlog.ru rg.ru
1 von2dghxap4iosm-mdt.ops.beeline.ru rg.ru
1 tms.dmp.wi-fi.ru 1 redirects
1 voo2mhq75byesxo-mdt.ops.beeline.ru rg.ru
1 smi2.net rg.ru
1 static6.smi2.net rg.ru
1 static2.smi2.net rg.ru
1 cdn01.seedr.com cdn01.nativeroll.tv
1 cache.betweendigital.com ads.betweendigital.com
1 target.smi2.ru rg.ru
1 widgets.sprinklecontent.com cdnimg.rg.ru
1 zen.yandex.ru cdnimg.rg.ru
1 cdnjs.cloudflare.com cdnimg.rg.ru
1 cdn.rutarget.ru rg.ru
0 nativeroll-sync.rutarget.ru Failed rg.ru
cdn01.nativeroll.tv
0 static.1dmp.io Failed cdnimg.rg.ru
621 154
Subject Issuer Validity Valid
*.rg.ru
AlphaSSL CA - SHA256 - G2		 2021-05-02 -
2022-06-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.rutarget.ru
Thawte RSA CA 2018		 2021-05-17 -
2022-06-17		 a year crt.sh
relap.io
GeoTrust RSA CA 2018		 2021-08-26 -
2022-09-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
matchid.adfox.yandex.ru
Yandex CA		 2021-08-26 -
2022-02-18		 6 months crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
*.zen.yandex.ru
Yandex CA		 2021-07-14 -
2022-01-12		 6 months crt.sh
sprinklecontent.com
Amazon		 2021-04-06 -
2022-05-05		 a year crt.sh
smi2.ru
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
bs.yandex.ru
Yandex CA		 2021-11-17 -
2022-05-18		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
*.p.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2022-02-06		 2 years crt.sh
*.adfox.ru
Yandex CA		 2021-07-27 -
2022-01-06		 5 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
smi2.net
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
stat.media
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
avatars.mds.yandex.net
Yandex CA		 2021-08-31 -
2022-03-01		 6 months crt.sh
cdn01.nativeroll.tv
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
cdn01.seedr.com
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
favicon.yandex.net
Yandex CA		 2021-07-06 -
2021-12-05		 5 months crt.sh
edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-21 -
2022-10-22		 a year crt.sh
cdn02.nativeroll.tv
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
*.ops.beeline.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-06-23 -
2022-06-24		 2 years crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
ysa-static.passport.yandex.net
Yandex CA		 2021-08-21 -
2022-02-19		 6 months crt.sh
*.frontend.weborama.fr
Go Daddy Secure Certificate Authority - G2		 2021-02-20 -
2022-03-24		 a year crt.sh
*.hbrd.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-03 -
2022-07-04		 a year crt.sh
statsb.nativeroll.tv
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
statsa.nativeroll.tv
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.frontend.weborama.com
Go Daddy Secure Certificate Authority - G2		 2021-08-28 -
2022-09-29		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
*.buzzoola.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-30 -
2022-09-28		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
ssp.afp.ai
Amazon		 2021-02-25 -
2022-03-26		 a year crt.sh
s3.yandex.net
Yandex CA		 2021-08-31 -
2022-03-01		 6 months crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2020-11-10 -
2021-12-12		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.videonow.ru
AlphaSSL CA - SHA256 - G2		 2021-08-02 -
2022-09-03		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
dsp.e-contenta.com
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 44 frames:

Primary Page: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Frame ID: 2F374A82908F9B647FA4E470323F544A
Requests: 368 HTTP requests in this frame

Frame: https://relap.io/v7/relap.js
Frame ID: 29645214000931EECB706C8A5C0EBD6F
Requests: 23 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=51eb3150-c48b-524a-b638-ab83d798691e&CACHEBUSTER=469608
Frame ID: 6FB1F7D4C6160CEFA5E38444AF0B2DF3
Requests: 7 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 043C5173628703275848433E0E988B4E
Requests: 24 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: E5371B30C4B2ED8A53672BA5E4A1A081
Requests: 21 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 32779ED65EA0535316D82E4E34C0E7E6
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 1106C68D63FEDE4704E6F822E4460262
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: BE655510ADF34704E38F2D9EA6630B00
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 1A1B242FAD35C6285921F5C5C3E7281A
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: FD77D4A6A81E9153CCC654589E3E3661
Requests: 9 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Frg.ru
Frame ID: 1EC451704DE9E84D9A3545A82B4B86AE
Requests: 1 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: 6C738D22540C6212CFD8B1EB39741C02
Requests: 17 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Frg.ru
Frame ID: B59858C590A4F9320541EB52DF3BFF19
Requests: 1 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Frame ID: E0CCAC16B251B7800E20C0AF577762A7
Requests: 11 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534730
Frame ID: 99A8456F517587D61C3D25CA5A52B032
Requests: 11 HTTP requests in this frame

Frame: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C8F697D69228E6B88864FE0334B7232F
Requests: 1 HTTP requests in this frame

Frame: https://2cf980604263f33e5ced0888867d8f4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BBB0A4D8B5694248B331A6742F5DD0D1
Requests: 1 HTTP requests in this frame

Frame: https://515ad06a5de5c8ec73c13cbac309a501.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6FDDC6361752FB26CB5FA03F729F21DA
Requests: 1 HTTP requests in this frame

Frame: https://2ba75d1ebbc5822591ce4f0f9c859d93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A24D166E65AC81E374E9AE460561657A
Requests: 1 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
Frame ID: 1F133FAFC7F7E125218F8FCFB84912B1
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 65AD3186EB6A59144F036131416EBAD7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E519DBA69FE4EF373CF165DF6DF77CA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 88D8ADF90AC093B13C19F2A937687800
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3CFE7B901B2333198720F9E23F621F93
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 873BAB1DC85F02BB24E52480F8F42C57
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A8BF0587EA4DFE0D9F01AFACAC97716D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5A7BD7B4D0AFCACC619E043592120C6C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 59057AFD574BB375438D65CF0C821451
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F784D005375EA554E57E60F4DC51BE95
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45F0C41CC5BDA628E05C31BA76D52152
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7GGr8nTYMLxiJUUsxez2QDP0dHBfSOrAOHz5_ltp5XMRvmzLw8PSzlA5_ZGwOw6X3qsO4fTaYll6K9U3-6azcCi6E9WYGqobXYmHzTLj1I_SmKGKqL_6wnE70ydKB06V3BkQRoonIBOSenbhTKro59UeFFund5X14zc_6ctmLvxJpo5AG7wQt43eadeLhsnPRuoCCBf2nuaLixIxBB_GZckOoO-b6cTJ_kDFKdTompJug2Pk129EIG9Ad4j8BoSc6d305s9DgLrTxENjypFOsw1e7Dll7F7Lb0BN49gmYUlZWF0eJ&sai=AMfl-YQYllRDRL3fqD6CUcfwEr6id9vZeM_EdFKfwaPSdmX6R9itNC8F8Dsra5bmVp0lwXkU1SN78gt0KnMyx7lymwRM8tOiNBp7oPVB2Absg3OAUxKps2xZExCTG4ayclg&sig=Cg0ArKJSzGVHp-ug04BUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EFF1B3074F35E57378DFBFF53DFCDBB2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: A2452C60927D16CFD65D9E55E2BA8BC8
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzCELeQL5c8wkp09cbJmMoO9rewcjs4R25k0kpg_z18-2tn6VVt37BTkrhbD9kxhEg3XeZE7DosGvwaSUj5PrQ5x-1LFC-RMfn31vhe7vmhyV7Ys1mFT7rMN634vkIZXNEb4Ocm1KDo8O2IVHKykfM-GwF0aA7i--5hiNK4Vi-4prghHi5NxQu7Wj99oz_h-cyYlmOyAaYqJUXUxlPAksLy9lIB2wp8ekQ_hduT4yw_ToSXJnNQYauJxlnFPUeWRg2BlQRQ5eVZPiP5zRbc-Cs8PBrC7FcHc4VyiDuDaiRz0iD09chbuFG&sai=AMfl-YTft6TgmroufxPLCREivthNDgPfFlRfARWxiiZ7Dvrpw-KmvE8GRL5qNFfsCGJLd1SrSZaGOF821jeBBFuEJrOJLx9xSZtRA14bnN_K391krX6ZObPsFlU-p0vIwF82&sig=Cg0ArKJSzN4ZWMeqdfzrEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 62965727B0E50580B624A0E60B3F7FC1
Requests: 3 HTTP requests in this frame

Frame: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9106BDCB4F6A019570D53C3CD69AD524
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 4E8E14F8B6CDB5B106634C688F1C30C7
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstziIejtHcCvhb_TjaZtwxlgjaQuj7Yu1Mv8y1sgiI8zmZbA6iRIoIV2tthxl0rDWuvNi12IDU128QZXbzlgEzDA6RTFttbQnWUjEpu_OKIR0jSR1iilPicAvU6SyYj-cz6d0K66fhCc8ZqnXqSCqsOwLOUAJa3ENVll7eQy6d84GjkHINIjcQsnqyKHm7dnJtO9a3LKyUBT5hf5wHi6wObbgjmchLtpphdeb1X84yhFsO0CsJaLBxXuZXkOPcSHfriIW-PgEJw3xW13ljWeYXJxTp0P2hnc5SYD_hP9Q&sai=AMfl-YQzsXn0qtg9cum6Xkv6zQyKczp6u-HACBhPppF8h0QKyjSRcpkaH-1v_MKZ9LTn8_9npBZeq9rlB4L6T_BV7nTZI4Tb8Xak0JsyF4jzMWLRWGgcewYLOGcgIOu_-wE&sig=Cg0ArKJSzLXBBOV0jPqaEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 727567C0BEF27F71721EBDBA71BFDA0D
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 77C8B486C28BB6220FB0D14F5D299151
Requests: 1 HTTP requests in this frame

Frame: https://cm.lentainform.com/i-noref.js?cbuster=1637925536481855250735
Frame ID: 30E8B1CBF749C49DFCEA620DB55CFDAF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.videonow.ru/v2/96b5a2b/vn_providers_vpaid.js
Frame ID: 7ADF43F5B8176283EA05A479E70DF6B2
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: 7C196A291C072EEEBEAED629E1C70893
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7F91DD43F53982B18101A0CE28C23417
Requests: 1 HTTP requests in this frame

Frame: https://cdn.videonow.ru/v2/96b5a2b/vn_providers_vpaid.js
Frame ID: 84256625B0323E3307D6B48A33ED5BA8
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: 17199DD1A4EE2A3C27A14BD65F846B10
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BC766037963684CFFCE2EB6BB238B119
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Число атак на бизнес с помощью программ-вымогателей выросло втрое — Российская газетаback

Page Statistics

621
Requests

87 %
HTTPS

30 %
IPv6

80
Domains

154
Subdomains

105
IPs

12
Countries

7455 kB
Transfer

18577 kB
Size

156
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
  • https://yandex.ru/ads/system/header-bidding.js
Request Chain 8
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://yandex.ru/ads/system/context.js
Request Chain 22
  • https://ads.adfox.ru/5906/getCode?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=863070975&ptrc=b HTTP 302
  • https://ads.adfox.ru/5906/getCodeTest?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=863070975&ptrc=b
Request Chain 23
  • https://ads.adfox.ru/5906/getCode?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=863070975 HTTP 302
  • https://ads.adfox.ru/5906/getCodeTest?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=863070975
Request Chain 24
  • https://ads.adfox.ru/5906/getCode?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=863070975&ptrc=b HTTP 302
  • https://ads.adfox.ru/5906/getCodeTest?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=863070975&ptrc=b
Request Chain 54
  • https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=9472189282 HTTP 302
  • https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=9472189282&crf=1
Request Chain 66
  • https://top-fwz1.mail.ru/counter?id=11659;t=409;l=1 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=11659;t=409;l=1
Request Chain 67
  • https://counter.yadro.ru/hit?t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043E%20%u0430%u0442%u0430%u043A%20%u043D%u0430%20%u0431%u0438%u0437%u043D%u0435%u0441%20%u0441%20%u043F%u043E%u043C%u043E%u0449%u044C%u044E%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C-%u0432%u044B%u043C%u043E%u0433%u0430%u0442%u0435%u043B%u0435%u0439%20%u0432%u044B%u0440%u043E%u0441%u043B%u043E%20%u0432%u0442%u0440%u043E%u0435%20%u2014%20%u0420%u043E%u0441%u0441%u0438%u0439%u0441%u043A%u0430%u044F%20%u0433;0.48064658221918233 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043E%20%u0430%u0442%u0430%u043A%20%u043D%u0430%20%u0431%u0438%u0437%u043D%u0435%u0441%20%u0441%20%u043F%u043E%u043C%u043E%u0449%u044C%u044E%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C-%u0432%u044B%u043C%u043E%u0433%u0430%u0442%u0435%u043B%u0435%u0439%20%u0432%u044B%u0440%u043E%u0441%u043B%u043E%20%u0432%u0442%u0440%u043E%u0435%20%u2014%20%u0420%u043E%u0441%u0441%u0438%u0439%u0441%u043A%u0430%u044F%20%u0433;0.48064658221918233
Request Chain 68
  • https://counter.yadro.ru/hit;RGINTERNET?r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9784701544642886 HTTP 302
  • https://counter.yadro.ru/hit;RGINTERNET?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9784701544642886
Request Chain 69
  • https://counter.yadro.ru/hit;RGRU?r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.39194964111116737 HTTP 302
  • https://counter.yadro.ru/hit;RGRU?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.39194964111116737
Request Chain 70
  • https://www.tns-counter.ru/V13a***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/ HTTP 302
  • https://www.tns-counter.ru/V13b***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
Request Chain 128
  • https://exchange.buzzoola.com/ssp/adfox HTTP 307
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Request Chain 157
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=d9078758-6364-4304-a3ea-ad1856650774 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=d9078758-6364-4304-a3ea-ad1856650774 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=03f06c0e-1456-4440-854c-1894a8a29496&user_group=1&ssp=between&bsw_param=d9078758-6364-4304-a3ea-ad1856650774 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9078758-6364-4304-a3ea-ad1856650774
Request Chain 158
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=PW9SHFxP88e.AikABlF9W_g3-w
Request Chain 159
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=82995b5021d5c0ff615e7eef
Request Chain 160
  • https://sync.bumlam.com/?src=bw1&uid=51eb3150-c48b-524a-b638-ab83d798691e HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABidhYONBlIFvp7KygpiJDUxZWIzMTUwLWM0OGItNTI0YS1iNjM4LWFiODNkNzk4NjkxZQ** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARidhYONBlIFvp7KygpiJDUxZWIzMTUwLWM0OGItNTI0YS1iNjM4LWFiODNkNzk4NjkxZaIBEKOUvCROqhHshuAAJZDAZHw* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABidhYONBmIkNTFlYjMxNTAtYzQ4Yi01MjRhLWI2MzgtYWI4M2Q3OTg2OTFlogEQo5S8JE6qEeyG4AAlkMBkfA** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARidhYONBmIkNTFlYjMxNTAtYzQ4Yi01MjRhLWI2MzgtYWI4M2Q3OTg2OTFlogEQo5S8JE6qEeyG4AAlkMBkfA** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=a394bc24-4eaa-11ec-86e0-002590c0647c
Request Chain 164
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9469.jBm2FLZUo8hyyPmuPaCjccazY0GhTGE7Qlaz7Ywq2p8GZDo-lA4iHlaTJkNU_nE-.hUPI71WBPAzbx_RUpf_sVWx0FMU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9469.fIRSEh51FfeffU65G8Kay91h8olDFmMLGi8JH1BmcIHDXbqCNEG8aqwF7-fNaojtVolUYoiZeNGiY5NjpEJdygxvq4P5TV55V9dd8fef76E%2C.H2CuVeh4h-H1SGacpRiyHX9dgWI%2C
Request Chain 182
  • https://mediatoday.ru/core/code.js?pid=9119&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24 HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9tZWRpYXRvZGF5LnJ1L2NvcmUvY29kZS5qcz9waWQ9OTExOSZyaWQ9MTAxNDE4JnJsPSZsbD1odHRwcyUzQS8vcmcucnUvMjAyMS8xMS8yNS9rb2xpY2hlc3R2by1hdGFrLW5hLWJpem5lcy1zLXBvbW9zaGNoaXUtcHJvZ3JhbW0tdnltb2dhdGVsZWotdXZlbGljaGlsb3MtbmEtMjAwLmh0bWwmb3c9MTYwMCZvaD0xMjAwJnN3PTE2MDAmc2g9MTIwMCZwZD0yNCZ2aWRzZXR1cD0x&p=idntfy&n=otclick HTTP 302
  • https://mediatoday.ru/core/code.js?pid=9119&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOo2mHQ75BYEsXo
Request Chain 184
  • https://mediatoday.ru/core/code.js?pid=8493&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24 HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9tZWRpYXRvZGF5LnJ1L2NvcmUvY29kZS5qcz9waWQ9ODQ5MyZyaWQ9MTAxNDE4JnJsPSZsbD1odHRwcyUzQS8vcmcucnUvMjAyMS8xMS8yNS9rb2xpY2hlc3R2by1hdGFrLW5hLWJpem5lcy1zLXBvbW9zaGNoaXUtcHJvZ3JhbW0tdnltb2dhdGVsZWotdXZlbGljaGlsb3MtbmEtMjAwLmh0bWwmb3c9MTYwMCZvaD0xMjAwJnN3PTE2MDAmc2g9MTIwMCZwZD0yNCZ2aWRzZXR1cD0x&p=idntfy&n=otclick HTTP 302
  • https://mediatoday.ru/core/code.js?pid=8493&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOn2DghXAp4IoSM
Request Chain 198
  • https://cm.p.altergeo.ru/relap?aid=0zyVboah&nc=UCrLyFc0&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
  • https://relap.io/partners/altergeocs?uid=CMNyCEf3ciS9iA1SxNXiL3oA==
Request Chain 237
  • https://mc.yandex.com/watch/29789?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1274395942936%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111853%3Aet%3A1637925534%3Ac%3A1%3Arn%3A158430592%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637925532079%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/29789/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1274395942936%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111853%3Aet%3A1637925534%3Ac%3A1%3Arn%3A158430592%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637925532079%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
Request Chain 238
  • https://mc.yandex.com/watch/22322746?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A888%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1454109463667%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111853%3Aet%3A1637925534%3Ac%3A1%3Arn%3A677424576%3Arqn%3A1%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637925532079%3Ads%3A6%2C99%2C286%2C48%2C0%2C0%2C%2C504%2C25%2C%2C%2C%2C1161%3Adsn%3A6%2C99%2C286%2C48%2C0%2C0%2C%2C459%2C26%2C%2C%2C%2C1161%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/22322746/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A888%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1454109463667%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111853%3Aet%3A1637925534%3Ac%3A1%3Arn%3A677424576%3Arqn%3A1%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637925532079%3Ads%3A6%2C99%2C286%2C48%2C0%2C0%2C%2C504%2C25%2C%2C%2C%2C1161%3Adsn%3A6%2C99%2C286%2C48%2C0%2C0%2C%2C459%2C26%2C%2C%2C%2C1161%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
Request Chain 239
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d9078758-6364-4304-a3ea-ad1856650774 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d9078758-6364-4304-a3ea-ad1856650774 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=cfd951ea-8bea-41a9-9509-f901ec9f41d4&ssp=between&expires=30&user_group=5&bsw_param=d9078758-6364-4304-a3ea-ad1856650774 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9078758-6364-4304-a3ea-ad1856650774
Request Chain 292
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5723262&bn=5723262&rnd=101418 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5723262&bn=5723262&rnd=101418&tuid=-4399635705 HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=2&id=AV_jAd0ptmwNq7RiytbfNsQ HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MiZpZD1BVl9qQWQwcHRtd05xN1JpeXRiZk5zUSZ2aWRzZXR1cD0x&p=idntfy&n=otclick HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=2&id=AV_jAd0ptmwNq7RiytbfNsQ&vidsetup=1&idntfy=VOn2DghXAp4IoSM
Request Chain 294
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D15%26id%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D15%26id%3D%7BWEBO_CID%7D&bounce=1&random=445397720 HTTP 302
  • https://mediatoday.ru/core/match.gif?s=15&id=sp2vxU5LpdcS1T4G6mHVBO
Request Chain 295
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOo2mHQ75BYEsXo&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOo2mHQ75BYEsXo&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D&cs=1 HTTP 302
  • https://mediatoday.ru/core/match.gif?s=16&id=a417e902-4eaa-11ec-ad67-f832e4719dd9
Request Chain 296
  • https://relap.io/api/partners/instrv.gif?uid=VOo2mHQ75BYEsXo HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MTcmaWQ9MHp5VmJvYWgmdmlkc2V0dXA9MQ==&p=idntfy&n=otclick HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah&vidsetup=1&idntfy=VOn2DghXAp4IoSM
Request Chain 298
  • https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=mediatoday&ru=https%3A%2F%2Finstreamvideo.ru%2Fcore%2Fmatch.gif%3Fs%3D23%26id%3D[UID] HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=23&id=Ct22uhz4RqKOn2dR3GhtNA HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MjMmaWQ9Q3QyMnVoejRScUtPbjJkUjNHaHROQSZ2aWRzZXR1cD0x&p=idntfy&n=otclick HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=23&id=Ct22uhz4RqKOn2dR3GhtNA&vidsetup=1&idntfy=VOn2DghXAp4IoSM
Request Chain 299
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOo2mHQ75BYEsXo HTTP 302
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOo2mHQ75BYEsXo&bounce=1 HTTP 302
  • https://mediatoday.ru/core/match.gif?s=24&id=BgaKtMBNON5TbG6581MT5g
Request Chain 319
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOn2DghXAp4IoSM&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D HTTP 302
  • https://mediatoday.ru/core/match.gif?s=16&id=a417e902-4eaa-11ec-ad67-f832e4719dd9
Request Chain 320
  • https://relap.io/api/partners/instrv.gif?uid=VOn2DghXAp4IoSM HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah HTTP 302
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MTcmaWQ9MHp5VmJvYWgmdmlkc2V0dXA9MQ==&p=idntfy&n=otclick HTTP 302
  • https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah&vidsetup=1&idntfy=VOn2DghXAp4IoSM
Request Chain 321
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOn2DghXAp4IoSM HTTP 302
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOn2DghXAp4IoSM&bounce=1 HTTP 302
  • https://mediatoday.ru/core/match.gif?s=24&id=BgaKtMBNON5TbG6581MT5g
Request Chain 323
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a394bc24-4eaa-11ec-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a394bc24-4eaa-11ec-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=BgaKtMBNON5TbG6581MT5g& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=BgaKtMBNON5TbG6581MT5g&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=BgaKtMBNON5TbG6581MT5g&extra2=aidata&google_gid=CAESEBDSna8GrHEwO50yzILAx2c&google_cver=1
Request Chain 363
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D6%26rand%3D105237 HTTP 302
  • https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sp2vxU5LpdcS1T4G6mHVBO&gt=6&rand=105237
Request Chain 365
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=105237 HTTP 302
  • https://rtb.com.ru/adriver-sync?uid=AV_jAd0ptmwNq7RiytbfNsQ HTTP 302
  • https://rtb.com.ru/sync?noRedirect=&sspKey=15&sspUserID=AV_jAd0ptmwNq7RiytbfNsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D61a0c29ffa2d935035db4fe8%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D61a0c29ffa2d935035db4fe8%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D61a0c29ffa2d935035db4fe8%252526i%25253D7939301234216393124%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D61a0c29ffa2d935035db4fe8%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D61a0c29ffa2d935035db4fe8%2525252526nc%252525253D2965587403995189898%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D61a0c29ffa2d935035db4fe8%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FiGVKAKDJVMWiLMAuFeoxU6%2525252525253Fsign%2525252525253D3106415288%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D61a0c29ffa2d935035db4fe8%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D61a0c29ffa2d935035db4fe8%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D61a0c29ffa2d935035db4fe8%252526i%25253D7939301234216393124%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D61a0c29ffa2d935035db4fe8%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D61a0c29ffa2d935035db4fe8%2525252526nc%252525253D2965587403995189898%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D61a0c29ffa2d935035db4fe8%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FiGVKAKDJVMWiLMAuFeoxU6%2525252525253Fsign%2525252525253D3106415288%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D61a0c29ffa2d935035db4fe8&google_gid=CAESEHF28rfLW-uiJu5YSk_4tEk&google_cver=1 HTTP 302
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61a0c29ffa2d935035db4fe8%2526i%253D7939301234216393124%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61a0c29ffa2d935035db4fe8%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61a0c29ffa2d935035db4fe8%25252526nc%2525253D2965587403995189898%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61a0c29ffa2d935035db4fe8%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FiGVKAKDJVMWiLMAuFeoxU6%25252525253Fsign%25252525253D3106415288%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61a0c29ffa2d935035db4fe8%2526i%253D7939301234216393124%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61a0c29ffa2d935035db4fe8%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61a0c29ffa2d935035db4fe8%25252526nc%2525253D2965587403995189898%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61a0c29ffa2d935035db4fe8%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FiGVKAKDJVMWiLMAuFeoxU6%25252525253Fsign%25252525253D3106415288%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D61a0c29ffa2d935035db4fe8&dsp_provider_id=2 HTTP 302
  • https://prodmp.ru/li?guid=758B16324ADA6AFA8C8B&uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61a0c29ffa2d935035db4fe8%2526i%253D7939301234216393124%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61a0c29ffa2d935035db4fe8%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61a0c29ffa2d935035db4fe8%25252526nc%2525253D2965587403995189898%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61a0c29ffa2d935035db4fe8%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FiGVKAKDJVMWiLMAuFeoxU6%25252525253Fsign%25252525253D3106415288%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D61a0c29ffa2d935035db4fe8&dsp_provider_id=2 HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/61a0c29ffa2d935035db4fe8?sign=d2e7f7e1&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61a0c29ffa2d935035db4fe8%2526i%253D7939301234216393124%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61a0c29ffa2d935035db4fe8%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61a0c29ffa2d935035db4fe8%25252526nc%2525253D2965587403995189898%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61a0c29ffa2d935035db4fe8%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FiGVKAKDJVMWiLMAuFeoxU6%25252525253Fsign%25252525253D3106415288%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=61a0c29ffa2d935035db4fe8&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D61a0c29ffa2d935035db4fe8%26i%3D7939301234216393124%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D61a0c29ffa2d935035db4fe8%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D61a0c29ffa2d935035db4fe8%252526nc%25253D2965587403995189898%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D61a0c29ffa2d935035db4fe8%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FiGVKAKDJVMWiLMAuFeoxU6%252525253Fsign%252525253D3106415288%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=BgaKtMBNON5TbG6581MT5g
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc= HTTP 302
  • https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEDQ1lQSBr3MUOamUNdXumnw&google_cver=1 HTTP 301
  • https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEDQ1lQSBr3MUOamUNdXumnw&google_gid=CAESEDQ1lQSBr3MUOamUNdXumnw&google_cver=1
Request Chain 369
  • https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6670528900167045665
Request Chain 370
  • https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=criteov2&value=spsfXgrRptdaGXRpAHlkfu_f8p0YImf_
Request Chain 372
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wE2d8b4q@VfA HTTP 302
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wE2d8b4q%40VfA&bounce=1&random=568599677
Request Chain 373
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=wE2d8b4q@VfA HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=wE2d8b4q@VfA
Request Chain 374
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=c3AydnhVNUxwZGNTMVQ0RzZtSFZCTw HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=c3AydnhVNUxwZGNTMVQ0RzZtSFZCTw&dcc=t
Request Chain 375
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A6216F1C-E9FB-40A6-96D4-2197A0F136B7
Request Chain 382
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D0%26rand%3D670509 HTTP 302
  • https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sp2vxU5LpdcS1T4G6mHVBO&gt=0&rand=670509
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
  • https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEIe7Ba2BKGgZ0tIf0p8eumw&google_cver=1
Request Chain 389
  • https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6670528900167045665
Request Chain 390
  • https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=criteov2&value=uBohprqcyl76OqSVtDgMOvCAN7cFQQ9F
Request Chain 395
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A6216F1C-E9FB-40A6-96D4-2197A0F136B7
Request Chain 433
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 502
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 513
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=51eb3150-c48b-524a-b638-ab83d798691e&expires=60 HTTP 302
  • https://ib.adnxs.com/setuid?entity=388&code=d9078758-6364-4304-a3ea-ad1856650774
Request Chain 538
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F51eb3150-c48b-524a-b638-ab83d798691e HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/51eb3150-c48b-524a-b638-ab83d798691e
Request Chain 556
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oMKgYZeRGNSF-gbbg5yoDg&random=2146646987&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146646987&crd=&is_vtc=1&random=3615542630 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146646987&crd=&is_vtc=1&random=3615542630&ipr=y
Request Chain 557
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oMKgYZyRGMfx-gblqqGwBQ&random=1801492335&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1801492335&crd=&is_vtc=1&random=2161070049 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1801492335&crd=&is_vtc=1&random=2161070049&ipr=y
Request Chain 576
  • https://data.videonow.ru/?profile_id=3416566&format=vast&vpaid=0&multi=1&flash=0&location=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html HTTP 302
  • https://data.videonow.ru/?profile_id=3416566&format=vast&vpaid=0&multi=1&flash=0&location=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ccheck=1
Request Chain 581
  • https://px.adhigh.net/p/cm/videonow?vn_dsp_id=3&event_id=4d95fad273b60eb2075cd9b82dc2b6d4 HTTP 302
  • https://sync.videonow.ru/ssp?dsp=3&uuid=PW9SHFxP88e.AikABlF9W_g3-w
Request Chain 582
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5097839&bn=5097839&rnd=3262742701 HTTP 302
  • https://sync.videonow.ru/ssp?dsp=4&uuid=AV_jAd0ptmwNq7RiytbfNsQ
Request Chain 584
  • https://videonow-sync.rutarget.ru/sync?vn_dsp_id=7&event_id=4d95fad273b60eb2075cd9b82dc2b6d4 HTTP 302
  • https://sync.videonow.ru/ssp?dsp=7&uuid=IIQKYnSxkT0q
Request Chain 586
  • https://rtb.com.ru/videonow-sync?uid=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 302
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61a0c29ffa2d935035db4fe8%2526i%253D7571482404377090954%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61a0c29ffa2d935035db4fe8%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61a0c29ffa2d935035db4fe8%25252526nc%2525253D2203113793906902846%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61a0c29ffa2d935035db4fe8%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61a0c29ffa2d935035db4fe8%2526i%253D7571482404377090954%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61a0c29ffa2d935035db4fe8%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61a0c29ffa2d935035db4fe8%25252526nc%2525253D2203113793906902846%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61a0c29ffa2d935035db4fe8%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D61a0c29ffa2d935035db4fe8&dsp_provider_id=2 HTTP 302
  • https://prodmp.ru/li?guid=758B16324ADA6AFA8C8B&uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61a0c29ffa2d935035db4fe8%2526i%253D7571482404377090954%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61a0c29ffa2d935035db4fe8%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61a0c29ffa2d935035db4fe8%25252526nc%2525253D2203113793906902846%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61a0c29ffa2d935035db4fe8%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D61a0c29ffa2d935035db4fe8&dsp_provider_id=2 HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/61a0c29ffa2d935035db4fe8?sign=d2e7f7e1&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61a0c29ffa2d935035db4fe8%2526i%253D7571482404377090954%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61a0c29ffa2d935035db4fe8%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61a0c29ffa2d935035db4fe8%25252526nc%2525253D2203113793906902846%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61a0c29ffa2d935035db4fe8%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=61a0c29ffa2d935035db4fe8&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D61a0c29ffa2d935035db4fe8%26i%3D7571482404377090954%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D61a0c29ffa2d935035db4fe8%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D61a0c29ffa2d935035db4fe8%252526nc%25253D2203113793906902846%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D61a0c29ffa2d935035db4fe8%25252526r%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=61a0c29ffa2d935035db4fe8&i=7571482404377090954&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D61a0c29ffa2d935035db4fe8%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D61a0c29ffa2d935035db4fe8%2526nc%253D2203113793906902846%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D61a0c29ffa2d935035db4fe8%252526r%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D61a0c29ffa2d935035db4fe8 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=61a0c29ffa2d935035db4fe8&i=7571482404377090954&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D61a0c29ffa2d935035db4fe8%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D61a0c29ffa2d935035db4fe8%2526nc%253D2203113793906902846%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D61a0c29ffa2d935035db4fe8%252526r%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D61a0c29ffa2d935035db4fe8 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=njTDkK3rxIw79e57urew&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D61a0c29ffa2d935035db4fe8%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D61a0c29ffa2d935035db4fe8%2526nc%253D2203113793906902846%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D61a0c29ffa2d935035db4fe8%252526r%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESELBUpd4CVIsplacAaHpptPk&ver=1&google_error=&code=224&ts=njTDkK3rxIw79e57urew&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D61a0c29ffa2d935035db4fe8%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D61a0c29ffa2d935035db4fe8%2526nc%253D2203113793906902846%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D61a0c29ffa2d935035db4fe8%252526r%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D61a0c29ffa2d935035db4fe8 HTTP 307
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=61a0c29ffa2d935035db4fe8&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D61a0c29ffa2d935035db4fe8%26nc%3D2203113793906902846%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D61a0c29ffa2d935035db4fe8%2526r%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=61a0c29ffa2d935035db4fe8&nc=2203113793906902846&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D61a0c29ffa2d935035db4fe8%26r%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=61a0c29ffa2d935035db4fe8&nc=2203113793906902846&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D61a0c29ffa2d935035db4fe8%26r%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D61a0c29ffa2d935035db4fe8&cc=1 HTTP 302
  • https://adx.com.ru/adspend-sync?uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3138228%3Bpid%3D61a0c29ffa2d935035db4fe8 HTTP 302
  • https://top-fwz1.mail.ru/counter?id=3138228;pid=61a0c29ffa2d935035db4fe8
Request Chain 587
  • https://sync.bumlam.com/?src=vn2&uid=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 302
  • https://sync.videonow.ru/ssp?dsp=14&uuid=a394bc24-4eaa-11ec-86e0-002590c0647c
Request Chain 588
  • https://dmp.vihub.ru/match?sysid=vn&redir=yes&uid=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 301
  • https://sync.videonow.ru/ssp?dsp=16&uuid=675b0562-05b4-4e42-a186-274d17ccc476
Request Chain 589
  • https://sync.omnidsp.com/match?src=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 302
  • https://sync.videonow.ru/ssp?dsp=23&uuid=bdd27425-5a96-44c3-ba55-8339eafb9748
Request Chain 590
  • https://ut.rktch.com/matchspm?pi=31&pui=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
  • https://ut.rktch.com/matchspm?pi=1000006&pui=sp2vxU5LpdcS1T4G6mHVBO&noredirect
Request Chain 592
  • https://sm.rtb.mts.ru/p?ssp=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=38&exu=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=71930b56-9fa6-4a5d-8fcb-f42ce0359090&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D38%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
  • https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D38%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Request Chain 593
  • https://ads.betweendigital.com/match?bidder_id=34557&callback_url=https%3A%2F%2Fsync.videonow.ru%2Fssp%3Fdsp%3D30%26uuid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.videonow.ru/ssp?dsp=30&uuid=51eb3150-c48b-524a-b638-ab83d798691e
Request Chain 594
  • https://sync.upravel.com/image?source=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&rnd=326274270 HTTP 302
  • https://sync.upravel.com/image?source=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&rnd=326274270&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9yZy5ydS8iXX19 HTTP 302
  • https://202107fc-2a71-4ff9-a17f-19577684b0da.sync.upravel.com/image?source=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&rnd=326274270&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9yZy5ydS8iLCJodHRwczovL3JnLnJ1LyJdfX0 HTTP 302
  • https://sync.upravel.com/videonow/sync HTTP 302
  • https://202107fc-2a71-4ff9-a17f-19577684b0da.sync.upravel.com/videonow/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9yZy5ydS8iXX19 HTTP 302
  • https://data.videonow.ru/?sync&dsp_id=19&user_id=202107fc-2a71-4ff9-a17f-19577684b0da HTTP 302
  • https://sync.videonow.ru/ssp?dsp=19&uuid=202107fc-2a71-4ff9-a17f-19577684b0da
Request Chain 595
  • https://relap.io/partners/videonowcs?vn=699 HTTP 302
  • https://sync.videonow.ru/ssp?dsp=32&uuid=0zyVboah
Request Chain 596
  • https://mitdmp.whiteboxdigital.ru/pixel?source=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 302
  • https://dmg.digitaltarget.ru/1/7203/i/i?a=840&e=6b8f5f88-690f-4e45-bab9-91837d1a8979 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7203/i/i?call_source=awg&a=840&e=6b8f5f88-690f-4e45-bab9-91837d1a8979
Request Chain 599
  • https://d.wi-fi.ru/b/v1/sync?cb=videonow HTTP 302
  • https://d.wi-fi.ru/b/v1/psync?t=u&p=3&cb=videonow HTTP 302
  • https://sync.videonow.ru/ssp?dsp=38&uuid=pbAB_06qEeydvsqG0zuNTg
Request Chain 600
  • https://match.new-programmatic.com/userbind?src=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 302
  • https://sync.videonow.ru/ssp?dsp=39&uuid=
Request Chain 601
  • https://adx.com.ru/videonow-plazsync?uid=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 302
  • https://adx.com.ru/sync?sspKey=6&sspUserID=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=61a0c2a1d41e0649104f37a6&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D61a0c2a1d41e0649104f37a6%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D61a0c2a1d41e0649104f37a6%25252526dest%2525253Dhttps%252525253A%252525252F%252525252Fsync.videonow.ru%252525252Fssp%252525253Fdsp%252525253D40%2525252526uuid%252525253D61a0c2a1d41e0649104f37a6%2526webouid%253D%7BWEBO_CID%7D HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61a0c2a1d41e0649104f37a6%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D61a0c2a1d41e0649104f37a6%252526dest%25253Dhttps%2525253A%2525252F%2525252Fsync.videonow.ru%2525252Fssp%2525253Fdsp%2525253D40%25252526uuid%2525253D61a0c2a1d41e0649104f37a6%26webouid%3D{WEBO_CID} HTTP 302
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61a0c2a1d41e0649104f37a6%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61a0c2a1d41e0649104f37a6%2526dest%253Dhttps%25253A%25252F%25252Fsync.videonow.ru%25252Fssp%25253Fdsp%25253D40%252526uuid%25253D61a0c2a1d41e0649104f37a6&webouid=sp2vxU5LpdcS1T4G6mHVBO
Request Chain 602
  • https://dmg.digitaltarget.ru/1/6323/i/i?a=622&e=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&i=326274270 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/6323/i/i?call_source=awg&a=622&e=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&i=326274270

621 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
rg.ru/2021/11/25/ 		237 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.190.37.226 , Russian Federation, ASN64409 (TELESTAR, RU),
Reverse DNS
pda.rg.ru
Software
nginx /
Resource Hash
28b1ecd782783d2b7167933b3cfc16ccdad2efabafaab59fd7370c47e81f17a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Fri, 26 Nov 2021 11:18:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
access-control-allow-credentials
true
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-encoding
gzip
firebase-app.js
www.gstatic.com/firebasejs/5.5.4/ 		34 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.4/firebase-app.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9061f372e65347081ccc226f73a3c961fdf266629e5f4490cea8fa4fb8637582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 21:25:26 GMT
x-content-type-options
nosniff
age
309206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34844
x-xss-protection
0
last-modified
Thu, 11 Oct 2018 22:40:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="firebase-js"
expires
Tue, 22 Nov 2022 21:25:26 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.4/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.4/firebase-messaging.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 03:23:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10045
x-xss-protection
0
last-modified
Thu, 11 Oct 2018 22:40:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="firebase-js"
expires
Thu, 24 Nov 2022 03:23:21 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba21fbb46af1680aa5753e8bb57d998f3b3a450b89b1497307a3852a82c3e01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 11:18:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 11:18:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 11:18:52 GMT
css
fonts.googleapis.com/ 		8 KB
843 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0fa17907e1c98d916e515dcaa207c77aab5846ad2b9417fdb95ff721fb00dbd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 11:18:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 11:18:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 11:18:52 GMT
lib.css
cdnimg.rg.ru/res/styles/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/styles/lib.css?802353a9aa3c
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
7adee2bef3d5d2fd7ea4af71b6a81df494c0a61cd3a920b572df22d04c427128

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Thu, 21 Dec 2017 09:30:50 GMT
server
nginx
etag
W/"5a3b7f4a-106df"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
expires
Thu, 20 Oct 2022 07:29:20 GMT
1.11.3_jquery.min.js
cdnimg.rg.ru/res/scripts/vendors/jquery/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 15:00:05 GMT
server
nginx
etag
W/"61435bf5-176f8"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Thu, 20 Oct 2022 07:28:53 GMT
header-bidding.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/header-bidding.js
  • https://yandex.ru/ads/system/header-bidding.js
166 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
863b2aec3eb2a1aa78cc128d323d04ca00cf3b27dc682ad4a7770e1b8b8cc776
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag
3703539254
x-yandex-req-id
1637925533076884-2460565196242508236-man1-2698-d21-man-l7-balancer-8080-BAL-1139
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 26 Nov 2021 12:18:53 GMT

Redirect headers

date
Fri, 26 Nov 2021 11:18:52 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
location
https://yandex.ru/ads/system/header-bidding.js
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
content-length
0
publishertag.js
cdn.rutarget.ru/static/publishertag/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rutarget.ru/static/publishertag/publishertag.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.0.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz-s-fr52.rutarget.ru
Software
nginx /
Resource Hash
bbb2bfc125999f8bc8fa4b38d2aceebec032d94f1021769d0bb339621979f31a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Fri, 26 Jul 2019 11:52:27 GMT
server
nginx
etag
W/"5d3ae97b-f77"
access-control-allow-methods
OPTIONS
content-type
application/x-javascript
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
context.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://yandex.ru/ads/system/context.js
301 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
a96fb671e8a4bc6f5c53f159039aaa6c1444cd14250d8f54acfa1e0de42fb295
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag
275767364
x-yandex-req-id
1637925533094937-6572672269751785393-man1-5139-08e-man-l7-balancer-8080-BAL-3381
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 26 Nov 2021 12:18:53 GMT

Redirect headers

date
Fri, 26 Nov 2021 11:18:52 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
location
https://yandex.ru/ads/system/context.js
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
content-length
0
lib.js
cdnimg.rg.ru/res/scripts/ 		667 KB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/lib.js?1ec59e9e4374
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
5cafbcb1e043b6a9425bdaf283a64a6ecec632424e9258e6fa72788e40714a7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Thu, 22 Jul 2021 17:10:22 GMT
server
nginx
etag
W/"60f9a67e-a6a63"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Thu, 20 Oct 2022 07:29:20 GMT
global.js
cdnimg.rg.ru/res/scripts/ 		342 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/global.js?3b3d89d2c912
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
af60a09556b9e71cf5cc0770144436fc1b68fa23da3709d766bb36b57d0ff92d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 11:36:30 GMT
server
nginx
etag
W/"6182743e-55702"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Thu, 03 Nov 2022 11:36:45 GMT
global.js
cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/global.js?ad0797be7e0f
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
b093eca41085ec21a15f7151356b7356f71c5f893ac9b46e8015581143c0e36e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Mon, 23 Mar 2020 14:46:11 GMT
server
nginx
etag
W/"5e78cbb3-15bb"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Thu, 20 Oct 2022 07:36:06 GMT
2215_t_100x67.png
cdnimg.rg.ru/img/content/221/63/73/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnimg.rg.ru/img/content/221/63/73/2215_t_100x67.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
cf9943b3977b82cf600a6f65fa5d70980f7c2d23f44131bdb3d46aa77c342763

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Thu, 25 Nov 2021 12:06:47 GMT
server
nginx
etag
W/"619f7c57-3522"
x-ngenix-cache
HIT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
image/png
expires
Fri, 25 Nov 2022 12:38:09 GMT
2215_d_850.png
cdnimg.rg.ru/img/content/221/63/73/ 		1021 KB
1022 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnimg.rg.ru/img/content/221/63/73/2215_d_850.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
855d4fa8ec1f110f2023edb51eb9c5d4c0038c3aa426fc3812bf2ae9cc1d9ed0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Thu, 25 Nov 2021 12:06:54 GMT
server
nginx
etag
W/"619f7c5e-ff21f"
x-ngenix-cache
HIT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
image/png
expires
Fri, 25 Nov 2022 12:24:38 GMT
yandex-zen-widget.js
cdnimg.rg.ru/res/scripts/ 		570 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/yandex-zen-widget.js?a0203e2d96f5
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
bcfd5d5aace781ae593dfcaf873d1579fbb8aed914585c9aef7356dc97d66645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
last-modified
Thu, 26 Mar 2020 09:21:32 GMT
server
nginx
etag
"5e7c741c-23a"
x-ngenix-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript
content-length
570
expires
Thu, 20 Oct 2022 07:30:50 GMT
logo-to-footer.png
cdnimg.rg.ru/res/images/custom/projects/rgdigital/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnimg.rg.ru/res/images/custom/projects/rgdigital/logo-to-footer.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
8d7cfdaf66eda543cf5bf782ab6d7948addc68be67302b29f26b4140d7fe44b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 09:36:46 GMT
server
nginx
etag
W/"5bdc1aae-1121"
x-ngenix-cache
HIT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
access-control-allow-credentials
true
content-type
image/png
expires
Fri, 26 Nov 2021 11:46:01 GMT
noto.woff.min.css
rg.ru/res/fonts/rg/ 		501 KB
379 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rg.ru/res/fonts/rg/noto.woff.min.css
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.190.37.226 , Russian Federation, ASN64409 (TELESTAR, RU),
Reverse DNS
pda.rg.ru
Software
nginx /
Resource Hash
6278f4711d008b11899f4240e23c61abbacd4957d938309d686917d43e4c0cf4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2016 12:19:10 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
access-control-allow-credentials
true
expires
Sat, 26 Nov 2022 11:18:52 GMT
material.js
cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/ 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/material.js?93f1197e2260
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
bfa163fa09b200dd716a31c1e08c15174d921ae1052001d465c4fb2760c39bf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Mon, 09 Aug 2021 07:34:45 GMT
server
nginx
etag
W/"6110da95-1b901"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Thu, 20 Oct 2022 07:36:06 GMT
article.css
cdnimg.rg.ru/res/styles/custom/projects/rgdigital/ 		120 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/styles/custom/projects/rgdigital/article.css?c74af337fd7f
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
e159793d0995ec33447cd89926dc1d44b9e8fb080cf3a6e114b9ff89f7fe6820

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 10:41:25 GMT
server
nginx
etag
W/"61486555-1e000"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
text/css
expires
Thu, 20 Oct 2022 07:36:06 GMT
relap.js
relap.io/v7/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/relap.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
890991f67488abd5633b6086f6016c47f3af0999b2dcd803473880c23e931b11
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
last-modified
Fri, 26 Nov 2021 09:11:18 GMT
server
nginx
etag
"61a0a4b6-11f6"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=60
content-length
4598
expires
Fri, 26 Nov 2021 11:19:53 GMT
jquery.mousewheel.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js?_=1637925532854
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1253247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-ad3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlbCkotiVPkUHWZA6MaTA56zKSA8CvToGeuMxinoCOLV%2FqLHIp9AfOAVozvSaVg6ffFRlA7z3Re4tXz6t4PxfiJickfn6GCbibFlibbRwDOudfU6RTSIyr91925axH7dsN0IM%2Bcp7ICu%2F1s8c8IPAU4v"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b42b7f4de075cb6-FRA
expires
Wed, 16 Nov 2022 11:18:52 GMT
b-news-inner.html
cdnimg.rg.ru/res/templates/ 		2 KB
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/templates/b-news-inner.html
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
7e0ce8e821f7865d4f65debe643e8021f634367f48b9d3fb9bc7d83bdcea0db2

Request headers

Accept
*/*
Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Thu, 21 Nov 2019 09:32:28 GMT
server
nginx
etag
W/"5dd659ac-6fd"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://rg.ru
cache-control
max-age=3600
access-control-allow-credentials
true
content-type
text/html
expires
Fri, 26 Nov 2021 12:06:38 GMT
getCodeTest
ads.adfox.ru/5906/
Redirect Chain
  • https://ads.adfox.ru/5906/getCode?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=863070975&ptrc=b
  • https://ads.adfox.ru/5906/getCodeTest?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=863070975&ptrc=b
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/getCodeTest?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=863070975&ptrc=b
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
timing-allow-origin
*

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
location
/5906/getCodeTest?p1=chwxt&p2=frfe&pfc=cpmvc&pfb=hfakn&pr=863070975&ptrc=b
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
expires
Mon, 04 Dec 1999 21:29:02 GMT
getCodeTest
ads.adfox.ru/5906/
Redirect Chain
  • https://ads.adfox.ru/5906/getCode?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=863070975
  • https://ads.adfox.ru/5906/getCodeTest?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=863070975
881 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/getCodeTest?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=863070975
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
location
/5906/getCodeTest?p1=cpekt&p2=frfe&pfc=dpcdr&pfb=jnroh&pr=863070975
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
expires
Mon, 04 Dec 1999 21:29:02 GMT
getCodeTest
ads.adfox.ru/5906/
Redirect Chain
  • https://ads.adfox.ru/5906/getCode?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=863070975&ptrc=b
  • https://ads.adfox.ru/5906/getCodeTest?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=863070975&ptrc=b
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/getCodeTest?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=863070975&ptrc=b
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
timing-allow-origin
*

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
location
/5906/getCodeTest?p1=chxae&p2=frfe&pfc=cpmvc&pfb=hfbjt&pr=863070975&ptrc=b
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
expires
Mon, 04 Dec 1999 21:29:02 GMT
rgdigital_logo_x2.png
cdnimg.rg.ru/res/images/custom/projects/rgdigital/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnimg.rg.ru/res/images/custom/projects/rgdigital/rgdigital_logo_x2.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
2bf767ddbfabd1c25f0abcf9f4416cab55034e773d37d274fb6eba0505cf009c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 09:36:46 GMT
server
nginx
etag
W/"5bdc1aae-1dac"
x-ngenix-cache
HIT
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=3600
access-control-allow-credentials
true
content-type
image/png
expires
Fri, 26 Nov 2021 11:26:56 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 17:55:18 GMT
x-content-type-options
nosniff
age
149014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:43:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 17:55:18 GMT
ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v16/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f9ab9c8edd798835473b909862ab62d984d6c6e8a939665842124bf86d2a28d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 16:54:52 GMT
x-content-type-options
nosniff
age
239040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 16:54:52 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 16:59:56 GMT
x-content-type-options
nosniff
age
238736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:44:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 16:59:56 GMT
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v16/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 07:48:52 GMT
x-content-type-options
nosniff
age
271800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27412
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 07:48:52 GMT
o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
fonts.gstatic.com/s/notosans/v21/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVYNyB1Wk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc06e0839b8c3e8054a4daaba2fa9ed5a4d0d509a3ffbe3799cc749f7bc4720c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:28:05 GMT
x-content-type-options
nosniff
age
597047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10812
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:43:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 19 Nov 2022 13:28:05 GMT
ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v16/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 21:24:07 GMT
x-content-type-options
nosniff
age
309285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24036
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 22 Nov 2022 21:24:07 GMT
o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
fonts.gstatic.com/s/notosans/v21/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr4TRAW_0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 08:01:21 GMT
x-content-type-options
nosniff
age
271051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10504
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:44:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 08:01:21 GMT
ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
fonts.gstatic.com/s/notoserif/v16/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v16/ga6Law1J5X9T9RW6j9bNdOwzfROecf1I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17cca1ca98461fed6c8f14c2ea54c8291ede3a8962df8ce7a3450c255ba32126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:54:51 GMT
x-content-type-options
nosniff
age
177841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18328
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:37:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 09:54:51 GMT
o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
fonts.gstatic.com/s/notosans/v21/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v21/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0042d508c0caeb7dc0fe620937e0edd5ec719587315f3cfe76d020341d2a9cb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 20 Nov 2021 11:53:08 GMT
x-content-type-options
nosniff
age
516344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15312
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 16:43:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 20 Nov 2022 11:53:08 GMT
/
front.rg.ru/geo/ 		27 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://front.rg.ru/geo/
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.190.23.28 , Russian Federation, ASN64409 (TELESTAR, RU),
Reverse DNS
front.rg.ru
Software
nginx / PHP/5.6.23-1+deprecated+dontuse+deb.sury.org~trusty+1
Resource Hash
cb3454f90458ee2f2abe7da33680bbffa9869baf7a6e6e39783947fb5db31b16

Request headers

Accept
*/*
Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
X-Powered-By
PHP/5.6.23-1+deprecated+dontuse+deb.sury.org~trusty+1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, PATCH, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
max-age=86400, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
origin, content-type, accept
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1065
date
Fri, 26 Nov 2021 11:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 26 Nov 2021 13:01:07 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7039329-20&cid=1781524426.1637925533&jid=1409330481&gjid=466829377&_gid=688762289.1637925533&_u=YGBAgAABAAAAAE~&z=646465234
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 26 Nov 2021 11:18:53 GMT
content-type
text/plain
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1862656599&t=pageview&_s=1&dl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ul=en-us&de=UTF-8&dt=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1409330481&gjid=466829377&cid=1781524426.1637925533&tid=UA-7039329-20&_gid=688762289.1637925533&cd5=Ivan-Chernousov&z=781353927
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 01:52:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33985
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-20&cid=1781524426.1637925533&jid=1409330481&_u=YGBAgAABAAAAAE~&z=1416389586
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-20&cid=1781524426.1637925533&jid=1409330481&_u=YGBAgAABAAAAAE~&z=1416389586
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
relap.js
relap.io/v7/ Frame 2964 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/relap.js
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
890991f67488abd5633b6086f6016c47f3af0999b2dcd803473880c23e931b11
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
last-modified
Fri, 26 Nov 2021 09:11:18 GMT
server
nginx
etag
"61a0a4b6-11f6"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=60
content-length
4598
expires
Fri, 26 Nov 2021 11:19:53 GMT
init
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/init?token=pNykDooO6qdayklM&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
x-server
web03
access-control-allow-credentials
true
access-control-max-age
1728000
vary
Origin
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-origin
https://rg.ru
x-content-type-options
nosniff
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
date
Fri, 26 Nov 2021 11:18:53 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
app_index.e81970c8f2be775b4f6c.js
relap.io/v7/ Frame 2964 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/app_index.e81970c8f2be775b4f6c.js
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
440ff5e3fff37e4bd2fbb03b7e9c5b713d377a39bef6c378beb4cebf394de616
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
last-modified
Fri, 26 Nov 2021 09:11:18 GMT
server
nginx
etag
"61a0a4b6-1fc6"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
8134
expires
Sun, 26 Dec 2021 11:18:53 GMT
init
relap.io/api/v7/ Frame 2964 		97 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/init?token=pNykDooO6qdayklM&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
aa36c80b0d36923f6cdd1ff3c5e20f6664bd69653eeebf0c05cd3f31edbe5370
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
x-relap-cookie
rlprp=eZJFUg:SFTu2g
cache-control
max-age=1, no-cache
x-server
back04
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
ext_cfgs
relap.io/api/v7/ Frame 2964 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/ext_cfgs?token=pNykDooO6qdayklM&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Requested by
Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
a0d1f3fea4af3e1b403a82a7e8497029af00651b89370bdf357764668514f4be
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-max-age
1728000
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
max-age=1, no-cache
x-server
back01
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
ext_cfgs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/ext_cfgs?token=pNykDooO6qdayklM&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
x-content-type-options
nosniff
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-credentials
true
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-origin
https://rg.ru
x-server
back01
vary
Origin
strict-transport-security
max-age=5184000; includeSubdomains;
getcookie
matchid.adfox.yandex.ru/ 		87 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
bb5a9a72d77496add15bc9659426418eb1e796eda8af3768d244561a6585f439
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
87
x-content-type-options
nosniff
content-type
application/json
4e51507e3b3fc8f9151b.js
yastatic.net/partner-code-bundles/49422/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/4e51507e3b3fc8f9151b.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d9c9b9f80c7fbdcc2ef6abe5d2182e9891d6f273830b00a744d05552a21b896f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4454
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"4e5871d7ef3811951d665e56ae812382"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 17:52:34 GMT
df68bffbff5ae367a9a6.js
yastatic.net/partner-code-bundles/49422/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/df68bffbff5ae367a9a6.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
42f778eacf147663de14a5a700f83fef31c1dbdf56001b1f71478145c9391369
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17116
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"2ed5bd1577fc37a67ec058623af0437f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 17:52:35 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 17:54:17 GMT
394f92cef988f11256c8.js
yastatic.net/partner-code-bundles/49422/ 		639 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/394f92cef988f11256c8.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
93c047f6bcfb7f7e8173521abe23a3f2ef3e31424ef5e4d27bef44cf5297d72c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
131576
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"4411cc5ea4047a827feebd9b94c0f945"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 17:52:34 GMT
widget-loader
zen.yandex.ru/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://zen.yandex.ru/widget-loader
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/yandex-zen-widget.js?a0203e2d96f5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::211 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
photoreport-component.js
cdnimg.rg.ru/res/scripts/components/ 		161 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/scripts/components/photoreport-component.js?v=8
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/material.js?93f1197e2260
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
e25de9aa65b33a5ff0b079694d5de44784e77ac4d1967ebf0fed6c5ce04bbcd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Mon, 06 Jul 2020 15:30:59 GMT
server
nginx
etag
W/"5f0343b3-285ef"
x-ngenix-cache
HIT
vary
Accept-Encoding, Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=31536000
access-control-allow-credentials
true
content-type
application/javascript
expires
Thu, 20 Oct 2022 07:29:21 GMT
sspmatch-js
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=9472189282
  • https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=9472189282&crf=1
882 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=9472189282&crf=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
fbf07492eb95dd36d31ed9b6b403ed41fbd048231b8a75dd0cadaa4e27004f13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
882
content-type
text/javascript

Redirect headers

location
/sspmatch-js?p=43097&randsalt=9472189282&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
tm.js
static.1dmp.io/ 		0
0
sprinkle.js
widgets.sprinklecontent.com/v2/ 		72 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.sprinklecontent.com/v2/sprinkle.js
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/global.js?3b3d89d2c912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-110.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
365069116bc27694af2acc83cab0226a89f97517038d52752873155dabeef5d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:05:07 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 09:44:39 GMT
server
AmazonS3
age
827
etag
W/"70d0f8bb33a284e2061c511acd27c56f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
cache-control
public, max-age=1800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
MeAXX_PuR9Y6jCulBlA1DV6gU3LtY-L1K74bi2AD189BwkiwOCyszQ==
rg.ru.1140036.js
jsc.lentainform.com/r/g/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.lentainform.com/r/g/rg.ru.1140036.js
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/material.js?93f1197e2260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b5320c7ee495ef362d6eec85659531382dd2b993fa5154d12bfec51a6296e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
cf-cache-status
HIT
age
6448
last-modified
Thu, 25 Nov 2021 11:22:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
617QHAR64FDGXBXK
x-amz-id-2
yk7YxJZw32jFeWfOI1Hxa82dkUDA/6QrhYSgju10MLzpOXWkht3nAoWLJIXBdg8L12ze4XKckTs=
cf-bgj
minify
server
cloudflare
etag
W/"dee24a8d57fcfd5bd9fb9a5d7f85bd2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6b42b7f71d3e4ed4-FRA
expires
Fri, 26 Nov 2021 14:18:53 GMT
98332.js
smi2.ru/data/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smi2.ru/data/js/98332.js
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/custom/projects/rgdigital/material.js?93f1197e2260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.162.95.76 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
ads5-3.smir10.imcmdb.net
Software
nginx /
Resource Hash
c11f0fbdba797c464433ff6dce1f91cf3dbad181c8143c0a4d80b861e37b2099

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Content-Encoding
gzip
Last-Modified
Friday, 26-Nov-2021 11:18:53 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
close
analytics.js
www.google-analytics.com/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js?_=1637925532855
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
date
Fri, 26 Nov 2021 11:18:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17857
expires
Fri, 26 Nov 2021 13:18:53 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1862656599&t=pageview&_s=1&dl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ul=en-us&de=UTF-8&dt=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAAABAAAAAG~&jid=1178186676&gjid=1859061146&cid=1781524426.1637925533&tid=UA-7039329-20&_gid=688762289.1637925533&_r=1&_slc=1&z=1313511518
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7039329-2&cid=1781524426.1637925533&jid=2133573517&gjid=834779093&_gid=688762289.1637925533&_u=aGDAgAABAAAAAG~&z=1638745182
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 26 Nov 2021 11:18:53 GMT
content-type
text/plain
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1862656599&t=pageview&_s=1&dl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ul=en-us&de=UTF-8&dt=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAAABAAAAAG~&jid=1745955016&gjid=1362152360&cid=1781524426.1637925533&tid=UA-7039329-43&_gid=688762289.1637925533&_r=1&_slc=1&cd2=tema-digital%2Finternet%2C%20tema-ekonomika%2Fbusiness&cd4=project-rgdigital&cd6=Ivan-Chernousov&cd7=sujet-4040&cd9=2094&z=92560962
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1862656599&t=pageview&_s=1&dl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ul=en-us&de=UTF-8&dt=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgAABAAAAAG~&jid=2133573517&gjid=834779093&cid=1781524426.1637925533&tid=UA-7039329-2&_gid=688762289.1637925533&cd2=tema-digital%2Finternet%2C%20tema-ekonomika%2Fbusiness&cd4=project-rgdigital&cd6=Ivan-Chernousov&cd7=sujet-4040&cd9=2094&cd8=desktop&z=2092982066
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Nov 2021 11:38:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
85237
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
code.js
top-fwz1.mail.ru/js/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/global.js?3b3d89d2c912
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Thu, 15 Jul 2021 18:35:46 GMT
server
nginx
etag
W/"60f08002-64db"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Fri, 26 Nov 2021 12:18:53 GMT
tag.js
mc.yandex.ru/metrika/ 		189 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/global.js?3b3d89d2c912
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-101bc"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65980
expires
Fri, 26 Nov 2021 12:18:53 GMT
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=11659;t=409;l=1
  • https://top-fwz1.mail.ru/counter2?id=11659;t=409;l=1
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=11659;t=409;l=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
5ce50030d5f36790254a4ec5325ce051848fa702c563e28899027e517e8438ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
1515
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
location
https://top-fwz1.mail.ru/counter2?id=11659;t=409;l=1
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043E%...
  • https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043...
274 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043E%20%u0430%u0442%u0430%u043A%20%u043D%u0430%20%u0431%u0438%u0437%u043D%u0435%u0441%20%u0441%20%u043F%u043E%u043C%u043E%u0449%u044C%u044E%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C-%u0432%u044B%u043C%u043E%u0433%u0430%u0442%u0435%u043B%u0435%u0439%20%u0432%u044B%u0440%u043E%u0441%u043B%u043E%20%u0432%u0442%u0440%u043E%u0435%20%u2014%20%u0420%u043E%u0441%u0441%u0438%u0439%u0441%u043A%u0430%u044F%20%u0433;0.48064658221918233
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
5157a6351c1d72cd61d9a19936b9307d8ddf2ec3c89146437602853547cc1a93
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
274
Expires
Wed, 25 Nov 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;h%u0427%u0438%u0441%u043B%u043E%20%u0430%u0442%u0430%u043A%20%u043D%u0430%20%u0431%u0438%u0437%u043D%u0435%u0441%20%u0441%20%u043F%u043E%u043C%u043E%u0449%u044C%u044E%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C-%u0432%u044B%u043C%u043E%u0433%u0430%u0442%u0435%u043B%u0435%u0439%20%u0432%u044B%u0440%u043E%u0441%u043B%u043E%20%u0432%u0442%u0440%u043E%u0435%20%u2014%20%u0420%u043E%u0441%u0441%u0438%u0439%u0441%u043A%u0430%u044F%20%u0433;0.48064658221918233
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 25 Nov 2020 21:00:00 GMT
hit;RGINTERNET
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;RGINTERNET?r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9784701544642886
  • https://counter.yadro.ru/hit;RGINTERNET?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9784701544642886
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;RGINTERNET?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9784701544642886
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 25 Nov 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;RGINTERNET?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.9784701544642886
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 25 Nov 2020 21:00:00 GMT
hit;RGRU
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;RGRU?r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.39194964111116737
  • https://counter.yadro.ru/hit;RGRU?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.39194964111116737
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;RGRU?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.39194964111116737
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 25 Nov 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;RGRU?q;r;s1600*1200*24;uhttps%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;0.39194964111116737
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 25 Nov 2020 21:00:00 GMT
/
www.tns-counter.ru/V13b***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
Redirect Chain
  • https://www.tns-counter.ru/V13a***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
  • https://www.tns-counter.ru/V13b***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.14/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.14/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
server
ms-counter-3.2.14/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b***R%3E*rg_ru/ru/UTF-8/tmsec=rg_total/
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		171 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.315%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3698954620&pr=4042162708&prr=&pv=11&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A288.1875%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A667%2C%22top%22%3A78%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=288.1875&availableHeight=0&pp=kjx&screenType=desktopFull&p2=fjgg&ps=cgiu&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f429d3c71afd0c066d9eeb66b79ebf2eb98aa6d77a7f6cbbb6984de866aeaa18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533454376-528180037134703845800273-production-app-host-vla-pcode-132
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
publishertag.js
static.criteo.net/js/ld/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:13 GMT
server
nginx
etag
W/"618cb9a1-1d4ec"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 27 Nov 2021 11:18:53 GMT
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
10201
content-length
31
expires
-1
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
yhb
yhb.p.otm-r.com/ 		11 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
server
nginx/1.17.6
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
12402
content-length
31
expires
-1
v2
an.yandex.ru/adfox/5906/getBulk/ 		170 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.337%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=694162359&pr=4042162708&prr=&pv=11&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074077205&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A0%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A430%2C%22top%22%3A604%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=0&pp=bqrp&ps=cgiu&p2=fjgg&slotNumber=4&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
4dfaf53c384e808f63cd97972180b3bc01498202d186f85c55bf4a95b8dc932a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533469363-1030734890447747303500237-production-app-host-man-pcode-105
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.355%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=661869937&pr=4042162708&prr=&pv=11&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A0%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A430%2C%22top%22%3A1098%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=0&pp=bimv&ps=cgiu&screenType=mobile%20desktop%20desktopFull&p2=fjgg&slotNumber=5&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6295d13afd9ed3fa64b53f1e0a44cf49bc4e162dead7dde7ba1c483f95c8d16b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533514378-999370400936386102800238-production-app-host-sas-pcode-154
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
yhb
yhb.p.otm-r.com/ 		11 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
server
nginx/1.17.6
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
12601
content-length
31
expires
-1
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
11601
content-length
31
expires
-1
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
yhb
yhb.p.otm-r.com/ 		11 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
server
nginx/1.17.6
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
10202
content-length
31
expires
-1
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.369%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1335496867&pr=4042162708&prr=&pv=11&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1120%2C%22top%22%3A826%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=0&pp=ijp&p2=fkqy&screenType=desktop%20desktopFull&ps=cgiu&slotNumber=13&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
c97186118215214f3eea98b861927156a00ca3b99954ee222d64a5ffb04d27ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533484474-1166707573863339039100273-production-app-host-vla-pcode-210
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.374%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=2729346593&pr=4042162708&prr=&pv=11&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1120%2C%22top%22%3A826%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=0&pp=ijq&p2=fkqy&screenType=desktop%20desktopFull&ps=cgiu&slotNumber=14&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
356f198f42c656c66643aab85487d744d1699c6205847cb5667a25b26ff9d779
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533508108-1236517916266167655800273-production-app-host-vla-pcode-183
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		171 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.378%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1355584132&pr=4042162708&prr=&pv=11&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1120%2C%22top%22%3A826%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A5%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=0&pp=ijr&p2=fkqy&screenType=desktop%20desktopFull&ps=cgiu&slotNumber=15&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5a70e4836f12f6e56664bc7a07f440e9e4b15968a02e1bc11e028028b971c6a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533476358-1728828992355639776600237-production-app-host-man-pcode-112
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.380%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=2346942372&pr=4042162708&prr=&pv=11&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1120%2C%22top%22%3A826%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A6%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=0&pp=ijz&p2=fkqy&screenType=desktop%20desktopFull&ps=cgiu&slotNumber=16&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
caae280c384cae1dd48233f1d4052f0b04290a595225e19b548a1baa40a92031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533484724-1631131866141761858900287-production-app-host-man-pcode-157
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		171 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.382%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1370048701&pr=4042162708&prr=&pv=11&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1120%2C%22top%22%3A826%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A7%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=0&pp=ika&p2=fkqy&screenType=desktop%20desktopFull&ps=cgiu&slotNumber=17&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
011f4d1976bb909f96210eeb752814090291a71f1b06cd770736d4be754eeaa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533481373-911834918715534995300274-production-app-host-man-pcode-103
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
yhb
yhb.p.otm-r.com/ 		11 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
server
nginx/1.17.6
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
12401
content-length
31
expires
-1
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
12502
content-length
31
expires
-1
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
12701
content-length
31
expires
-1
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.388%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1458060535&pr=4042162708&prr=&pv=11&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1240%2C%22h%22%3A0%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A180%2C%22top%22%3A3248%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A8%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=1240&availableHeight=0&pp=ikr&screenType=tablet%20tabletLandscape%20desktop%20desktopFull&p2=fjgg&ps=cgiu&slotNumber=21&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
d70e65e486e2615bb9e6f9dde12aa69b3a433ff505ff382b4a041dd1c5e037cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533506462-31958090822901513700237-production-app-host-man-pcode-12
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.394%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3185510419&pr=4042162708&prr=&pv=11&pw=5&extid_loader=&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074077205&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1240%2C%22h%22%3A0%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A180%2C%22top%22%3A3248%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A9%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=1240&availableHeight=0&pp=vsm&p2=fjgg&ps=cgiu&slotNumber=22&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
1756bca6dd68409e0ad6e1949c87f1d36af48320b002e99e6e8233345ff2a808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533522046-279186634802997398500242-production-app-host-sas-pcode-183
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
adfox
exchange.buzzoola.com/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/ssp/adfox
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
11 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
116.202.236.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.236.202.116.clients.your-server.de
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
server
nginx
serverid
TODO
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://rg.ru
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
11

Redirect headers

date
Fri, 26 Nov 2021 11:18:53 GMT
server
nginx
access-control-allow-origin
https://rg.ru
etag
W/"1ed5ac931ece80277514906754178a0d8189e2526286cd5138dc8439fa6f362b"
serverid
TODO
location
/ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
0
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
yhb
yhb.p.otm-r.com/ 		11 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
server
nginx/1.17.6
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
12702
content-length
31
expires
-1
2216373
front.rg.ru/comments/list/ 		31 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://front.rg.ru/comments/list/2216373
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.190.23.28 , Russian Federation, ASN64409 (TELESTAR, RU),
Reverse DNS
front.rg.ru
Software
nginx / PHP/5.6.23-1+deprecated+dontuse+deb.sury.org~trusty+1
Resource Hash
96a44a9d7d9ffd05d1fb1de1994d4769fad6bed09b641097447dec156305fd49

Request headers

Accept
*/*
Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.23-1+deprecated+dontuse+deb.sury.org~trusty+1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, PATCH, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
origin, content-type, accept
expires
-1
hb
ads.adfox.ru/ 		206 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
8776e766d8c56112278939057b3374ab3244bb2e5f1a6b984733f16ed2c1daf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		205 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
5731a6da0d87f94ff381a5135019341850f1afbfa99d13490865438e076b5546
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		202 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
21b7a12f0d00f7d337bd2798352f73d64ba135e59fda0c6293b58ab4c7b2b771
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		203 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
a66bb5e0ceed83e5a192e063433639255090ba903add7e484bfad59439b42bf7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		202 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
7a6fa683e113c7407a53738d3b690e43e4287b73b87acbec6fbefd731ac48836
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		205 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
2d7fc271515683ce6082541d76702d855d72ba050bf1062493782d0b45d74839
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		206 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
8684c73cfa501a7263899fcf425f2adf86e439b56de4c480746b3dfe25b548e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		201 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
da0f8c900f4f75a593407f0736f9a16cec0632b8a7f196f6e12a3697b4a9091a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
hb
ads.adfox.ru/ 		206 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
1c78e00b0d0eae9458bdb13c90425be1942872ef0394a94e5daeb5a6fbe01e82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
vendor.70a5e16820b6b0a388e3.js
relap.io/v7/ Frame 2964 		373 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.e81970c8f2be775b4f6c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
4efc7bae0f267c675c4cce712fd7b6dd7d69528899330340228259013376ba64
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
last-modified
Fri, 26 Nov 2021 09:11:18 GMT
server
nginx
etag
"61a0a4b6-18678"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
99960
expires
Sun, 26 Dec 2021 11:18:53 GMT
common_core.9d088340d7cfe344cddc.js
relap.io/v7/ Frame 2964 		252 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.e81970c8f2be775b4f6c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
6823dea10949344170cc602ab77daa8e267c3939427e6956318aa4cea3b5b36d
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
last-modified
Fri, 26 Nov 2021 09:11:18 GMT
server
nginx
etag
"61a0a4b6-dd64"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
56676
expires
Sun, 26 Dec 2021 11:18:53 GMT
app.443b72c76e8761dcbe23.js
relap.io/v7/ Frame 2964 		69 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/app.443b72c76e8761dcbe23.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.e81970c8f2be775b4f6c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
696847d4fee1e6e28b4687a7c113f1f20067af307bf90b491ac114f3b5bf2f44
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
last-modified
Fri, 26 Nov 2021 09:11:18 GMT
server
nginx
etag
"61a0a4b6-1df6"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
7670
expires
Sun, 26 Dec 2021 11:18:53 GMT
b-partners.html
cdnimg.rg.ru/res/templates/ 		616 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnimg.rg.ru/res/templates/b-partners.html
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.235.190.61 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
6b4425b521fda664af1b90d0aa7223670c33a653bebeef1981617bff727110bc

Request headers

Accept
*/*
Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Fri, 20 Jan 2017 11:38:53 GMT
server
nginx
etag
"5881f6cd-268"
x-ngenix-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://rg.ru
cache-control
max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
content-type
text/html
content-length
616
expires
Fri, 26 Nov 2021 12:06:39 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7039329-20&cid=1781524426.1637925533&jid=1178186676&gjid=1859061146&_gid=688762289.1637925533&_u=aGDAAAABAAAAAG~&z=495891307
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 26 Nov 2021 11:18:53 GMT
content-type
text/plain
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-2&cid=1781524426.1637925533&jid=2133573517&_u=aGDAgAABAAAAAG~&z=1830624890
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-2&cid=1781524426.1637925533&jid=2133573517&_u=aGDAgAABAAAAAG~&z=1830624890
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rg.ru.1140036.es6.js
jsc.lentainform.com/r/g/ 		246 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63bb61d126715cdabe020cf5c4831788a1eba333985b55a72c68bed3be8057c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
cf-cache-status
HIT
age
6447
last-modified
Thu, 25 Nov 2021 11:22:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
PWAJXV0GFB41H34A
x-amz-id-2
uokc6tXFpF9WQaL3EmRJhM/0n8RwaCA5Kx5DVCTr8Yjr1Z4mrV5IMfchHCZfSP3Fmyl3O0hlPDg=
cf-bgj
minify
server
cloudflare
etag
W/"187b81f28bf3abd9c093d5be4f02378c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6b42b7f83a384e67-FRA
expires
Fri, 26 Nov 2021 14:18:53 GMT
jsapi.v5.5.3.ru_RU.js
static.smi2.net/static/jsapi/ 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smi2.net/static/jsapi/jsapi.v5.5.3.ru_RU.js
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/98332.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.126 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser4.imcmdb.net
Software
nginx /
Resource Hash
ddfb872eca3ef18e312ddb7986b7b0b68bf1ab057461430e16d398b02ac47898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Nov 2021 11:08:02 GMT
Server
nginx
ETag
W/"619f6e92-3e863"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
sm.js
stat.media/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/sm.js
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/98332.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sm-server1-1.ssel23.imcmdb.net
Software
nginx /
Resource Hash
382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Aug 2021 20:46:02 GMT
Server
nginx
ETag
W/"610afc8a-133b9"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
smi2.svg
static.smi2.net/static/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.smi2.net/static/logo/smi2.svg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.126 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser4.imcmdb.net
Software
nginx /
Resource Hash
752b584142bd8ce13218ba3a53bf07a89b9cff2f0cf001d6b396b35df335c5a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Last-Modified
Wed, 14 Nov 2018 15:52:47 GMT
Server
nginx
ETag
"5bec44cf-a66"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2662
/
target.smi2.ru/init/ 		95 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://target.smi2.ru/init/?blockid=98332&siteid=37846&bw=1600&bh=1200&rnd=6371529506755
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.161.36.3 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
target2-1.sselp2.imcmdb.net
Software
nginx / HHVM/3.9.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Target-Version
2
Date
Fri, 26 Nov 2021 11:18:53 GMT
X-Target-Final
20211126141853-0
Server
nginx
X-Target-Host
target2-1.sselp2
X-Powered-By
HHVM/3.9.1
X-Time-Request
0.00029
Content-Type
image/png
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
95
Expires
Fri, 26 Nov 2021 11:18:52 GMT
truncated
/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3224976f57868dc3d4dbfceddfc956fbd9e7760431e74b4a25323ae06f7ce4c7

Request headers

Referer
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
bidder_18.html
cache.betweendigital.com/code/ Frame 6FB1 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=51eb3150-c48b-524a-b638-ab83d798691e&CACHEBUSTER=469608
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=43097&randsalt=9472189282
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

server
nginx
date
Fri, 26 Nov 2021 11:18:53 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
match
ads.betweendigital.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=d9078758-6364-4304-a3ea-ad1856650774
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=d9078758-6364-4304-a3ea-ad1856650774
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=03f06c0e-1456-4440-854c-1894a8a29496&user_group=1&ssp=between&bsw_param=d9078758-6364-4304-a3ea-ad1856650774
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9078758-6364-4304-a3ea-ad1856650774
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9078758-6364-4304-a3ea-ad1856650774
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=d9078758-6364-4304-a3ea-ad1856650774
Date
Fri, 26 Nov 2021 11:18:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=PW9SHFxP88e.AikABlF9W_g3-w
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=PW9SHFxP88e.AikABlF9W_g3-w
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f8-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=PW9SHFxP88e.AikABlF9W_g3-w
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=82995b5021d5c0ff615e7eef
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=82995b5021d5c0ff615e7eef
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=82995b5021d5c0ff615e7eef
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
match
ads.betweendigital.com/
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=51eb3150-c48b-524a-b638-ab83d798691e
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABidhYONBlIFvp7KygpiJDUxZWIzMTUwLWM0OGItNTI0YS1iNjM4LWFiODNkNzk4NjkxZQ**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARidhYONBlIFvp7KygpiJDUxZWIzMTUwLWM0OGItNTI0YS1iNjM4LWFiODNkNzk4NjkxZaIBEKOUvCROqhHshuAAJZDAZHw*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABidhYONBmIkNTFlYjMxNTAtYzQ4Yi01MjRhLWI2MzgtYWI4M2Q3OTg2OTFlogEQo5S8JE6qEeyG4AAlkMBkfA**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARidhYONBmIkNTFlYjMxNTAtYzQ4Yi01MjRhLWI2MzgtYWI4M2Q3OTg2OTFlogEQo5S8JE6qEeyG4AAlkMBkfA**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=a394bc24-4eaa-11ec-86e0-002590c0647c
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=a394bc24-4eaa-11ec-86e0-002590c0647c
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=a394bc24-4eaa-11ec-86e0-002590c0647c
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-20&cid=1781524426.1637925533&jid=1178186676&_u=aGDAAAABAAAAAG~&z=611060398
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7039329-20&cid=1781524426.1637925533&jid=1178186676&_u=aGDAAAABAAAAAG~&z=611060398
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4.json
front.rg.ru/api/partners/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://front.rg.ru/api/partners/4.json?callback=callbackPartners&_=1637925532856
Requested by
Host: cdnimg.rg.ru
URL: https://cdnimg.rg.ru/res/scripts/vendors/jquery/1.11.3_jquery.min.js?f03e5a3bf534
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.190.23.28 , Russian Federation, ASN64409 (TELESTAR, RU),
Reverse DNS
front.rg.ru
Software
nginx /
Resource Hash
4faae8c0b0c70a34af53eaf526cf14a3763459e855020519849042a7c52fd2b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Nov 2021 11:15:04 GMT
Server
nginx
ETag
W/"61a0c1b8-1d79"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Content-Type
application/json
Connection
keep-alive
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9469.jBm2FLZUo8hyyPmuPaCjccazY0GhTGE7Qlaz7Ywq2p8GZDo-lA4iHlaTJkNU_nE-.hUPI71WBPAzbx_RUpf_sVWx0FMU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9469.fIRSEh51FfeffU65G8Kay91h8olDFmMLGi8JH1BmcIHDXbqCNEG8aqwF7-fNaojtVolUYoiZeNGiY5NjpEJdygxvq4P5TV55V9dd8fef76E%2C.H2CuVeh4h-H1SGacpRiyHX9dgWI%2C
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9469.fIRSEh51FfeffU65G8Kay91h8olDFmMLGi8JH1BmcIHDXbqCNEG8aqwF7-fNaojtVolUYoiZeNGiY5NjpEJdygxvq4P5TV55V9dd8fef76E%2C.H2CuVeh4h-H1SGacpRiyHX9dgWI%2C
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9469.fIRSEh51FfeffU65G8Kay91h8olDFmMLGi8JH1BmcIHDXbqCNEG8aqwF7-fNaojtVolUYoiZeNGiY5NjpEJdygxvq4P5TV55V9dd8fef76E%2C.H2CuVeh4h-H1SGacpRiyHX9dgWI%2C
date
Fri, 26 Nov 2021 11:18:53 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
v2
an.yandex.ru/adfox/5906/getBulk/ 		101 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.560%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3713392123&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A0%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A430%2C%22top%22%3A3095%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A10%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=0&pp=zkb&p2=fjgg&screenType=desktop%20desktopFull&services=%5Bobject%20Object%5D&ps=cgiu&slotNumber=10&bids=W3siY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MTYyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiODAyMzkzIn1d&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
c89d1d95ab3ef9661e764e375d3b7c4bf7d73cf7866440525d7b2c13d1d22341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
ssr
true
x-yandex-req-id
1637925533581849-956283626111472117900273-production-app-host-man-pcode-132
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 26 Nov 2021 11:18:53 GMT
counter
top-fwz1.mail.ru/ 		43 B
900 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=11659;u=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html;st=1637925532978;title=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=15c89baf68a355a4;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1637925533578%3A1637925533589%3A1%3Aa4c4dae650f5532bb5bc14367f1bd277;visible=true;_=0.5783835524874983
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://rg.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://rg.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://rg.ru
access-control-allow-headers
*
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=88623179462
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=1258907826
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=21960962240
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=15756269719
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:52 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=31028263266
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=41028512978
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=81417165685
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=8042965623
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=85990907396
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 26 Nov 2021 12:18:53 GMT
optimize.webp
avatars.mds.yandex.net/get-adfox-content/2774030/211122_adfox_602422_4800739.3010c7f140a0dc964db78475e2bc76e9.jpg/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-adfox-content/2774030/211122_adfox_602422_4800739.3010c7f140a0dc964db78475e2bc76e9.jpg/optimize.webp
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
2739b41ed125db5bb73853d753ecc38fc8ebee3ab5620aa559929a2fca85a060

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Mon, 22 Nov 2021 12:39:57 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
6016
x-request-id
e0c58b369bcf0084
optimize.webp
avatars.mds.yandex.net/get-adfox-content/2765366/211123_adfox_1752850_4802797.083dca7f2c7c4f9f2cca47b02e5c51c0.jpg/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-adfox-content/2765366/211123_adfox_1752850_4802797.083dca7f2c7c4f9f2cca47b02e5c51c0.jpg/optimize.webp
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
958a47a7c00818c5f32210c743ccf6c3b011689f46d55edfb83a94852aa7a0ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Tue, 23 Nov 2021 08:02:37 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
11704
x-request-id
e7beb2cf6d2f4aaa
seedr-player.min.js
cdn01.nativeroll.tv/js/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/seedr-player.min.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6c8f12934769d44db458b48918c6a3b8d77a808fc280eb0dd849edebdc637398

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
server
nginx
etag
W/"6197b962-5e3a"
vary
Accept-Encoding
x-cached-since
2021-11-26T10:50:20+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Fri, 19 Nov 2021 18:44:48 GMT
event
ads.adfox.ru/5906/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?hash=3b9049a577e31e98&pm=cyz&p5=juxbv&rand=gbfuhdp&sj=X9ImJ7I67nT8IdSas1RLG8JhrywQXJrQATQoh2HNFabK1SoeKt1B0MlwExwSsQ%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvovy&rqs=naq6bQEUh1qdwqBh1EG92IUWoZR8LW9T&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
optimize.webp
avatars.mds.yandex.net/get-adfox-content/2765366/211123_adfox_1723679_4802811.84720a133852208df94d872de1352299.jpg/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-adfox-content/2765366/211123_adfox_1723679_4802811.84720a133852208df94d872de1352299.jpg/optimize.webp
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
81a04c3c7061efcff4ab4eea7e4ff975fb56341aab0f0596047ff40a2ad00c7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Tue, 23 Nov 2021 08:11:07 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
18992
x-request-id
c664b1719301fb97
code.js
mediatoday.ru/core/
Redirect Chain
  • https://mediatoday.ru/core/code.js?pid=9119&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600...
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9tZWRpYXRvZGF5LnJ1L2NvcmUvY29kZS5qcz9waWQ9OTExOSZyaWQ9MTAxNDE4JnJsPSZsbD1odHRwcyUzQS8vcmcucnUvMjAyMS8xMS8yNS9rb2xpY2hlc3R2by1hdGFrLW5hLWJpem5lcy1z...
  • https://mediatoday.ru/core/code.js?pid=9119&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediatoday.ru/core/code.js?pid=9119&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOo2mHQ75BYEsXo
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.179 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
de3bcc9160d6bfda6fa63afeacf534c415d24859eb3b670acc3410b30cd9826e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
br
referrer-policy
origin-when-cross-origin
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
text/javascript
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://mediatoday.ru/core/code.js?pid=9119&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOo2mHQ75BYEsXo
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?hash=46eee5cd0dc99688&pm=cyz&p5=jjssc&rand=jaqwmdj&sj=gCeWQMkWYewfD_-x7U7jkNmaI7q_TMZZe45R2eIYFuytVAssn7xLqN1bY3RvEw%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=cnxai&rqs=naq6bQEUh1qdwqBh2xFk7GE6Wi7ZTc4k&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
code.js
mediatoday.ru/core/
Redirect Chain
  • https://mediatoday.ru/core/code.js?pid=8493&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600...
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9tZWRpYXRvZGF5LnJ1L2NvcmUvY29kZS5qcz9waWQ9ODQ5MyZyaWQ9MTAxNDE4JnJsPSZsbD1odHRwcyUzQS8vcmcucnUvMjAyMS8xMS8yNS9rb2xpY2hlc3R2by1hdGFrLW5hLWJpem5lcy1z...
  • https://mediatoday.ru/core/code.js?pid=8493&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediatoday.ru/core/code.js?pid=8493&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOn2DghXAp4IoSM
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.179 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ad8fbcdae9559932a19c504969bd3002b01f40c486a2aa80a95aedfff12336ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
br
referrer-policy
origin-when-cross-origin
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
text/javascript
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://mediatoday.ru/core/code.js?pid=8493&rid=101418&rl=&ll=https%3A//rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&vidsetup=1&idntfy=VOn2DghXAp4IoSM
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?hash=a58bea7cb5ec57dd&pm=cyz&p5=igcly&rand=hujuwch&sj=zzrH06heO-0gnz56oU8ftpt8_uebqBGBPlPFQv-fO5Yj_9duiTJe8GojBbqEMw%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074077205&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=chfif&rqs=naq6bQEUh1qdwqBhTM6k6epKPUT0M1ul&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
metrics
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
vary
Origin
access-control-allow-origin
https://rg.ru
access-control-max-age
1728000
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
x-server
web05
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-content-type-options
nosniff
access-control-allow-credentials
true
strict-transport-security
max-age=5184000; includeSubdomains;
metrics
relap.io/api/v7/ Frame 2964 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
max-age=1, no-cache
x-server
back16
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
abp.gif
relap.io/ Frame 2964 		43 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/abp.gif?ch=1&rn=3.4843152949692526
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Wed, 21 Apr 2021 14:05:06 GMT
server
nginx
etag
"60803112-2b"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
accept-ranges
bytes
content-length
43
abp.gif
relap.io/ Frame 2964 		43 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/abp.gif?ch=2&rn=3.4843152949692526
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Wed, 21 Apr 2021 14:05:06 GMT
server
nginx
etag
"60803112-2b"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
accept-ranges
bytes
content-length
43
/
ad.mail.ru/hbid_yandex/ Frame 2964 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=31041968903
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=63710838660
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=92378777079
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=76056874302
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:52 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
ad.mail.ru/adq/ 		119 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?q=166310&cpm_floor=5000&sitename=rg.ru&count=5&topics=!13194250225664&callback=window.relapCbRegistry.relapCb6054934293
Requested by
Host: relap.io
URL: https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
c4cb5613ba7318461126fba439ee1419b0eee6a5d4c1ab9bf2053162d777d704

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ 		118 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?q=45459&cpm_floor=100&sitename=rg.ru&count=4&topics=!13194250225664&callback=window.relapCbRegistry.relapCb9297654894
Requested by
Host: relap.io
URL: https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
076cd51028cb16bdc138052656d87969974c8b125b7372445cae99750c7f6006

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
cookie_checker
relap.io/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/cookie_checker?_s=PqYQog&callback=window.relapCbRegistry.relapCb7584170077
Requested by
Host: relap.io
URL: https://relap.io/v7/common_core.9d088340d7cfe344cddc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
altergeocs
relap.io/partners/ Frame 2964
Redirect Chain
  • https://cm.p.altergeo.ru/relap?aid=0zyVboah&nc=UCrLyFc0&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
  • https://relap.io/partners/altergeocs?uid=CMNyCEf3ciS9iA1SxNXiL3oA==
43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/partners/altergeocs?uid=CMNyCEf3ciS9iA1SxNXiL3oA==
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-server
back08
content-length
43
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:54 GMT
Server
nginx/1.16.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://relap.io/partners/altergeocs?uid=CMNyCEf3ciS9iA1SxNXiL3oA==
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
counter
top-fwz1.mail.ru/ Frame 2964 		43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?id=3136989;js=na
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
855.933b1f3f94eb4cb36515.js
relap.io/v7/ Frame 2964 		2 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://relap.io/v7/855.933b1f3f94eb4cb36515.js
Requested by
Host: relap.io
URL: https://relap.io/v7/app_index.e81970c8f2be775b4f6c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
f12903e34288b0d00155509c6613edeac90845f72477db0f41046662f79a63aa
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
br
last-modified
Fri, 26 Nov 2021 09:11:18 GMT
server
nginx
etag
"61a0a4b6-311"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
content-length
785
expires
Sun, 26 Dec 2021 11:18:53 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 21 Nov 2022 11:18:53 GMT
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 21 Nov 2022 11:18:53 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.784%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1390648558&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1240%2C%22h%22%3A250%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A180%2C%22top%22%3A146%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A11%2C%22ad_no%22%3A6%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=1240&availableHeight=250&pp=ibg&screenType=tablet%20tabletLandscape%20desktop%20desktopFull&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=2&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6Mzg1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5MTgxOSJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MjA1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzM2MDM0In0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjoyODAsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ185NzB4MjUwIn0seyJjYW1wYWlnbl9pZCI6ODczOTgxLCJyZXNwb25zZV90aW1lIjo1MCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI3Njk2OTgifSx7ImNhbXBhaWduX2lkIjoxMzUyMTMzLCJyZXNwb25zZV90aW1lIjo1MSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6InBhWE1uRFdIMkVWYmlJdHNlRHpjIn0seyJjYW1wYWlnbl9pZCI6MTcyOTE5NywicmVzcG9uc2VfdGltZSI6MTc3LCJlcnJvciI6eyJjb2RlIjoxfX0seyJjYW1wYWlnbl9pZCI6MTU5NzM0NiwicmVzcG9uc2VfdGltZSI6MjE3LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjA1YmRiNDMzZDVhMmRhYjI0ZDZhNTg3In1d&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8adca16580f7fd0a41558e437c659279a59c374a27b9514067c882696afa22c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533825773-606709371179490297900239-production-app-host-sas-pcode-45
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.801%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3505132614&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1150%2C%22top%22%3A432%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A12%2C%22ad_no%22%3A6%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=400&pp=ibf&screenType=tablet%20desktop%20desktopFull&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=12&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NDAyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5MTgxMyJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MjE3LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzM1ODA4In0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjoyOTAsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ18yNDB4NDAwX2xlZnQifSx7ImNhbXBhaWduX2lkIjoxNDIxNDQzLCJyZXNwb25zZV90aW1lIjo0MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE4ODcifSx7ImNhbXBhaWduX2lkIjo4NzM5ODEsInJlc3BvbnNlX3RpbWUiOjQzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjc2OTcwMSJ9LHsiY2FtcGFpZ25faWQiOjEzNTIxMzMsInJlc3BvbnNlX3RpbWUiOjUyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiUVFCY2hwZnNscFJ5MHpoeXdldm8ifSx7ImNhbXBhaWduX2lkIjoxNzI5MTk3LCJyZXNwb25zZV90aW1lIjoyMDQsImVycm9yIjp7ImNvZGUiOjF9fSx7ImNhbXBhaWduX2lkIjoxNTk3MzQ2LCJyZXNwb25zZV90aW1lIjoyMjAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2MDViZGJmNjNkNWEyZGFiMjRkNmE1ODgifV0%3D&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7b2a622046056503e24e44ccb49fbdd87bd9637ac4fa53fe47e9b43224837ca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533846352-1375804938757305521100243-production-app-host-vla-pcode-2
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.815%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3075156596&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074339349&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1150%2C%22top%22%3A1277%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A13%2C%22ad_no%22%3A6%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=400&pp=ijo&screenType=desktop%20desktopFull&appear=true&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=18&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NDE2LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5MTgxNCJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MjcyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNzMyNDkxIn0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjoyOTcsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ18yNDB4NDAwX3JpZ2h0In0seyJjYW1wYWlnbl9pZCI6MTQyMTQ0MywicmVzcG9uc2VfdGltZSI6NDIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxODg2In0seyJjYW1wYWlnbl9pZCI6ODczOTgxLCJyZXNwb25zZV90aW1lIjo0NCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI5NDgzMDYifSx7ImNhbXBhaWduX2lkIjoxMzUyMTMzLCJyZXNwb25zZV90aW1lIjo1MywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6ImVaYnhEd1VHZW1LbXBMUUJqTnR4In0seyJjYW1wYWlnbl9pZCI6MTU5NzM0NiwicmVzcG9uc2VfdGltZSI6MjE4LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjA1YmRjOWFkMjcyYjkyNGU4MDg2NWE3In1d&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
cc557ffba117644ca4ed3fe18aa987c4340ab71565837212d8e01e3d93c4343d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533850765-665433847454327527500274-production-app-host-vla-pcode-231
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.818%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1491840744&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A250%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1120%2C%22top%22%3A1681%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A14%2C%22ad_no%22%3A6%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=250&pp=ikm&screenType=desktop%20desktopFull&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=19&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NDIwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTUwMDcxMCJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6Mjc5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNzMyNDg3In0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjozMDQsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ18zMDB4MjUwXzEifSx7ImNhbXBhaWduX2lkIjo4NzM5ODEsInJlc3BvbnNlX3RpbWUiOjI3OSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI5NDgzMTAifSx7ImNhbXBhaWduX2lkIjoxMzUyMTMzLCJyZXNwb25zZV90aW1lIjo1MywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IkNLY3VybmN3NWxodWYwNE9FYzU1In0seyJjYW1wYWlnbl9pZCI6MTI4ODI0MywicmVzcG9uc2VfdGltZSI6MTkyLCJlcnJvciI6eyJjb2RlIjoxfX0seyJjYW1wYWlnbl9pZCI6MTU5NzM0NiwicmVzcG9uc2VfdGltZSI6MjE3LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjA1YmRiNjJkMjcyYjkyNGU4MDg2NWEzIn1d&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
b7e2835bc330a46878e6216aa8f18058d2f35c34844184fb65e4b2d15adf6506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533853032-909347573902473433900247-production-app-host-sas-pcode-141
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:54 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.824%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1546735109&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1120%2C%22top%22%3A1951%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A15%2C%22ad_no%22%3A6%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=300&availableHeight=600&pp=vsn&screenType=desktop%20desktopFull&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=20&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NDI1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTUwMDcxMiJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6Mjc5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNzMyNDg1In0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjozODIsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ18zMDDRhTYwMCJ9LHsiY2FtcGFpZ25faWQiOjg3Mzk4MSwicmVzcG9uc2VfdGltZSI6NDMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyOTQ4MzA5In0seyJjYW1wYWlnbl9pZCI6MTM1MjEzMywicmVzcG9uc2VfdGltZSI6NTMsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiJkaU5URjBNSU9JblFzSlFxNXpBMiJ9LHsiY2FtcGFpZ25faWQiOjE1OTczNDYsInJlc3BvbnNlX3RpbWUiOjIxNywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjYwNWJkY2IwM2Q1YTJkYWIyNGQ2YTU4YiJ9XQ%3D%3D&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
fbb4e1347ffc3ebb35ff7c8614b6ee852ea348d98f8b4a949cc7d2abe5b99c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533862688-922558780179209440800273-production-app-host-vla-pcode-18
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:53 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.829%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=478104818&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074077205&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A400%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A430%2C%22top%22%3A1850%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A16%2C%22ad_no%22%3A6%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=400&pp=qcg&services=%5Bobject%20Object%5D&pk=media-26%3Apage-1&p2=fjgg&ps=cgiu&slotNumber=24&bids=W3siY2FtcGFpZ25faWQiOjEyMjQzNTksInJlc3BvbnNlX3RpbWUiOjk0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNTYzNzM3In0seyJjYW1wYWlnbl9pZCI6ODczOTgxLCJyZXNwb25zZV90aW1lIjo1NywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM5NDU4MDYifSx7ImNhbXBhaWduX2lkIjo5OTg0NzQsInJlc3BvbnNlX3RpbWUiOjQzMSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjQzOnJnX2lucGFnZV92YXN0In0seyJjYW1wYWlnbl9pZCI6MTQyMTQ0MywicmVzcG9uc2VfdGltZSI6NDQsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2NDQwIn0seyJjYW1wYWlnbl9pZCI6MTU5NzM0NiwicmVzcG9uc2VfdGltZSI6MjE4LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjA1YmUwMmIzZDVhMmRhYjI0ZDZhNThkIn1d&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f81ae1bbf5d4e057ee84aa00d20d6af30d01c9354b2f9f1f2a6dd4a664e75334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533871292-1218250810684565363600273-production-app-host-man-pcode-132
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:54 GMT
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:52 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
advert.js
cdn01.seedr.com/js/ 		24 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.seedr.com/js/advert.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
360c6ce9cde0594ceacc3fb178293b41a9df002b66e4532f62fce02ab924df3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Fri, 26 Nov 2021 11:18:56 GMT
last-modified
Mon, 26 Jul 2021 15:37:20 GMT
server
nginx
etag
"60fed6b0-18"
x-cached-since
2021-11-26T09:27:05+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
content-length
24
expires
Mon, 27 Sep 2021 18:25:07 GMT
settings
stat.media/counter/ 		672 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/settings?payload=CNanAhIkZTQwM2JkM2ItNTViMC00N2IxLWJjZGItYmM5ZjNjODY3YzJlGKft4N_VLyIkMTkzNDU4ODMtNWVlMy00YmJkLTgwNjQtZjUxNTA1ZDNhMWFl&cb=_callbacks____0kwgakmgh
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sm-server1-1.ssel23.imcmdb.net
Software
nginx /
Resource Hash
416a16693dc9e064035a4ab3334707e04cc1b89d0658512fcae23c4259c7219c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/javascript
jsapi
smi2.ru/newdata/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://smi2.ru/newdata/jsapi?action=news
Requested by
Host: static.smi2.net
URL: https://static.smi2.net/static/jsapi/jsapi.v5.5.3.ru_RU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.162.95.76 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
ads5-3.smir10.imcmdb.net
Software
nginx /
Resource Hash
3daf4b8639f4fa60233b136a38a1381220c9809bc756822afafc9215e897619e

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
multipart/form-data

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:53 GMT
Content-Encoding
gzip
Last-Modified
Friday, 26-Nov-2021 11:18:53 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
X-Node
ads5-3smir10
v2
an.yandex.ru/adfox/5906/getBulk/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A53.881%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=4067009599&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074208277&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A630%2C%22h%22%3A300%2C%22width%22%3A630%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A445%2C%22top%22%3A2642%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A17%2C%22ad_no%22%3A6%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=630&availableHeight=300&pp=ijk&screenType=tablet%20tabletLandscape%20desktop%20desktopFull&services=%5Bobject%20Object%5D&p2=fjgg&ps=cgiu&slotNumber=6&bids=W3siY2FtcGFpZ25faWQiOjExOTU3MTAsInJlc3BvbnNlX3RpbWUiOjIwNiwiZXJyb3IiOnsiY29kZSI6MX19LHsiY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NDAwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5MTgxNyJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MTc1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzM2MDM2In0seyJjYW1wYWlnbl9pZCI6MTQyMTQ0MywicmVzcG9uc2VfdGltZSI6NDgzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjg3OSJ9LHsiY2FtcGFpZ25faWQiOjg3Mzk4MSwicmVzcG9uc2VfdGltZSI6MjA0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjc2OTY5OSJ9LHsiY2FtcGFpZ25faWQiOjEzNTIxMzMsInJlc3BvbnNlX3RpbWUiOjUyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiRTBKaFdVaTNYSTd5THR1NHljQ1kifSx7ImNhbXBhaWduX2lkIjoxNTk3MzQ2LCJyZXNwb25zZV90aW1lIjoyMTgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2MDViZGMyM2QyNzJiOTI0ZTgwODY1YTUifV0%3D&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
b9e666dc07b74d8341d0f65d941f5a47cc3c47d731bc148550f8adefdb820f9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925533914704-1208278696869099218500244-production-app-host-man-pcode-142
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:54 GMT
css
fonts.googleapis.com/ 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:700%7CNoto+Sans:400&subset=cyrillic,cyrillic
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c23814e7b238180ab5d0245f1aa2f19dac5cabfcb8400aee5055449116372cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 09:40:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 11:18:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 11:18:53 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=10febc70b2bee5e2&duid=1637925534998130503&p5=kmyje&rand=vjscbx&sj=HU_7UgReXaV44GyZ17leQM8b3IrOQnhJAaHUnJlef_ZOvyO0bR56ou4UavC1VQ%3D%3D&ad-session-id=4873901637925533324&lts=fhwhatx&ytt=148434074339349&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvpww&rqs=naq6bQEUh1qdwqBhfgn7Z0DpcPqVDoC1&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
optimize.webp
avatars.mds.yandex.net/get-adfox-content/2774030/211119_adfox_1750724_4797134.fff5fae136bbe70acb1886969c894e5d.jpg/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-adfox-content/2774030/211119_adfox_1750724_4797134.fff5fae136bbe70acb1886969c894e5d.jpg/optimize.webp
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
fc9cca5813eabe10860ec9e297cc211a4915fb4e9d389f162db747f5d81c1d0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:53 GMT
last-modified
Sun, 21 Nov 2021 21:03:22 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
10174
x-request-id
182062d864bdbb9e
recs
relap.io/api/v7/ Frame 2964 		10 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
c8d1acf8e5782331b71a97621affaaf65e2d2a9e733f9c02caa726ed823be817
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=eZJFUg:SFTu2g
Referer
Accept-Language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Relap-Unique
N2NhNzYx

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=5184000; includeSubdomains;
vary
Origin
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
x-relap-cookie
rlprp=eZJFUg:SFTu2g
cache-control
max-age=1, no-cache
x-server
back05
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
recs
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/recs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-relap-cookie,x-relap-unique
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
vary
Origin
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
date
Fri, 26 Nov 2021 11:18:53 GMT
access-control-allow-credentials
true
x-server
back04
x-content-type-options
nosniff
access-control-max-age
1728000
access-control-allow-origin
https://rg.ru
strict-transport-security
max-age=5184000; includeSubdomains;
y300
avatars.mds.yandex.net/get-direct/1612413/GVtywxtf6v-jcEzTnRolNA/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/1612413/GVtywxtf6v-jcEzTnRolNA/y300
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
a4012f526954ddff3c2c91c5c89ffe0ec0abb515b022b254b843208166288a42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Wed, 11 Dec 2019 14:56:57 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
16442
x-request-id
b45c81127c1fa903
xn--80aklgjdc4ahc3h.xn--p1ai
favicon.yandex.net/favicon/ 		447 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/xn--80aklgjdc4ahc3h.xn--p1ai?size=32&stub=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
eaece72a7fee3c7ca65305b9d8c14e19c81ffe68c00251b0e2c1d1f14509453f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
y300
avatars.mds.yandex.net/get-direct/5281829/PnwR3n_7ukGlz43ZGo4h-w/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5281829/PnwR3n_7ukGlz43ZGo4h-w/y300
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
4edf2b984a9492049d1d46ee0f3ad9e13b9f303831e8b8d93a8c681887e1eae3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Thu, 14 Oct 2021 15:59:31 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
17332
x-request-id
8f30fdafa15b19d7
german.lguru.ru
favicon.yandex.net/favicon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/german.lguru.ru?size=32&stub=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8051e7af81ee401eb8312de637b52d87a9a2315d58d90d201601fa448b4d31ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
y300
avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/y300
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
0bb16d2d4bdac7b4420adfa048c02877e035cbba937a1630c04a683cea79bfd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Wed, 11 Aug 2021 14:15:17 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
13838
x-request-id
15d597832dbf284c
yandex.com
favicon.yandex.net/favicon/ 		756 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/yandex.com?size=32&stub=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
dd321da9fbfb2751ef37064414b32f455ae4e64bfdcfc7c89f9681b163dca0fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
1
mc.yandex.com/watch/29789/
Redirect Chain
  • https://mc.yandex.com/watch/29789?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&nohit=1&charset=utf-8&...
  • https://mc.yandex.com/watch/29789/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&nohit=1&charset=utf-...
167 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/29789/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1274395942936%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111853%3Aet%3A1637925534%3Ac%3A1%3Arn%3A158430592%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637925532079%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
691588bd0d922abd37f7f99d8d6f3942c98930dbcca8caec1b7ca8b08fc1e2f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Nov-2021 11:18:54 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:18:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26-Nov-2021 11:18:54 GMT
location
/watch/29789/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1274395942936%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111853%3Aet%3A1637925534%3Ac%3A1%3Arn%3A158430592%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637925532079%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:18:54 GMT
1
mc.yandex.com/watch/22322746/
Redirect Chain
  • https://mc.yandex.com/watch/22322746?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&brows...
  • https://mc.yandex.com/watch/22322746/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&bro...
364 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/22322746/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A888%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1454109463667%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111853%3Aet%3A1637925534%3Ac%3A1%3Arn%3A677424576%3Arqn%3A1%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637925532079%3Ads%3A6%2C99%2C286%2C48%2C0%2C0%2C%2C504%2C25%2C%2C%2C%2C1161%3Adsn%3A6%2C99%2C286%2C48%2C0%2C0%2C%2C459%2C26%2C%2C%2C%2C1161%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6e6728abb78daef28e2375426a7e446a6020291cde536f3518908b3dbf0ffa7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Nov-2021 11:18:54 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
364
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:18:54 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26-Nov-2021 11:18:54 GMT
location
/watch/22322746/1?wmode=7&page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A888%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1454109463667%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111853%3Aet%3A1637925534%3Ac%3A1%3Arn%3A677424576%3Arqn%3A1%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637925532079%3Ads%3A6%2C99%2C286%2C48%2C0%2C0%2C%2C504%2C25%2C%2C%2C%2C1161%3Adsn%3A6%2C99%2C286%2C48%2C0%2C0%2C%2C459%2C26%2C%2C%2C%2C1161%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:18:54 GMT
match
ads.betweendigital.com/ Frame 6FB1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d9078758-6364-4304-a3ea-ad1856650774
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d9078758-6364-4304-a3ea-ad1856650774
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=cfd951ea-8bea-41a9-9509-f901ec9f41d4&ssp=between&expires=30&user_group=5&bsw_param=d9078758-6364-4304-a3ea-ad1856650774
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9078758-6364-4304-a3ea-ad1856650774
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9078758-6364-4304-a3ea-ad1856650774
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=d9078758-6364-4304-a3ea-ad1856650774
Date
Fri, 26 Nov 2021 11:18:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
9637256.jpeg
static2.smi2.net/img/250x165/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static2.smi2.net/img/250x165/9637256.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.52 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser3.imcmdb.net
Software
nginx /
Resource Hash
a4185c2c56dd99bb1ee1b204d4531b12751213807da55fcc8178ee1f4b57fc7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Server
nginx
ETag
W/"61a0b370-1ea73"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25897
Expires
Sun, 26 Nov 2023 10:25:27 GMT
9633391.jpeg
static3.smi2.net/img/250x165/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/250x165/9633391.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.73 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser5.imcmdb.net
Software
nginx /
Resource Hash
6e751ab537394229bcef6eabef21082df904e9a9658a1ec50ca71033172f7401

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Server
nginx
ETag
W/"619f632f-ab14"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22995
Expires
Sat, 25 Nov 2023 10:20:17 GMT
9597036.jpeg
static1.smi2.net/img/250x165/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.smi2.net/img/250x165/9597036.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.233 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser2.imcmdb.net
Software
nginx /
Resource Hash
4e754b1f4e9d2759981f4f898f2434952ebec34ab17f12e9106e75e2113d85f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Server
nginx
ETag
W/"619254b6-e0ce"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20384
Expires
Wed, 15 Nov 2023 12:40:01 GMT
9632767.jpeg
static3.smi2.net/img/250x165/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/250x165/9632767.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.73 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser5.imcmdb.net
Software
nginx /
Resource Hash
d7816b2f5589a2e2b401e3472ffdb40de5ef77e03de40f27e854de8572e02825

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Server
nginx
ETag
W/"619f4a77-9958"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22150
Expires
Sat, 25 Nov 2023 08:35:48 GMT
9632026.jpeg
static6.smi2.net/img/250x165/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.smi2.net/img/250x165/9632026.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.27 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser2.imcmdb.net
Software
nginx /
Resource Hash
2c1534534a2971fbbd1cf34eaf665be1a553f12b4980cff9e14e098d9ce83d69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Server
nginx
ETag
W/"619f0d53-3a0bb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29387
Expires
Sat, 25 Nov 2023 04:14:19 GMT
9636610.jpeg
static1.smi2.net/img/250x165/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.smi2.net/img/250x165/9636610.jpeg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.233 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser2.imcmdb.net
Software
nginx /
Resource Hash
53e0bc194196646c3b126bb63fb3564f561cb39d196059759c78e43112d059df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Server
nginx
ETag
W/"61a0913f-6c62"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18143
Expires
Sun, 26 Nov 2023 07:49:51 GMT
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 043C 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

server
nginx/1.17.9
date
Fri, 26 Nov 2021 11:18:54 GMT
content-type
text/html
content-length
6262
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Sun, 26 Nov 2051 17:54:25 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
accept-ranges
bytes
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame E537 		536 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9be7d0940cf4957dc46e3255b04c9f75ad8b5fc9eff048bfbf38e54b37ca9917

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
server
nginx
etag
W/"6197b962-85f40"
vary
Accept-Encoding
x-cached-since
2021-11-26T11:10:48+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Fri, 19 Nov 2021 17:08:16 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 3277 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1055 / 206 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26861
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 11:18:54 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmo&hash=6e0dd27bf9bc43d8&duid=1637925534998130503&pxo=rLVZJwBicc_tRxFOCRKSKLJCX59UMaQinI_1TEi5R74Jg8QZPjmjJGPEBqS9CjYk2l7C1ZISK_72R-JRPh-XQqISceD52ZgWLCOeueDoYG1vTQl1mcNp8IrcQQp_Qy-Gjlsd6cxkv5c8bqg8gP9soStfHNp3VtBY_bP5qclWjfVkLV6dPPQ%3D&p5=gdhai&rand=lsnzamc&sj=MmTP3nuFLLcIu0T_yQr5nwZM7Kd1SDTbh8vhEyKxOZioDqNrE1fZqw07WWG4rw%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvnei&rqs=naq6bQEUh1qdwqBh8sYwVCXuaeTsMLGU&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 1106 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1055 / 778 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26861
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 11:18:54 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmo&hash=690511772117db29&duid=1637925534998130503&pxo=kO98sH640Hgx4FoonymLCb1SbRB4TmlLnRiFsDTYOxJMu1ApgMxVSy_isHld81yUqVb7YODHgOefet4UMd_oN6AqM7MI4NH4WdpS-bH-PI83KbV1Jh6XIx9p3IE0tzCyFM5FotkDNRhOgbKZvvAmDNZa7JSGBrU-r3_av4RjS0s4TDH3cb4%3D&p5=gdhai&rand=hyncqzh&sj=PGlHicFegmNnF2s3BYXtipb2uaIORhJEHO4xCT2U1o5vTwF2Y-V9HpEV4IP5wg%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bzqke&rqs=naq6bQEUh1qdwqBhZ9aZp-WwMZSeUZYh&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame BE65 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1055 / 357 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26861
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 11:18:54 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmo&hash=5b8ab820d106ac32&duid=1637925534998130503&pxo=HpcIyVyqy0kGTiQi9mHIaCUKoaiJVkRmLkXsggMKZ00Rf1eSGPz-ko36TW2XhbT7zzZrClsAn0t2yHRXwzskSzhw4aS4zPkts1LYfJegkscdGdFt94E26JrMZD1rxVXc38I4XxHIFz6AwnzZnVDmViCFFjBYF8oQrXCdf2ZSfhPvE0X15PsKcA%3D%3D&p5=gdhai&rand=mrhnttr&sj=G3HLLzsjq8VyTiSpaImYGJUUZ0_k99ResaKaS-0WdRhs5FNqBs926ZV_vmtphA%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=chfiz&rqs=naq6bQEUh1qdwqBhjcYlJ7TiwcMgDGk5&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 1A1B 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c02cae5b2de27b0f12598ab23cf91b1e0e99dda2821e2d17510497e23093cbe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1055 / 640 of 1000 / last-modified: 1637708807"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26862
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 11:18:54 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmo&hash=974d8f385aca2c68&duid=1637925534998130503&pxo=otIgIHxW4O8cmGs-7coFmUeWBWYxAonhL2umvJuxXQ25ULvxGU7LXVIeKLKLQpcpiAoW-s1Fp18hrtiYTcZv8zdoTzM01_dM6ZbuJr5y-T8wz67EeqRgMBTIE5UbfpFu0RT9Hp61KATCBRUAX6mfbSzZspmx9WzNBRQzit61bnZXX-7nPWk%3D&p5=gdhai&rand=gtqxgqh&sj=3JlQdRK5XdbzYbki6a6FV_OQYyUG61a3YQbtG9xz_mE8b_GAnsjw5TBXQX1apQ%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvobk&rqs=naq6bQEUh1qdwqBhEt8M-kfzYR8woBv6&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
/
smi2.ru/cookiematching/ 		43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJGU0MDNiZDNiLTU1YjAtNDdiMS1iY2RiLWJjOWYzYzg2N2MyZRoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjM3OTI1NTMzMzUxGgguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJDE5MzQ1ODgzLTVlZTMtNGJiZC04MDY0LWY1MTUwNWQzYTFhZRoILnNtaTIucnUiAS8oiA4%3D&rnd=1637925534114
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.162.95.76 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
ads5-3.smir10.imcmdb.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Fri, 26 Nov 2021 11:18:54 GMT
Last-Modified
Friday, 26-Nov-2021 11:18:54 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
close
Content-Length
43
Expires
Fri, 26 Nov 2021 11:18:54 GMT
/
smi2.net/cookiematching/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJGU0MDNiZDNiLTU1YjAtNDdiMS1iY2RiLWJjOWYzYzg2N2MyZRoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTYzNzkyNTUzMzM1MRoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkMTkzNDU4ODMtNWVlMy00YmJkLTgwNjQtZjUxNTA1ZDNhMWFlGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1637925534114
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.202.225.240 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
smi2adm2-1.ssel27.imcmdb.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
sm-server1-1.ssel23.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Fri, 26 Nov 2021 11:18:54 GMT
Server
nginx
Connection
keep-alive
optimize.webp
avatars.mds.yandex.net/get-adfox-content/2788782/200803_adfox_1353003_21447d62fbf4389d89376e15583f40ec_850x400ver-2.png/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-adfox-content/2788782/200803_adfox_1353003_21447d62fbf4389d89376e15583f40ec_850x400ver-2.png/optimize.webp
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
6bbb8190f406c9e4b62506e3b631ee791592a5a9dd3e29bc49f3614801a03102

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Mon, 03 Aug 2020 22:20:30 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
15340
x-request-id
37498a8592c2e02
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=c9a94fdb139edab2&duid=1637925534998130503&p5=iupxq&rand=bebufpg&sj=crfY2Zfae81ffrPplG2IsXDGuenetgBn-9-z_FEYdBwNPb__mk1a2tMhpK8KiA%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074077205&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=cdbup&rqs=naq6bQEUh1qdwqBh2Tsn1-KABL877DIS&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame FD77 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78c6daedbd0f87783775cb8341b317709d35233891c728b610f132ef3d43b5be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1055 / 33 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26855
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 11:18:54 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmo&hash=a57c311bdd78ec78&duid=1637925534998130503&pxo=jDJkFyVIoDS71IcH7d_IurPonE22NTCpgndwdgNT3Jk6FuIb7HJb357u-pFilYDLTuIUtrLZ_WtpoFMTCAP_9nTaiPixu8IhaHYDkS2u1vBuA6wUvD1cLvturqenUcJM6LARs6yu4obOxN6yvNe0IJo_rN44Z1BTOoUCUc_N1N_sw7jinxg%3D&p5=gdhai&rand=eazdiui&sj=BF_7uRcMtYGqZ_Urz-aYh4NRnZNSmrJOIHMd9NFeczVlcHKFHuCv_NugPWycDw%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvneu&rqs=naq6bQEUh1qdwqBhsAhBn4JJZllHGFJH&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
1
mc.yandex.com/watch/29789/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/29789/1?page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A888%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1274395942936%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111854%3Aet%3A1637925534%3Ac%3A1%3Arn%3A670828893%3Arqn%3A1%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637925532079%3Ads%3A6%2C99%2C286%2C48%2C0%2C0%2C%2C504%2C25%2C%2C%2C%2C1161%3Adsn%3A6%2C99%2C286%2C48%2C0%2C0%2C%2C459%2C26%2C%2C%2C%2C1161%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26-Nov-2021 11:18:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:18:54 GMT
29789
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/29789?page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1274395942936%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111854%3Aet%3A1637925534%3Ac%3A1%3Arn%3A203943526%3Arqn%3A2%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637925532079%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534%3At%3A%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26-Nov-2021 11:18:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:18:54 GMT
analytics.js
www.google-analytics.com/ Frame E537 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1067
date
Fri, 26 Nov 2021 11:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 26 Nov 2021 13:01:07 GMT
wamfactory_dpm.wildcard.min.js
cstatic.weborama.fr/js/wam/customers/ Frame E537 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1637925534187
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F42) /
Resource Hash
f116b3f716b35000be63c8696a5944572939d85bb21f97672a7eaa1405b543f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 10:01:32 GMT
server
ECAcc (frc/8F42)
age
350061
etag
"3372701235"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-type
text/javascript
content-length
5776
expires
Fri, 03 Dec 2021 11:18:54 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame 1EC4 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Frg.ru
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fc75311bf80a77f040c7e159661eb5b716ab15938679e4c53570b80438e2f73f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

server
nginx
date
Fri, 26 Nov 2021 11:18:54 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
vary
Accept-Encoding
etag
W/"6197b962-1b7e"
cache
HIT
x-cached-since
2021-11-25T19:11:14+00:00
x-id
fr5-up-gc28
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 26 Nov 2021 11:18:56 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://rg.ru
x-id
fr5-up-gc38
hosts.json
cdn02.nativeroll.tv/player/ Frame E537 		301 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c

Request headers

cache-control
no-cache
Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 15:02:35 GMT
server
nginx
etag
W/"6037bc0b-12d"
x-cached-since
2021-11-23T09:55:34+00:00
content-type
application/json
access-control-allow-origin
https://rg.ru
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
css
fonts.googleapis.com/ Frame E537 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:700%7CNoto+Sans:400&subset=cyrillic,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c23814e7b238180ab5d0245f1aa2f19dac5cabfcb8400aee5055449116372cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 11:04:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 11:18:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 11:18:54 GMT
css
fonts.googleapis.com/ Frame E537 		8 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0fa17907e1c98d916e515dcaa207c77aab5846ad2b9417fdb95ff721fb00dbd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 11:18:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 11:18:54 GMT
css
fonts.googleapis.com/ Frame E537 		9 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba21fbb46af1680aa5753e8bb57d998f3b3a450b89b1497307a3852a82c3e01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 11:18:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 11:18:54 GMT
truncated
/ Frame E537 		72 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ Frame E537 		584 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b80334011e2b10cdb61cb145661e37e99f2b73402e99570e353ee5301c29fc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E537 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0980c84f480a7ce75347815b0e8d7d523158ffa820a75f9aef79c4ead3a1868d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E537 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E537 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
mc.yandex.com/watch/22322746/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/22322746/1?page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A1%3Als%3A1454109463667%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111854%3Aet%3A1637925534%3Ac%3A1%3Arn%3A383204250%3Arqn%3A2%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637925532079%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925534&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26-Nov-2021 11:18:54 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:18:54 GMT
truncated
/ Frame E537 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E537 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame 6C73 		536 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9be7d0940cf4957dc46e3255b04c9f75ad8b5fc9eff048bfbf38e54b37ca9917

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
server
nginx
etag
W/"6197b962-85f40"
vary
Accept-Encoding
x-cached-since
2021-11-26T11:10:48+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Fri, 19 Nov 2021 17:08:16 GMT
metrics
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-max-age
1728000
vary
Origin
date
Fri, 26 Nov 2021 11:18:54 GMT
access-control-allow-origin
https://rg.ru
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-credentials
true
x-server
web06
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
strict-transport-security
max-age=5184000; includeSubdomains;
metrics
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-max-age
1728000
access-control-allow-origin
https://rg.ru
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
x-content-type-options
nosniff
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
x-server
back22
vary
Origin
access-control-allow-credentials
true
date
Fri, 26 Nov 2021 11:18:54 GMT
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
strict-transport-security
max-age=5184000; includeSubdomains;
JvPWHw.jpg
cdn.relap.io/Jv/4/ Frame 2964 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/Jv/4/JvPWHw.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
3e63218871fec07f5885ac6eaef05b557ae641c5e485edda2e6d55050d5992ca
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Thu, 25 Nov 2021 10:04:09 GMT
server
nginx
etag
"619f5f99-3a65"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn06.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
14949
expires
Sat, 27 Nov 2021 11:18:54 GMT
rZdIUg.jpg
cdn.relap.io/KWjeOg/rZ/4/ Frame 2964 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/rZ/4/rZdIUg.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
5da3e68bb30d7e3a867338bace916d245f4dce6b1a8d470c505973bcd1f6adf5
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26 Nov 2021 02:14:36 GMT
server
nginx
etag
"61a0430c-3074"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn06.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
12404
expires
Sat, 27 Nov 2021 11:18:54 GMT
TzU_Ug.jpg
cdn.relap.io/KWjeOg/Tz/4/ Frame 2964 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/Tz/4/TzU_Ug.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
1eec55342d3c385315e63c367aa6c5fdabbdb33f1ef7a9f0ba3c0df8691576d8
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26 Nov 2021 07:04:41 GMT
server
nginx
etag
"61a08709-4b18"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn06.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
19224
expires
Sat, 27 Nov 2021 11:18:54 GMT
evJTUg.jpg
cdn.relap.io/KWjeOg/ev/4/ Frame 2964 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/ev/4/evJTUg.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
336a820bc4a20c23c8409779d1a47f752cc39a6b2fa05a5659dcabaa8d301e19
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26 Nov 2021 05:56:10 GMT
server
nginx
etag
"61a076fa-292b"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn06.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
10539
expires
Sat, 27 Nov 2021 11:18:54 GMT
k70oUg.jpg
cdn.relap.io/KWjeOg/k7/4/ Frame 2964 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/k7/4/k70oUg.jpg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
f714130a5f0c8f66d5df83b9c3104bcf024f146086b51ed78e1d2d6c21c962e2
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26 Nov 2021 10:48:06 GMT
server
nginx
etag
"61a0bb66-2f6d"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn06.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
12141
expires
Sat, 27 Nov 2021 11:18:54 GMT
metrics
relap.io/api/v7/ Frame 2964 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
access-control-max-age
1728000
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
max-age=1, no-cache
x-server
back10
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
metrics
relap.io/api/v7/ Frame 2964 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/metrics
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
access-control-max-age
1728000
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
max-age=1, no-cache
x-server
back08
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
v2
an.yandex.ru/adfox/5906/getBulk/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2F&date=2021-11-26T11%3A18%3A54.508%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1396161439&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074077205&is-turbo=0&skip-token=yabs.NzIwNTc2MDUzNzc4NjYwNjQKNzIwNTc2MDUyMzg4OTE5MjQKNzIwNTc2MDQ4MDc5NDQ5ODE%3D&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A0%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A430%2C%22top%22%3A1128%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A18%2C%22ad_no%22%3A16%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=0&pp=bimv&ps=cgiu&p2=fjgg&pk=nomediatodayin-image&slotNumber=25&bids=W10%3D&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
0181a0956f10bbb1f6bd3e8c0ee7bda323f5e28ad4b9101bd5c62a6b7f771550
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925534538152-514695666722406658500243-production-app-host-vla-pcode-32
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:54 GMT
match.gif
instreamvideo.ru/core/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5723262&bn=5723262&rnd=101418
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5723262&bn=5723262&rnd=101418&tuid=-4399635705
  • https://instreamvideo.ru/core/match.gif?s=2&id=AV_jAd0ptmwNq7RiytbfNsQ
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MiZpZD1BVl9qQWQwcHRtd05xN1JpeXRiZk5zUSZ2aWRzZXR1cD0x&p=idntfy&n=otclick
  • https://instreamvideo.ru/core/match.gif?s=2&id=AV_jAd0ptmwNq7RiytbfNsQ&vidsetup=1&idntfy=VOn2DghXAp4IoSM
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instreamvideo.ru/core/match.gif?s=2&id=AV_jAd0ptmwNq7RiytbfNsQ&vidsetup=1&idntfy=VOn2DghXAp4IoSM
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.178 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://instreamvideo.ru/core/match.gif?s=2&id=AV_jAd0ptmwNq7RiytbfNsQ&vidsetup=1&idntfy=VOn2DghXAp4IoSM
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
p
voo2mhq75byesxo-mdt.ops.beeline.ru/ 		35 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voo2mhq75byesxo-mdt.ops.beeline.ru/p?ssp=mdt&amp;id=VOo2mHQ75BYEsXo
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
x-route
http://upstream_cookiesync
server
nginx
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.38
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT
match.gif
mediatoday.ru/core/
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D15%26id%3D{WEBO_CID}
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D15%26id%3D%7BWEBO_CID%7D&bounce=1&random=445397720
  • https://mediatoday.ru/core/match.gif?s=15&id=sp2vxU5LpdcS1T4G6mHVBO
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediatoday.ru/core/match.gif?s=15&id=sp2vxU5LpdcS1T4G6mHVBO
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.179 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.12.0
location
https://mediatoday.ru/core/match.gif?s=15&id=sp2vxU5LpdcS1T4G6mHVBO
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
match.gif
mediatoday.ru/core/
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOo2mHQ75BYEsXo&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOo2mHQ75BYEsXo&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D&cs=1
  • https://mediatoday.ru/core/match.gif?s=16&id=a417e902-4eaa-11ec-ad67-f832e4719dd9
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediatoday.ru/core/match.gif?s=16&id=a417e902-4eaa-11ec-ad67-f832e4719dd9
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.179 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

location
https://mediatoday.ru/core/match.gif?s=16&id=a417e902-4eaa-11ec-ad67-f832e4719dd9
date
Fri, 26 Nov 2021 11:18:54 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0, 0
match.gif
instreamvideo.ru/core/
Redirect Chain
  • https://relap.io/api/partners/instrv.gif?uid=VOo2mHQ75BYEsXo
  • https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MTcmaWQ9MHp5VmJvYWgmdmlkc2V0dXA9MQ==&p=idntfy&n=otclick
  • https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah&vidsetup=1&idntfy=VOn2DghXAp4IoSM
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah&vidsetup=1&idntfy=VOn2DghXAp4IoSM
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.178 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah&vidsetup=1&idntfy=VOn2DghXAp4IoSM
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
invideo
sync.dmp.otm-r.com/match/ 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/invideo?r=https%3A%2F%2Finstreamvideo.ru%2Fcore%2Fmatch.gif%3Fs%3D21%26id%3D%7Bpid%7D
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.4.142 Ballenstedt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.4.251.148.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.17.6
match.gif
instreamvideo.ru/core/
Redirect Chain
  • https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=mediatoday&ru=https%3A%2F%2Finstreamvideo.ru%2Fcore%2Fmatch.gif%3Fs%...
  • https://instreamvideo.ru/core/match.gif?s=23&id=Ct22uhz4RqKOn2dR3GhtNA
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MjMmaWQ9Q3QyMnVoejRScUtPbjJkUjNHaHROQSZ2aWRzZXR1cD0x&p=idntfy&n=otclick
  • https://instreamvideo.ru/core/match.gif?s=23&id=Ct22uhz4RqKOn2dR3GhtNA&vidsetup=1&idntfy=VOn2DghXAp4IoSM
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instreamvideo.ru/core/match.gif?s=23&id=Ct22uhz4RqKOn2dR3GhtNA&vidsetup=1&idntfy=VOn2DghXAp4IoSM
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.178 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://instreamvideo.ru/core/match.gif?s=23&id=Ct22uhz4RqKOn2dR3GhtNA&vidsetup=1&idntfy=VOn2DghXAp4IoSM
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
match.gif
mediatoday.ru/core/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOo2mHQ75BYEsXo
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOo2mHQ75BYEsXo&bounce=1
  • https://mediatoday.ru/core/match.gif?s=24&id=BgaKtMBNON5TbG6581MT5g
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediatoday.ru/core/match.gif?s=24&id=BgaKtMBNON5TbG6581MT5g
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.179 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://mediatoday.ru/core/match.gif?s=24&id=BgaKtMBNON5TbG6581MT5g
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Fri, 26 Nov 2021 11:18:53 GMT
VOo2mHQ75BYEsXo
an.yandex.ru/mapuid/gpmd/ 		43 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/gpmd/VOo2mHQ75BYEsXo
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:54 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame 1106 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 11:18:54 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame 3277 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 11:18:54 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame 1A1B 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 11:18:54 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame BE65 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 11:18:54 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ Frame FD77 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Nov 2021 11:18:54 GMT
analytics.js
www.google-analytics.com/ Frame 6C73 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1067
date
Fri, 26 Nov 2021 11:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 26 Nov 2021 13:01:07 GMT
wamfactory_dpm.wildcard.min.js
cstatic.weborama.fr/js/wam/customers/ Frame 6C73 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1637925534575
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F42) /
Resource Hash
f116b3f716b35000be63c8696a5944572939d85bb21f97672a7eaa1405b543f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 10:01:32 GMT
server
ECAcc (frc/8F42)
age
350061
etag
"3372701235"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-type
text/javascript
content-length
5776
expires
Fri, 03 Dec 2021 11:18:54 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame B598 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Frg.ru
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fc75311bf80a77f040c7e159661eb5b716ab15938679e4c53570b80438e2f73f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

server
nginx
date
Fri, 26 Nov 2021 11:18:54 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 19 Nov 2021 14:49:06 GMT
vary
Accept-Encoding
etag
W/"6197b962-1b7e"
cache
HIT
x-cached-since
2021-11-25T19:11:14+00:00
x-id
fr5-up-gc28
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 26 Nov 2021 11:18:56 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://rg.ru
x-id
fr5-up-gc38
hosts.json
cdn02.nativeroll.tv/player/ Frame 6C73 		301 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c

Request headers

cache-control
no-cache
Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Thu, 25 Feb 2021 15:02:35 GMT
server
nginx
etag
W/"6037bc0b-12d"
x-cached-since
2021-11-23T09:55:34+00:00
content-type
application/json
access-control-allow-origin
https://rg.ru
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
css
fonts.googleapis.com/ Frame 6C73 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:700%7CNoto+Sans:400&subset=cyrillic,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c23814e7b238180ab5d0245f1aa2f19dac5cabfcb8400aee5055449116372cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 11:14:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 11:18:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 11:18:54 GMT
css
fonts.googleapis.com/ Frame 6C73 		8 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0fa17907e1c98d916e515dcaa207c77aab5846ad2b9417fdb95ff721fb00dbd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 11:18:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 11:18:54 GMT
css
fonts.googleapis.com/ Frame 6C73 		9 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic&subset=latin,cyrillic
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba21fbb46af1680aa5753e8bb57d998f3b3a450b89b1497307a3852a82c3e01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 11:08:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 11:18:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 11:18:54 GMT
truncated
/ Frame 6C73 		72 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/ Frame 6C73 		584 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b80334011e2b10cdb61cb145661e37e99f2b73402e99570e353ee5301c29fc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 6C73 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0980c84f480a7ce75347815b0e8d7d523158ffa820a75f9aef79c4ead3a1868d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
v2
an.yandex.ru/adfox/5906/getBulk/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2F&date=2021-11-26T11%3A18%3A54.640%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1536414977&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074077205&is-turbo=0&skip-token=yabs.NzIwNTc2MDUzNzc4NjYwNjQKNzIwNTc2MDUyMzg4OTE5MjQKNzIwNTc2MDQ4MDc5NDQ5ODE%3D&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1240%2C%22h%22%3A0%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A180%2C%22top%22%3A4303%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A19%2C%22ad_no%22%3A16%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=1240&availableHeight=0&pp=vsm&ps=cgiu&p2=fjgg&pk=nomediatodayadbar&slotNumber=26&bids=W10%3D&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
89531292425fe016b60bd31d4db019ca76b09c8b17f0c38362ec091e6b6e5279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925534668775-1452676035680442514800243-production-app-host-man-pcode-62
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:54 GMT
p
von2dghxap4iosm-mdt.ops.beeline.ru/ 		35 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://von2dghxap4iosm-mdt.ops.beeline.ru/p?ssp=mdt&amp;id=VOn2DghXAp4IoSM
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
x-route
http://upstream_cookiesync
server
nginx
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.38
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT
match.gif
mediatoday.ru/core/
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=72295f3d-ccef-444f-90ae-f20aee12633e&pid=w&uid=VOn2DghXAp4IoSM&ru=https%3A%2F%2Fmediatoday.ru%2Fcore%2Fmatch.gif%3Fs%3D16%26id%3D%5BUID%5D
  • https://mediatoday.ru/core/match.gif?s=16&id=a417e902-4eaa-11ec-ad67-f832e4719dd9
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediatoday.ru/core/match.gif?s=16&id=a417e902-4eaa-11ec-ad67-f832e4719dd9
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.179 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

location
https://mediatoday.ru/core/match.gif?s=16&id=a417e902-4eaa-11ec-ad67-f832e4719dd9
date
Fri, 26 Nov 2021 11:18:54 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0, 0
match.gif
instreamvideo.ru/core/
Redirect Chain
  • https://relap.io/api/partners/instrv.gif?uid=VOn2DghXAp4IoSM
  • https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah
  • https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9pbnN0cmVhbXZpZGVvLnJ1L2NvcmUvbWF0Y2guZ2lmP3M9MTcmaWQ9MHp5VmJvYWgmdmlkc2V0dXA9MQ==&p=idntfy&n=otclick
  • https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah&vidsetup=1&idntfy=VOn2DghXAp4IoSM
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah&vidsetup=1&idntfy=VOn2DghXAp4IoSM
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.178 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location
https://instreamvideo.ru/core/match.gif?s=17&id=0zyVboah&vidsetup=1&idntfy=VOn2DghXAp4IoSM
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
124
expires
Thursday, 01-Jan-1970 00:00:00 GMT
match.gif
mediatoday.ru/core/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOn2DghXAp4IoSM
  • https://x01.aidata.io/0.gif?pid=5341096&id=VOn2DghXAp4IoSM&bounce=1
  • https://mediatoday.ru/core/match.gif?s=24&id=BgaKtMBNON5TbG6581MT5g
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediatoday.ru/core/match.gif?s=24&id=BgaKtMBNON5TbG6581MT5g
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
46.46.137.179 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.20.1
p3p
policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-type
image/gif
content-length
43
expires
Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26 Nov 2021 11:18:53 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://mediatoday.ru/core/match.gif?s=24&id=BgaKtMBNON5TbG6581MT5g
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Fri, 26 Nov 2021 11:18:53 GMT
VOn2DghXAp4IoSM
an.yandex.ru/mapuid/gpmd/ 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/gpmd/VOn2DghXAp4IoSM
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:54 GMT
/
sync3.sniperlog.ru/ Frame 6FB1
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a394bc24-4eaa-11ec-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=a394bc24-4eaa-11ec-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=BgaKtMBNON5TbG6581MT5g&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=BgaKtMBNON5TbG6581MT5g&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=BgaKtMBNON5TbG6581MT5g&extra2=aidata&google_gid=CAESEBDSna8GrHEwO50yzILAx2c&google_cver=1
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync3.sniperlog.ru/?src=ggl&extra1=BgaKtMBNON5TbG6581MT5g&extra2=aidata&google_gid=CAESEBDSna8GrHEwO50yzILAx2c&google_cver=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
31.172.81.172 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:55 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync3.sniperlog.ru/?src=ggl&extra1=BgaKtMBNON5TbG6581MT5g&extra2=aidata&google_gid=CAESEBDSna8GrHEwO50yzILAx2c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 043C 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-RT-IH
0.0001
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Sat, 27 Nov 2021 11:18:54 GMT
sync.html
cstatic.weborama.fr/iframe/ Frame E0CC 		336 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1637925534187
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F8F) /
Resource Hash
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
350812
cache-control
max-age=604800
content-type
text/html
date
Fri, 26 Nov 2021 11:18:54 GMT
etag
"282943589+gzip"
expires
Fri, 03 Dec 2021 11:18:54 GMT
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server
ECAcc (frc/8F8F)
vary
Accept-Encoding
x-cache
HIT
content-length
207
/
wf.frontend.weborama.fr/stream/ Frame E537 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22rg.ru%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Frg.ru%252F2021%252F11%252F25%252Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html%22%2C%22ref%22%3A%22%22%7D&d.r=1637925534655
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.223.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.223.244.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT
ssp.js
st.hbrd.io/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.hbrd.io/ssp.js?t=1637925534674
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e4168186be7967ce91530be5fbdbef469fce9622f1f93a6e340c7fd8b5d1961d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt
AcO1rgXCBYD/fAMAAA==
x-accel-expires
@1637928242
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
br
etag
W/"619b69e1-4534"
last-modified
Mon, 22 Nov 2021 09:58:57 GMT
server
CDN77-Turbo
x-77-nzt-ray
kaHmw5wVu2s=
x-77-cache
HIT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache
HIT
x-age
892
x-77-pop
frankfurtDE
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=17053dc04eb11253&duid=1637925534998130503&p5=izkhz&rand=giefzdy&sj=rwGkEDSa8_k3VfOeRqheTHEXR34s3F1jvAPt8kxULSltyWvLqPHZt2SGesBCdA%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhaty&ytt=148434074077205&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2F&pr=ncflyqm&p1=cnxae&rqs=naq6bQEUh1qewqBh8b5BHpCR2tPKiiVN&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
JvPWHw.jpg
cdn.relap.io/Jv/4/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/Jv/4/JvPWHw.jpg
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
3e63218871fec07f5885ac6eaef05b557ae641c5e485edda2e6d55050d5992ca
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Thu, 25 Nov 2021 10:04:09 GMT
server
nginx
etag
"619f5f99-3a65"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn06.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
14949
expires
Sat, 27 Nov 2021 11:18:54 GMT
5fa952ef53a3801c4145a468
statsb.nativeroll.tv/nr/aserver/group/ Frame E537 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/5fa952ef53a3801c4145a468?event=visit&gid=5fa952ef53a3801c4145a468&v=1.19.10&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&title=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&ref=&block_enabled=0&width=1600&height=0&offset_px=4323&offset_pct=50&lenght_px=4323&cookie_enabled=1&t=2021-11-26T11%3A18%3A54&mode=background&data_saver=false&places=0&nr_f=MTYzNzkyNTUzNDcxMQ%3D%3D&ancestor_origins=https%3A%2F%2Frg.ru&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=9ce28a06-4191-4f07-ae33-8f794023f4b8
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host83.seedr.ru
Software
nginx /
Resource Hash
8e0df868769c95498c230722195fe755d6cec0bd08330da0e05d0d0cecab336b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
https://rg.ru
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
Content-Type, *
rZdIUg.jpg
cdn.relap.io/KWjeOg/rZ/4/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/rZ/4/rZdIUg.jpg
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
5da3e68bb30d7e3a867338bace916d245f4dce6b1a8d470c505973bcd1f6adf5
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26 Nov 2021 02:14:36 GMT
server
nginx
etag
"61a0430c-3074"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn06.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
12404
expires
Sat, 27 Nov 2021 11:18:54 GMT
external_libs.v2.js
cstatic.weborama.fr/iframe/ Frame E0CC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F5E) /
Resource Hash
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
server
ECAcc (frc/8F5E)
age
353977
etag
"3142978827"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-type
text/javascript
content-length
3062
expires
Fri, 03 Dec 2021 11:18:54 GMT
TzU_Ug.jpg
cdn.relap.io/KWjeOg/Tz/4/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/Tz/4/TzU_Ug.jpg
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
1eec55342d3c385315e63c367aa6c5fdabbdb33f1ef7a9f0ba3c0df8691576d8
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26 Nov 2021 07:04:41 GMT
server
nginx
etag
"61a08709-4b18"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn06.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
19224
expires
Sat, 27 Nov 2021 11:18:54 GMT
sync.html
cstatic.weborama.fr/iframe/ Frame 99A8 		336 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534730
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1637925534575
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E95) /
Resource Hash
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
350812
cache-control
max-age=604800
content-type
text/html
date
Fri, 26 Nov 2021 11:18:54 GMT
etag
"282943589+gzip"
expires
Fri, 03 Dec 2021 11:18:54 GMT
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server
ECAcc (frc/8E95)
vary
Accept-Encoding
x-cache
HIT
content-length
207
/
wf.frontend.weborama.fr/stream/ Frame 6C73 		0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22rg.ru%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Frg.ru%252F2021%252F11%252F25%252Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html%22%2C%22ref%22%3A%22%22%7D&d.r=1637925534730
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.223.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.223.244.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT
evJTUg.jpg
cdn.relap.io/KWjeOg/ev/4/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/ev/4/evJTUg.jpg
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
336a820bc4a20c23c8409779d1a47f752cc39a6b2fa05a5659dcabaa8d301e19
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26 Nov 2021 05:56:10 GMT
server
nginx
etag
"61a076fa-292b"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn06.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
10539
expires
Sat, 27 Nov 2021 11:18:54 GMT
k70oUg.jpg
cdn.relap.io/KWjeOg/k7/4/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.relap.io/KWjeOg/k7/4/k70oUg.jpg
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.37.254 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
cdn.relap.io
Software
nginx /
Resource Hash
f714130a5f0c8f66d5df83b9c3104bcf024f146086b51ed78e1d2d6c21c962e2
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
last-modified
Fri, 26 Nov 2021 10:48:06 GMT
server
nginx
etag
"61a0bb66-2f6d"
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/jpeg
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
x-server
rlp-cdn06.i
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length
12141
expires
Sat, 27 Nov 2021 11:18:54 GMT
sync
ds.frontend.weborama.fr/ Frame E0CC 		895 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ds.frontend.weborama.fr/sync?key=ids_sync&src=wamf.wildcard.js&wamid=3336&v=2021091401&callback=Utils.handleDataSync&ref=rg.ru
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.231.117.34.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
5a92a4fd113e4e6077e5d23a5d7242924293061a06143be6fbf45f6e594e2bbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
895
expires
Tue, 03 Jul 2001 06:00:00 GMT
5fbbab07c17c6d67c47faa35
statsa.nativeroll.tv/nr/aserver/group/ Frame 6C73 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsa.nativeroll.tv/nr/aserver/group/5fbbab07c17c6d67c47faa35?event=visit&gid=5fbbab07c17c6d67c47faa35&v=1.19.10&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&title=%D0%A7%D0%B8%D1%81%D0%BB%D0%BE%20%D0%B0%D1%82%D0%B0%D0%BA%20%D0%BD%D0%B0%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%20%D1%81%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%D1%8E%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC-%D0%B2%D1%8B%D0%BC%D0%BE%D0%B3%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20%D0%B2%D1%8B%D1%80%D0%BE%D1%81%D0%BB%D0%BE%20%D0%B2%D1%82%D1%80%D0%BE%D0%B5%20%E2%80%94%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0&ref=&block_enabled=0&width=660&height=0&offset_px=0&offset_pct=50&lenght_px=0&cookie_enabled=1&t=2021-11-26T11%3A18%3A54&mode=outstream&data_saver=false&places=0&nr_f=MTYzNzkyNTUzNDc1MQ%3D%3D&ancestor_origins=https%3A%2F%2Frg.ru&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&ph=400px&plays360=true&plays_inline=true&power_saver=false&li=&cid=6c018077-dcdd-4908-b84d-f7ede88fb615
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.137.232.40 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host40.seedr.ru
Software
nginx /
Resource Hash
5005559ffcb7ef2903abe26fff4f75ac60c7b77c07ea6a8a4ea74c92cb9fdaa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
https://rg.ru
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
Content-Type, *
external_libs.v2.js
cstatic.weborama.fr/iframe/ Frame 99A8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534730
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F5E) /
Resource Hash
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534730
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
server
ECAcc (frc/8F5E)
age
353977
etag
"3142978827"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-type
text/javascript
content-length
3062
expires
Fri, 03 Dec 2021 11:18:54 GMT
66e80cb8506cc9f3b199.js
yastatic.net/partner-code-bundles/49422/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/66e80cb8506cc9f3b199.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c1fa42f83754d24e2a0d6bfae41cd7ea7719dd873730e064fdc3c7f5d118e1bb
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
5266
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"c51663f2501bcfa7b2de8ce33bcde83a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 17:51:11 GMT
sync
ds.frontend.weborama.fr/ Frame 99A8 		895 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ds.frontend.weborama.fr/sync?key=ids_sync&src=wamf.wildcard.js&wamid=3336&v=2021091401&callback=Utils.handleDataSync&ref=rg.ru
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.231.117.34.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
5a92a4fd113e4e6077e5d23a5d7242924293061a06143be6fbf45f6e594e2bbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
895
expires
Tue, 03 Jul 2001 06:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 1106 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1106 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1106 		87 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=426023039423202&correlator=1413445560192256&output=ldjh&impl=fifs&eid=31060888&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21770387747%2Cdm_970x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C2x1&cust_params=key_value_dm2%3D15&cookie_enabled=1&cdm=rg.ru&bc=31&abxe=1&lmt=1637925534&dt=1637925534834&dlt=1637925534077&idt=738&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=2&adxs=315&adys=166&adks=428226366&ucis=dj8jcjp8qyua&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&top=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x-1&ga_vid=1781524426.1637925533&ga_sid=1637925535&ga_hid=98300520&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
6b3ed49ee811a4007dc59020e0e5d75b7a14b47b330b7e24243f116a4f502b58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24557
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1106 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd788405c00e655cb5491de151f3443cc1254bd6926db027bcccf2d17dc3453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9154
x-xss-protection
0
container.html
303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C8F6 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 11:18:54 GMT
expires
Sat, 26 Nov 2022 11:18:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame BE65 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BE65 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BE65 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3387278542120340&correlator=2522035611829099&output=ldjh&impl=fifs&eid=31063813&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21770387747%2Cdm_300x600_m28&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C2x1&cust_params=key_value_dm2%3D210&cookie_enabled=1&cdm=rg.ru&bc=31&abxe=1&lmt=1637925534&dt=1637925534883&dlt=1637925534093&idt=765&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=1120&adys=2726&adks=3422496845&ucis=6aeh4r32a88j&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&top=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1781524426.1637925533&ga_sid=1637925535&ga_hid=1161740059&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ce982f79f63427f8b7961fdf254d16f60916e1e3371eeb616e4bfa41c1327db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8462
x-xss-protection
0
google-lineitem-id
5246962467
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138298183723
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BE65 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de97bcd9a0c9fdf340d6f6a327a4193297152a68d1ca6181c84cd31cef4d6e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9202
x-xss-protection
0
container.html
2cf980604263f33e5ced0888867d8f4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBB0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cf980604263f33e5ced0888867d8f4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 11:18:54 GMT
expires
Sat, 26 Nov 2022 11:18:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 3277 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3277 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3277 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3372142770173366&correlator=3163053985219387&output=ldjh&impl=fifs&eid=31060889&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21770387747%2Cdm_240x400_left_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400%7C2x1&cust_params=key_value_dm2%3D28&cookie_enabled=1&cdm=rg.ru&bc=31&abxe=1&lmt=1637925534&dt=1637925534895&dlt=1637925534066&idt=823&ea=0&frm=23&biw=1600&bih=1200&isw=240&ish=400&oid=2&adxs=1150&adys=436&adks=2283630917&ucis=f5aslbz2pg7d&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&top=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=240x400&msz=240x-1&ga_vid=1781524426.1637925533&ga_sid=1637925535&ga_hid=1135824366&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
67d72b3895ae0657883c9c7c13721461d2fbe2d4399d659a29721538a6a21ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8492
x-xss-protection
0
google-lineitem-id
5246642566
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138297716403
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3277 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c1b37b585cec05275c0eb002effa116081caaff2a3139a5fb87712994222591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9390
x-xss-protection
0
container.html
515ad06a5de5c8ec73c13cbac309a501.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6FDD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://515ad06a5de5c8ec73c13cbac309a501.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 11:18:54 GMT
expires
Sat, 26 Nov 2022 11:18:54 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame FD77 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FD77 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame FD77 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1417310507231258&correlator=295578925745766&output=wbn&wbsu=cab20902-43fa-497c-9bdf-afe5cab13b47&callback=googletag.wbn1&impl=fifs&eid=31060545%2C31062324%2C21065725%2C31063246&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21770387747%2C630x240&enc_prev_ius=%2F0%2F1&prev_iu_szs=630x240%7C2x1&cust_params=630x240%3Drg.ru_630x240_28&cookie_enabled=1&cdm=rg.ru&bc=31&abxe=1&lmt=1637925534&dt=1637925534909&dlt=1637925534161&idt=741&ea=0&frm=23&biw=1600&bih=1200&isw=630&ish=240&oid=2&adxs=445&adys=2677&adks=4133831003&ucis=21ajpfvnyajp&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&top=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=630x240&msz=630x-1&ga_vid=1781524426.1637925533&ga_sid=1637925535&ga_hid=629093084&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9236
x-xss-protection
0
google-lineitem-id
4883532174
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138252786677
content-type
application/webbundle
access-control-allow-origin
https://rg.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:cab20902-43fa-497c-9bdf-afe5cab13b47
/ Frame FD77 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
urn:uuid:cab20902-43fa-497c-9bdf-afe5cab13b47
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76b4616ecef5607f4520f2014d8f8b3c62d4e8bd580f94fb4e81cdd6a13a84ef
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame FD77 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87752263168b94998b3577467f5e5ca504b2cd88c922baf53bdabc0a450b3fb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9305
x-xss-protection
0
sync
statsb.nativeroll.tv/nr/ Frame E537
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D6%26rand%3D105237
  • https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sp2vxU5LpdcS1T4G6mHVBO&gt=6&rand=105237
0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sp2vxU5LpdcS1T4G6mHVBO&gt=6&rand=105237
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host83.seedr.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:55 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.12.0
location
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sp2vxU5LpdcS1T4G6mHVBO&gt=6&rand=105237
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
9ce28a06-4191-4f07-ae33-8f794023f4b8
an.yandex.ru/mapuid/adfox/ Frame E537 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adfox/9ce28a06-4191-4f07-ae33-8f794023f4b8?jsredir=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:54 GMT
p
sm.rtb.mts.ru/ Frame E537
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=105237
  • https://rtb.com.ru/adriver-sync?uid=AV_jAd0ptmwNq7RiytbfNsQ
  • https://rtb.com.ru/sync?noRedirect=&sspKey=15&sspUserID=AV_jAd0ptmwNq7RiytbfNsQ
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D61a0c29ffa2d935035db4fe8%26r...
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D61a0c29ffa2d935035db4fe8%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526...
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.d...
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg....
  • https://prodmp.ru/li?guid=758B16324ADA6AFA8C8B&uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.di...
  • https://an.yandex.ru/mapuid/dmpmediadesk/61a0c29ffa2d935035db4fe8?sign=d2e7f7e1&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F...
  • https://x01.aidata.io/0.gif?pid=6472613&id=61a0c29ffa2d935035db4fe8&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D61a0c29ffa2d935035db4fe8%26i%3D7939301234216393124%26r%...
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=BgaKtMBNON5TbG6581MT5g
0
0
sync
nativeroll-sync.rutarget.ru/ Frame E537 		0
0
cm.gif
ad.mail.ru/ Frame E537 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=107&id=9ce28a06-4191-4f07-ae33-8f794023f4b8
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:54 GMT
Last-Modified
Fri, 26 Nov 2021 11:18:54 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=21600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Fri, 26 Nov 2021 17:18:54 GMT
ids
idsync.frontend.weborama.fr/ Frame E0CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc=
  • https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEDQ1lQSBr3MUOamUNdXumnw&google_cver=1
  • https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEDQ1lQSBr3MUOamUNdXumnw&google_gid=CAESEDQ1lQSBr3MUOamUNdXumnw&google_cver=1
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEDQ1lQSBr3MUOamUNdXumnw&google_gid=CAESEDQ1lQSBr3MUOamUNdXumnw&google_cver=1
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Protocol
H3
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEDQ1lQSBr3MUOamUNdXumnw&google_gid=CAESEDQ1lQSBr3MUOamUNdXumnw&google_cver=1
date
Fri, 26 Nov 2021 11:18:55 GMT
server
Apache
content-length
354
content-type
text/html; charset=iso-8859-1
ids
idsync.frontend.weborama.fr/ Frame E0CC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID
  • https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6670528900167045665
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6670528900167045665
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Protocol
H2
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:55 GMT
X-Proxy-Origin
168.119.25.196; 168.119.25.196; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a1f9d55a-8e0c-447f-aab5-3fcf0b02ae7a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6670528900167045665
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ids
idsync.frontend.weborama.fr/ Frame E0CC
Redirect Chain
  • https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
  • https://idsync.frontend.weborama.fr/ids?key=criteov2&value=spsfXgrRptdaGXRpAHlkfu_f8p0YImf_
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=spsfXgrRptdaGXRpAHlkfu_f8p0YImf_
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Protocol
H2
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=spsfXgrRptdaGXRpAHlkfu_f8p0YImf_
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3894
date
Fri, 26 Nov 2021 11:18:54 GMT
content-length
212
content-type
text/html; charset=utf-8
401736.gif
idsync.rlcdn.com/ Frame E0CC 		42 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/401736.gif?partner_uid=sp2vxU5LpdcS1T4G6mHVBO
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
collect
dx.frontend.weborama.com/ Frame E0CC
Redirect Chain
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wE2d8b4q@VfA
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wE2d8b4q%40VfA&bounce=1&random=568599677
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wE2d8b4q%40VfA&bounce=1&random=568599677
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Protocol
H3
Server
35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
102.80.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:54 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:54 GMT
server
nginx/1.12.0
location
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wE2d8b4q%40VfA&bounce=1&random=568599677
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame E0CC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=wE2d8b4q@VfA
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=wE2d8b4q@VfA
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=wE2d8b4q@VfA
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=wE2d8b4q@VfA
date
Fri, 26 Nov 2021 11:18:54 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
dcm
aax-eu.amazon-adsystem.com/s/ Frame E0CC
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=c3AydnhVNUxwZGNTMVQ0RzZtSFZCTw
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=c3AydnhVNUxwZGNTMVQ0RzZtSFZCTw&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=c3AydnhVNUxwZGNTMVQ0RzZtSFZCTw&dcc=t
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0S1G62X8ADRB7CHGMZJJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:55 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PJRJBRDZFFCD6B4PBQ7B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=c3AydnhVNUxwZGNTMVQ0RzZtSFZCTw&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ids
idsync.frontend.weborama.fr/ Frame E0CC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A6216F1C-E9FB-40A6-96D4-2197A0F136B7
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A6216F1C-E9FB-40A6-96D4-2197A0F136B7
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=rg.ru&d.r=1637925534655
Protocol
H2
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A6216F1C-E9FB-40A6-96D4-2197A0F136B7
date
Fri, 26 Nov 2021 11:18:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
integrator.js
adservice.google.de/adsid/ Frame 1A1B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1A1B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rg.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1A1B 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182795364955596&correlator=2556718582281796&output=ldjh&impl=fifs&eid=31063798%2C31061166%2C31063246&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=21770387747%2C300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C2x1&cust_params=300x250_desktop%3Drg.ru_300x250_desktop_12&cookie_enabled=1&cdm=rg.ru&bc=31&abxe=1&lmt=1637925534&dt=1637925534993&dlt=1637925534105&idt=840&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1120&adys=2456&adks=500895534&ucis=j1ftl1j4hq5d&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&top=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1781524426.1637925533&ga_sid=1637925535&ga_hid=1458890553&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
709e0ce604a3116f3272f8afeebfb048650fa27a037a9b7857de9c098fbcbfc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10329
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rg.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1A1B 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21b11fa79fbc01b62f356aac5dca3e719f120c68d215cf93b2744988dbaf16c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9168
x-xss-protection
0
container.html
2ba75d1ebbc5822591ce4f0f9c859d93.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A24D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ba75d1ebbc5822591ce4f0f9c859d93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 11:18:55 GMT
expires
Sat, 26 Nov 2022 11:18:55 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync
nativeroll-sync.rutarget.ru/ Frame 6C73 		0
0
sync
statsb.nativeroll.tv/nr/ Frame 6C73
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D0%26rand%3D670509
  • https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sp2vxU5LpdcS1T4G6mHVBO&gt=0&rand=670509
0
0
6c018077-dcdd-4908-b84d-f7ede88fb615
an.yandex.ru/mapuid/adfox/ Frame 6C73 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adfox/6c018077-dcdd-4908-b84d-f7ede88fb615?jsredir=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:55 GMT
rle.cgi
ad.adriver.ru/cgi-bin/ Frame 6C73 		42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=670509
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.51 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:54 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
image/gif
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cm.gif
ad.mail.ru/ Frame 6C73 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=107&id=6c018077-dcdd-4908-b84d-f7ede88fb615
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:55 GMT
Last-Modified
Fri, 26 Nov 2021 11:18:55 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=21600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Fri, 26 Nov 2021 17:18:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3277 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 26 Nov 2021 11:18:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FD77 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 26 Nov 2021 11:18:55 GMT
pixel
wam-google.solution.weborama.fr/ Frame 99A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
  • https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEIe7Ba2BKGgZ0tIf0p8eumw&google_cver=1
0
0
ids
idsync.frontend.weborama.fr/ Frame 99A8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID
  • https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6670528900167045665
0
0
ids
idsync.frontend.weborama.fr/ Frame 99A8
Redirect Chain
  • https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
  • https://idsync.frontend.weborama.fr/ids?key=criteov2&value=uBohprqcyl76OqSVtDgMOvCAN7cFQQ9F
0
0
401736.gif
idsync.rlcdn.com/ Frame 99A8 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/401736.gif?partner_uid=sp2vxU5LpdcS1T4G6mHVBO
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
collect
dx.frontend.weborama.com/ Frame 99A8 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=wE2d8b4q@VfA
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
102.80.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 99A8 		95 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=wE2d8b4q@VfA
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 99A8 		0
0
ids
idsync.frontend.weborama.fr/ Frame 99A8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A6216F1C-E9FB-40A6-96D4-2197A0F136B7
0
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1106 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 26 Nov 2021 11:18:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ Frame 1F13 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
595906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30089
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 19 Nov 2022 13:47:09 GMT
header-bidding.js
yandex.ru/ads/system/ Frame 1F13 		165 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6527e81b529ef56b554142b49d4c4a6c562db21381a6765a52d215200af081c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag
3238688833
x-yandex-req-id
1637925535076007-7871653245156159014-man1-2698-d21-man-l7-balancer-8080-BAL-7498
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 26 Nov 2021 12:18:55 GMT
context.js
yandex.ru/ads/system/ Frame 1F13 		301 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5428f1b998eaa9e73289bc72b89b485935dab6b47c4f1b21254b846ad6cafea0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag
2049392065
x-yandex-req-id
1637925535076287-5095121430469072022-man1-2698-d21-man-l7-balancer-8080-BAL-296
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 26 Nov 2021 12:18:55 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=aace84d6d9aea3ba&duid=1637925534998130503&p5=jznmh&rand=eznwygd&sj=Vp0ZvKvWB2JhY0t1fo-tF1q3Qjr2MqeQANbacg66I3lJGa1CwybUWPdmt_ffqQ%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhaty&ytt=148434074077205&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2F&pr=ncflyqm&p1=chfib&rqs=naq6bQEUh1qewqBhFfyJZf3zvTO4NAiU&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
bobid.js
fp.hybrid.ai/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp.hybrid.ai/bobid.js
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637925534674
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7170b733d833751c5a054598db93cb06aa3573194556a1adfd242e6c271632c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt
AcO1ry9/Wdv/eQMAAA==
x-accel-expires
@1637928246
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
etag
W/"616ea8f6-7ff9"
last-modified
Tue, 19 Oct 2021 11:16:06 GMT
server
CDN77-Turbo
x-77-nzt-ray
ype+11ImCBk=
x-77-cache
HIT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache
HIT
x-age
889
x-77-pop
frankfurtDE
prebid.js
st.hbrd.io/ 		0
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://st.hbrd.io/prebid.js
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637925534674
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt
AcO1rgXuvCP/fQMAAA==
x-accel-expires
@1637928242
date
Fri, 26 Nov 2021 11:18:55 GMT
etag
"619b69e0-0"
last-modified
Mon, 22 Nov 2021 09:58:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
sKFuMTs01+s=
x-77-cache
HIT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache
HIT
x-age
893
accept-ranges
bytes
x-77-pop
frankfurtDE
content-length
0
init
ssp.hbrd.io/metrics/ 		32 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/metrics/init?name=start_of_metrics
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637925534674
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.20 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
c9b0a498f37b5113cff3acfeeb6ee83e2d5b6108220032d05879e8bce859bf31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
content-type
text/plain; charset=utf-8
content-length
32
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
urls
ssp.hbrd.io/matching/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/matching/urls?
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637925534674
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.20 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BE65 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 26 Nov 2021 11:18:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1A1B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 26 Nov 2021 11:18:55 GMT
adfox
exchange.buzzoola.com/ssp/ 		11 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.buzzoola.com/ssp/adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
116.202.236.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.236.202.116.clients.your-server.de
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
server
nginx
serverid
TODO
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://rg.ru
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
11
adjson
ads.betweendigital.com/ 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:55 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
yhb
yhb.p.otm-r.com/ 		11 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
server
nginx/1.17.6
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
adfoxhb
hbe199.hybrid.ai/ 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
10501
content-length
31
expires
-1
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 65AD 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 26 Nov 2021 09:47:04 GMT
expires
Sat, 26 Nov 2022 09:47:04 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7E51 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
34f94b3d478ef0fff55d0c993f3b82059bab957650d4b16c0b397461464e2ed8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z4bCwL0OnV8+3JqCRqj7sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 26 Nov 2021 11:18:55 GMT
date
Fri, 26 Nov 2021 11:18:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-z4bCwL0OnV8+3JqCRqj7sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
stat
relap.io/api/v7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/stat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-relap-cookie,x-relap-unique
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
content-type
text/html;charset=UTF-8
content-length
0
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
vary
Origin
x-content-type-options
nosniff
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-allow-origin
https://rg.ru
access-control-max-age
1728000
access-control-allow-credentials
true
x-server
back17
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
date
Fri, 26 Nov 2021 11:18:55 GMT
strict-transport-security
max-age=5184000; includeSubdomains;
stat
relap.io/api/v7/ Frame 2964 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://relap.io/api/v7/stat
Requested by
Host: relap.io
URL: https://relap.io/v7/vendor.70a5e16820b6b0a388e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie
rlprp=eZJFUg:SFTu2g
Referer
Accept-Language
de-DE,de;q=0.9
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Relap-Unique
N2NhNzYx

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
access-control-max-age
1728000
vary
Origin
content-length
2
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma
no-cache
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rg.ru
x-relap-cookie
rlprp=eZJFUg:SFTu2g; rlpvp=eZJFUg:NkYkJw
cache-control
max-age=1, no-cache
x-server
back14
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie
access-control-expose-headers
X-Relap-Cookie
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 88D8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 26 Nov 2021 09:47:04 GMT
expires
Sat, 26 Nov 2022 09:47:04 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3CFE 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
72de138091a4127d8e5d590c4ae35d14785bbef7e29e045e8f67dede542d16d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CQ0/kWNgj9mvv1UI4ve3WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 26 Nov 2021 11:18:55 GMT
date
Fri, 26 Nov 2021 11:18:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-CQ0/kWNgj9mvv1UI4ve3WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 873B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 26 Nov 2021 09:47:04 GMT
expires
Sat, 26 Nov 2022 09:47:04 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A8BF 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
44f86ee05a7423ba6d49e22b6e5d16d03615e75affb54888e8e8180efcb67580
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QSrdgG/LWcdeTApNAkAhmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 26 Nov 2021 11:18:55 GMT
date
Fri, 26 Nov 2021 11:18:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-QSrdgG/LWcdeTApNAkAhmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5A7B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 26 Nov 2021 09:47:04 GMT
expires
Sat, 26 Nov 2022 09:47:04 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 5905 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fe70e2ecab0cff436ec5c30952cfcc1219cacd05fee4c0c6672c35f2931aa284
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-711d9Pr6HRlQwLZRILvgKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 26 Nov 2021 11:18:55 GMT
date
Fri, 26 Nov 2021 11:18:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-711d9Pr6HRlQwLZRILvgKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F784 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 26 Nov 2021 09:47:04 GMT
expires
Sat, 26 Nov 2022 09:47:04 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5511
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 45F0 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f6f5242e20b67243404b02996af01df7047f6202abfb1f546a0c72e37550502f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IyXTZ4zVGHtSG8nzQGcYfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 26 Nov 2021 11:18:55 GMT
date
Fri, 26 Nov 2021 11:18:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-IyXTZ4zVGHtSG8nzQGcYfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
features
dm.hybrid.ai/bobid/ 		41 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dm.hybrid.ai/bobid/features
Requested by
Host: fp.hybrid.ai
URL: https://fp.hybrid.ai/bobid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
a4cfb5544439c0f4258334a41116f1d81a4e993969dbe36a932e696a0bd3a8fa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
server
Hybrid Web Server
vary
Accept-Encoding
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
126
content-type
application/json; charset=utf-8
content-length
44
x-xss-protection
1; mode=block
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame EFF1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7GGr8nTYMLxiJUUsxez2QDP0dHBfSOrAOHz5_ltp5XMRvmzLw8PSzlA5_ZGwOw6X3qsO4fTaYll6K9U3-6azcCi6E9WYGqobXYmHzTLj1I_SmKGKqL_6wnE70ydKB06V3BkQRoonIBOSenbhTKro59UeFFund5X14zc_6ctmLvxJpo5AG7wQt43eadeLhsnPRuoCCBf2nuaLixIxBB_GZckOoO-b6cTJ_kDFKdTompJug2Pk129EIG9Ad4j8BoSc6d305s9DgLrTxENjypFOsw1e7Dll7F7Lb0BN49gmYUlZWF0eJ&sai=AMfl-YQYllRDRL3fqD6CUcfwEr6id9vZeM_EdFKfwaPSdmX6R9itNC8F8Dsra5bmVp0lwXkU1SN78gt0KnMyx7lymwRM8tOiNBp7oPVB2Absg3OAUxKps2xZExCTG4ayclg&sig=Cg0ArKJSzGVHp-ug04BUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adfox-adx-stub.js
yastatic.net/pcode/adfox/ Frame EFF1 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode/adfox/adfox-adx-stub.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
15032
last-modified
Wed, 17 Mar 2021 06:04:30 GMT
server
nginx/1.17.9
etag
"21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Nov 2021 12:16:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EFF1 		0
0
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmv&hash=7bbbef12896b86cf&duid=1637925534998130503&pxo=HpcIyVyqy0kGTiQi9mHIaCUKoaiJVkRmLkXsggMKZ00Rf1eSGPz-ko36TW2XhbT7zzZrClsAn0t2yHRXwzskSzhw4aS4zPkts1LYfJegkscdGdFt94E26JrMZD1rxVXc38I4XxHIFz6AwnzZnVDmViCFFjBYF8oQrXCdf2ZSfhPvE0X15PsKcA%3D%3D&p5=gdhai&rand=kradscb&sj=G3HLLzsjq8VyTiSpaImYGJUUZ0_k99ResaKaS-0WdRhs5FNqBs926ZV_vmtphA%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=chfiz&rqs=naq6bQEUh1qdwqBhjcYlJ7TiwcMgDGk5&rtb-si=b&p2=fjgg&resp-time=1152&creative-id=138298183723&google-width=300&google-height=600
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&date=2021-11-26T11%3A18%3A55.269%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=93891485&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074077205&is-turbo=0&skip-token=yabs.NzIwNTc2MDUzNzc4NjYwNjQKNzIwNTc2MDUyMzg4OTE5MjQKNzIwNTc2MDQ4MDc5NDQ5ODE%3D&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A400%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A430%2C%22top%22%3A1870%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A20%2C%22ad_no%22%3A18%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=400&pp=qcg&services=%5Bobject%20Object%5D&pk=nonrvideo2&p2=fjgg&ps=cgiu&slotNumber=27&bids=W3siY2FtcGFpZ25faWQiOjEyMjQzNTksInJlc3BvbnNlX3RpbWUiOjI2LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNTYzNzM3In0seyJjYW1wYWlnbl9pZCI6ODczOTgxLCJyZXNwb25zZV90aW1lIjozNywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM5NDU4MDYifSx7ImNhbXBhaWduX2lkIjo5OTg0NzQsInJlc3BvbnNlX3RpbWUiOjE0NiwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjQzOnJnX2lucGFnZV92YXN0In0seyJjYW1wYWlnbl9pZCI6MTQyMTQ0MywicmVzcG9uc2VfdGltZSI6NDUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2NDQwIn0seyJjYW1wYWlnbl9pZCI6MTU5NzM0NiwicmVzcG9uc2VfdGltZSI6MTM0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjA1YmUwMmIzZDVhMmRhYjI0ZDZhNThkIn1d&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f5acd0aa566dec1ad45d98f2273ca40d08290443b2d86b04cc296872f3602db5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925535300734-1650083725379330866400245-production-app-host-vla-pcode-79
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:55 GMT
save
ssp.hbrd.io/metrics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/metrics/save?name=ssp_script_loaded
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.20 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
tdm-id
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
POST
access-control-allow-origin
https://rg.ru
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
save
ssp.hbrd.io/metrics/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/metrics/save?name=ssp_script_loaded
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637925534674
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.20 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
tdm-id
e627dd22691f4d2db03431157c705458
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
in-image-overlay.js
st.hbrd.io/ssp/ 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.hbrd.io/ssp/in-image-overlay.js?ver=2e56d
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637925534674
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7bb365943ed1649e62a95b0ddcbdd8ed1ce7979a14b46f8beaf852037dbcb358

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-nzt
AcO1rgVpc43/egMAAA==
x-accel-expires
@1637928245
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
etag
W/"619b69e6-d156"
last-modified
Mon, 22 Nov 2021 09:59:02 GMT
server
CDN77-Turbo
x-77-nzt-ray
wIjpO1PumwI=
x-77-cache
HIT
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache
HIT
x-age
890
x-77-pop
frankfurtDE
usync.html
eus.rubiconproject.com/ Frame A245
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=51eb3150-c48b-524a-b638-ab83d798691e&CACHEBUSTER=469608
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 26 Nov 2021 11:18:55 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Fri, 26 Nov 2021 11:18:55 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
4e51507e3b3fc8f9151b.js
yastatic.net/partner-code-bundles/49422/ Frame 1F13 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/4e51507e3b3fc8f9151b.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d9c9b9f80c7fbdcc2ef6abe5d2182e9891d6f273830b00a744d05552a21b896f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4454
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"4e5871d7ef3811951d665e56ae812382"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 17:52:34 GMT
df68bffbff5ae367a9a6.js
yastatic.net/partner-code-bundles/49422/ Frame 1F13 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/df68bffbff5ae367a9a6.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
42f778eacf147663de14a5a700f83fef31c1dbdf56001b1f71478145c9391369
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17116
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"2ed5bd1577fc37a67ec058623af0437f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 17:52:35 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ Frame 1F13 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 17:54:17 GMT
394f92cef988f11256c8.js
yastatic.net/partner-code-bundles/49422/ Frame 1F13 		639 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/394f92cef988f11256c8.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
93c047f6bcfb7f7e8173521abe23a3f2ef3e31424ef5e4d27bef44cf5297d72c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
131576
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"4411cc5ea4047a827feebd9b94c0f945"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 17:52:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6296 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzCELeQL5c8wkp09cbJmMoO9rewcjs4R25k0kpg_z18-2tn6VVt37BTkrhbD9kxhEg3XeZE7DosGvwaSUj5PrQ5x-1LFC-RMfn31vhe7vmhyV7Ys1mFT7rMN634vkIZXNEb4Ocm1KDo8O2IVHKykfM-GwF0aA7i--5hiNK4Vi-4prghHi5NxQu7Wj99oz_h-cyYlmOyAaYqJUXUxlPAksLy9lIB2wp8ekQ_hduT4yw_ToSXJnNQYauJxlnFPUeWRg2BlQRQ5eVZPiP5zRbc-Cs8PBrC7FcHc4VyiDuDaiRz0iD09chbuFG&sai=AMfl-YTft6TgmroufxPLCREivthNDgPfFlRfARWxiiZ7Dvrpw-KmvE8GRL5qNFfsCGJLd1SrSZaGOF821jeBBFuEJrOJLx9xSZtRA14bnN_K391krX6ZObPsFlU-p0vIwF82&sig=Cg0ArKJSzN4ZWMeqdfzrEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adfox-adx-stub.js
yastatic.net/pcode/adfox/ Frame 6296 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode/adfox/adfox-adx-stub.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
15032
last-modified
Wed, 17 Mar 2021 06:04:30 GMT
server
nginx/1.17.9
etag
"21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Nov 2021 12:16:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6296 		0
0
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmv&hash=ccc056a0f89741b0&duid=1637925534998130503&pxo=rLVZJwBicc_tRxFOCRKSKLJCX59UMaQinI_1TEi5R74Jg8QZPjmjJGPEBqS9CjYk2l7C1ZISK_72R-JRPh-XQqISceD52ZgWLCOeueDoYG1vTQl1mcNp8IrcQQp_Qy-Gjlsd6cxkv5c8bqg8gP9soStfHNp3VtBY_bP5qclWjfVkLV6dPPQ%3D&p5=gdhai&rand=eazywtj&sj=MmTP3nuFLLcIu0T_yQr5nwZM7Kd1SDTbh8vhEyKxOZioDqNrE1fZqw07WWG4rw%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvnei&rqs=naq6bQEUh1qdwqBh8sYwVCXuaeTsMLGU&rtb-si=b&p2=fjgg&resp-time=1245&creative-id=138297716403&google-width=240&google-height=400
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
getcookie
matchid.adfox.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
access-control-allow-headers
accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-credentials
true
date
Fri, 26 Nov 2021 11:18:55 GMT
timing-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://rg.ru
x-content-type-options
nosniff
getcookie
matchid.adfox.yandex.ru/ Frame 1F13 		240 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
9ee7676ba866e159c66b78b9e71208ec543ba28b5d8ff3601619e3fd8ef1995b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
240
x-content-type-options
nosniff
content-type
application/json
publishertag.js
static.criteo.net/js/ld/ Frame 1F13 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:13 GMT
server
nginx
etag
W/"618cb9a1-1d4ec"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 27 Nov 2021 11:18:55 GMT
bid.cgi
pb.adriver.ru/cgi-bin/ Frame 1F13 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rg.ru
Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:55 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adjson
ads.betweendigital.com/ Frame 1F13 		11 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
ad.mail.ru/hbid_yandex/ Frame 1F13 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 26 Nov 2021 11:18:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
yhb
yhb.p.otm-r.com/ Frame 1F13 		11 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.105.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
server
nginx/1.17.6
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ Frame 1F13 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
adfoxhb
hbe199.hybrid.ai/ Frame 1F13 		11 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
11502
content-length
31
expires
-1
container.html
303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9106 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 26 Nov 2021 11:18:54 GMT
expires
Sat, 26 Nov 2022 11:18:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmu&hash=cc30b7f9692bcfa3&duid=1637925534998130503&pxo=kO98sH640Hgx4FoonymLCb1SbRB4TmlLnRiFsDTYOxJMu1ApgMxVSy_isHld81yUqVb7YODHgOefet4UMd_oN6AqM7MI4NH4WdpS-bH-PI83KbV1Jh6XIx9p3IE0tzCyFM5FotkDNRhOgbKZvvAmDNZa7JSGBrU-r3_av4RjS0s4TDH3cb4%3D&p5=gdhai&rand=igfvwhw&sj=PGlHicFegmNnF2s3BYXtipb2uaIORhJEHO4xCT2U1o5vTwF2Y-V9HpEV4IP5wg%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bzqke&rqs=naq6bQEUh1qdwqBhZ9aZp-WwMZSeUZYh&rtb-si=b&p2=fjgg&resp-time=1273
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7E51 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=3372142770173366&rc=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3CFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=426023039423202&rc=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A8BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=1417310507231258&rc=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 4E8E 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
215301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Tue, 23 Nov 2021 23:30:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 23:30:34 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4E8E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
313599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 22 Nov 2021 20:12:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Nov 2022 20:12:16 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4E8E 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
193148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Wed, 24 Nov 2021 05:39:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Nov 2022 05:39:47 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4E8E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
216745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Tue, 23 Nov 2021 23:06:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 23:06:30 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4E8E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js?31063798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
217131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Tue, 23 Nov 2021 23:00:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Nov 2022 23:00:04 GMT
truncated
/ Frame 4E8E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a677074194d5978cd10ca4c3ccc78257801e180db818a6aea292b57c0ef3f8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
7907253406037872059
tpc.googlesyndication.com/daca_images/simgad/ Frame 4E8E 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/7907253406037872059
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1a14d699b59ba1936b9c15e90327139eddcaa76e4ea3db9fc8aabcbb34bdc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 14:19:15 GMT
x-content-type-options
nosniff
age
334780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49842
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 13:16:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 22 Nov 2022 14:19:15 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4E8E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Nov 2021 17:58:03 GMT
x-content-type-options
nosniff
server
cafe
age
62452
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Fri, 26 Nov 2021 17:58:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4E8E 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Nov 2021 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
65990
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 26 Nov 2021 16:59:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4E8E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-lrsn8KgYYL-AaGP7_UP3uyosAWy2IXeZu3KkaHvDpHh2oLQKhABINeUwm5gldL1gZQHoAH7gfu-A8gBAqkC5zR8h0PZsj7gAgCoAwHIAwiqBLsCT9AAGo3yOtbl9k9bHCQOVFz5p46ZzIeY6h9ZWJJcYefI5mC1lYJxOtvwujNVVN4VZ84YZqiMeb-HZR8KBKEH60Vc5ZlNOMDw4nf_NPQP-aDEgxC9R2ge2mGDISKXinEXr_iVNZ9uQJ4l8R1dZVYI86UL-bszAMlB_H5qgklnzeFmC9gIzvV6tZ-MnBKmgPyfJK9RDQCUuRlcbQFI7r-NCYv9ZbkIHtoVamczlLuXT_XdSpcZIepnlt74sMJczici-W7gEV_Q_8Aq-OwByjfvraGEAYVkuh-aQy_J4aDbkwBfJDloe0BpS9m-Gur7JJPeWmXDbmoWDScwGKAP-0KjJjQo6bRGCZiUSL2Sxo1kYr3qiQ3d83y2OWjzUOEOCwsZdgyyPA3Ei1Pb2iJo2Dzc2esQUuXutErm1TQbwASjoaqS5wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH7f2EQagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJW_FdIICQiI4YAQEAEYHYAKA8gLAdgTC9AVAYAXAbIXHgocCAASFHB1Yi05OTUyNjQ1MTYwNzIxNDM4GLuVbw&sigh=hcSSJCE75Gk&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmu&hash=227447e2c0d4e6a1&duid=1637925534998130503&pxo=otIgIHxW4O8cmGs-7coFmUeWBWYxAonhL2umvJuxXQ25ULvxGU7LXVIeKLKLQpcpiAoW-s1Fp18hrtiYTcZv8zdoTzM01_dM6ZbuJr5y-T8wz67EeqRgMBTIE5UbfpFu0RT9Hp61KATCBRUAX6mfbSzZspmx9WzNBRQzit61bnZXX-7nPWk%3D&p5=gdhai&rand=hraaepb&sj=3JlQdRK5XdbzYbki6a6FV_OQYyUG61a3YQbtG9xz_mE8b_GAnsjw5TBXQX1apQ%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvobk&rqs=naq6bQEUh1qdwqBhEt8M-kfzYR8woBv6&rtb-si=b&p2=fjgg&resp-time=1293
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5905 		0
0
v2
an.yandex.ru/adfox/5906/getBulk/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?availableHeight=600&availableWidth=300&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NDI1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTUwMDcxMiJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6Mjc5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNzMyNDg1In0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjozODIsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ18zMDDRhTYwMCJ9LHsiY2FtcGFpZ25faWQiOjg3Mzk4MSwicmVzcG9uc2VfdGltZSI6NDMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyOTQ4MzA5In0seyJjYW1wYWlnbl9pZCI6MTM1MjEzMywicmVzcG9uc2VfdGltZSI6NTMsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiJkaU5URjBNSU9JblFzSlFxNXpBMiJ9LHsiY2FtcGFpZ25faWQiOjE1OTczNDYsInJlc3BvbnNlX3RpbWUiOjIxNywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjYwNWJkY2IwM2Q1YTJkYWIyNGQ2YTU4YiJ9XQ%3D%3D&date=2021-11-26T11%3A18%3A53.824%2B00%3A00&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&enable-flat-highlight=1&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&grab-orig-len=624&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1120%2C%22top%22%3A1951%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A15%2C%22ad_no%22%3A6%7D&p2=fjgg&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-version=49422&pd=26&pdh=1200&pdw=1600&pp=vsn&pr=4042162708&pr1=1546735109&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&prr=&ps=cgiu&pv=11&pw=5&raw-smart-content=1&route=ssr&screenType=desktop%20desktopFull&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&services=%5Bobject%20Object%5D&skip-token=&slotNumber=20&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&ssr-request=true&tga-with-creatives=1&use-server-side-rendering=1&utf8=%E2%9C%93&ybv=0.49422&ylv=0.49422&ytt=148434074208277&lvlfrom=20&rqs=naq6bQEUh1qdwqBhjcYlJ7TiwcMgDGk5&rtb-si=1&dmv=2&csl=&ad-session-id=4873901637925533324&rtb-answer-hash=15134137757433556710&usgn=AQ-QtgblPY3YFyrHzrj6-AXFmK_O066-DueP1-0zNPuu&resp-time=1310
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e25ddc90a3feb20d2bd913c7cbf436afe96f5086a764f32129de8837d214c676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925535438154-268066805852582734800240-production-app-host-sas-pcode-228
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:55 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmt&hash=39aa76e5c42dfdb1&duid=1637925534998130503&pxo=HpcIyVyqy0kGTiQi9mHIaCUKoaiJVkRmLkXsggMKZ00Rf1eSGPz-ko36TW2XhbT7zzZrClsAn0t2yHRXwzskSzhw4aS4zPkts1LYfJegkscdGdFt94E26JrMZD1rxVXc38I4XxHIFz6AwnzZnVDmViCFFjBYF8oQrXCdf2ZSfhPvE0X15PsKcA%3D%3D&p5=gdhai&rand=lmqvjbm&sj=G3HLLzsjq8VyTiSpaImYGJUUZ0_k99ResaKaS-0WdRhs5FNqBs926ZV_vmtphA%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=chfiz&rqs=naq6bQEUh1qdwqBhjcYlJ7TiwcMgDGk5&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 45F0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=1182795364955596&rc=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 65AD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 19:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
56351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 19:39:44 GMT
save
ssp.hbrd.io/metrics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/metrics/save?name=ad_container_init
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.20 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
tdm-id
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
POST
access-control-allow-origin
https://rg.ru
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
/
ssp.hybrid.ai/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?_KK_3AqRQ0iTmDsxbOX8iHZ9dU8UPLQqxyGWClptXzM8-AJl8WRCw4CFhWeyJCcm93c2VyIjp7IlVybCI6Imh0dHBzOi8vcmcucnUvMjAyMS8xMS8yNS9rb2xpY2hlc3R2by1hdGFrLW5hLWJpem5lcy1zLXBvbW9zaGNoaXUtcHJvZ3JhbW0tdnltb2dhdGVsZWotdXZlbGljaGlsb3MtbmEtMjAwLmh0bWwiLCJMYW5ndWFnZSI6ImVuLVVTIiwiU2NyZWVuV2lkdGgiOjE2MDAsIlNjcmVlbkhlaWdodCI6MTIwMCwiVGltZXpvbmVPZmZzZXQiOjB9LCJJc0ZpcnN0Ijp0cnVlLCJQYWdlVmlzaXRJZCI6IjQ5NzE5ODg0ODk4NDI4ODIxNjM3OTI1NTM1NDcwIiwiQWRQbGFjZU51bWJlciI6MSwiUGxhY2VJZCI6IjVmYjUxMjUwNGQ1MDZlYTU1Y2I3ZjY0MyIsIkNvbnRhaW5lcklkIjoiaW4taW1hZ2Utb3ZlcmxheS01ZmI1MTI1MDRkNTA2ZWE1NWNiN2Y2NDMtYmFubmVyLWlkLTE1MDkyOTM4NDkwMTIiLCJhZGRpdGlvbmFsSW5mbyI6eyJpbWFnZVVybCI6Imh0dHBzOi8vY2RuaW1nLnJnLnJ1L2ltZy9jb250ZW50LzIyMS82My83My8yMjE1X3RfMTAweDY3LnBuZyIsImltYWdlU2l6ZXMiOlsiNDY4eDYwIl0sIm1heFdpZHRoIjo2NjAsIm1heEhlaWdodCI6MzcyLCJIeWJyaWRBaUJvYklkIjoiNmNlNGQwNzk3OGU4NDk5MWNjODhlMzQ2NGQ5Mzk3YTIifX0=&gdpr_cnsnt=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
tdm-id
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
GET
access-control-allow-origin
https://rg.ru
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
plgt.js
dm.hybrid.ai/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dm.hybrid.ai/plgt.js?gapl=&cs=&pcs=&vcs=
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp/in-image-overlay.js?ver=2e56d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
122
x-xss-protection
1; mode=block
expires
-1
save
ssp.hbrd.io/metrics/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/metrics/save?name=ad_container_init
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637925534674
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.20 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
tdm-id
e627dd22691f4d2db03431157c705458
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
/
ssp.hybrid.ai/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hybrid.ai/?_KK_3AqRQ0iTmDsxbOX8iHZ9dU8UPLQqxyGWClptXzM8-AJl8WRCw4CFhWeyJCcm93c2VyIjp7IlVybCI6Imh0dHBzOi8vcmcucnUvMjAyMS8xMS8yNS9rb2xpY2hlc3R2by1hdGFrLW5hLWJpem5lcy1zLXBvbW9zaGNoaXUtcHJvZ3JhbW0tdnltb2dhdGVsZWotdXZlbGljaGlsb3MtbmEtMjAwLmh0bWwiLCJMYW5ndWFnZSI6ImVuLVVTIiwiU2NyZWVuV2lkdGgiOjE2MDAsIlNjcmVlbkhlaWdodCI6MTIwMCwiVGltZXpvbmVPZmZzZXQiOjB9LCJJc0ZpcnN0Ijp0cnVlLCJQYWdlVmlzaXRJZCI6IjQ5NzE5ODg0ODk4NDI4ODIxNjM3OTI1NTM1NDcwIiwiQWRQbGFjZU51bWJlciI6MSwiUGxhY2VJZCI6IjVmYjUxMjUwNGQ1MDZlYTU1Y2I3ZjY0MyIsIkNvbnRhaW5lcklkIjoiaW4taW1hZ2Utb3ZlcmxheS01ZmI1MTI1MDRkNTA2ZWE1NWNiN2Y2NDMtYmFubmVyLWlkLTE1MDkyOTM4NDkwMTIiLCJhZGRpdGlvbmFsSW5mbyI6eyJpbWFnZVVybCI6Imh0dHBzOi8vY2RuaW1nLnJnLnJ1L2ltZy9jb250ZW50LzIyMS82My83My8yMjE1X3RfMTAweDY3LnBuZyIsImltYWdlU2l6ZXMiOlsiNDY4eDYwIl0sIm1heFdpZHRoIjo2NjAsIm1heEhlaWdodCI6MzcyLCJIeWJyaWRBaUJvYklkIjoiNmNlNGQwNzk3OGU4NDk5MWNjODhlMzQ2NGQ5Mzk3YTIifX0=&gdpr_cnsnt=
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637925534674
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.17 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
tdm-id
e627dd22691f4d2db03431157c705458
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 88D8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 19:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
56351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 19:39:44 GMT
cdb
bidder.criteo.com/ Frame 1F13 		148 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=60222197529
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
73ca93316b37203ef2bf6287414184717b11c9302ebcf08bbe0885d366b84fb6

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 26 Nov 2021 11:18:54 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rg.ru
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
148
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 873B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 19:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
56351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 19:39:44 GMT
usync.js
eus.rubiconproject.com/ Frame A245 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
88b8317bad05fa241b8001ba25175171729b7df8d67f4f1c796e36e52a4a624e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83575
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9512
Expires
Sat, 27 Nov 2021 10:31:50 GMT
bids
ssp.afp.ai/api/adfox/ 		11 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.afp.ai/api/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.223.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-223-130.eu-central-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
server
uvicorn
content-length
11
content-type
application/json
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=7d1e1e5a43043cac&duid=1637925534998130503&p5=kjzzn&rand=inxvveu&sj=IzxBbYAqYNkDfCUhS5ROJaMwSCjVYvv6vRgoWW1WjIpxEh0qL0D8M19OoiQ1Xg%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatz&ytt=148434074077205&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=cdbup&rqs=naq6bQEUh1qfwqBhTQ4_rYz8WUnolF01&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		50 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?availableHeight=400&availableWidth=300&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NDAyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5MTgxMyJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MjE3LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzM1ODA4In0seyJjYW1wYWlnbl9pZCI6OTk4NDc0LCJyZXNwb25zZV90aW1lIjoyOTAsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI0MzpyZ18yNDB4NDAwX2xlZnQifSx7ImNhbXBhaWduX2lkIjoxNDIxNDQzLCJyZXNwb25zZV90aW1lIjo0MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE4ODcifSx7ImNhbXBhaWduX2lkIjo4NzM5ODEsInJlc3BvbnNlX3RpbWUiOjQzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjc2OTcwMSJ9LHsiY2FtcGFpZ25faWQiOjEzNTIxMzMsInJlc3BvbnNlX3RpbWUiOjUyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiUVFCY2hwZnNscFJ5MHpoeXdldm8ifSx7ImNhbXBhaWduX2lkIjoxNzI5MTk3LCJyZXNwb25zZV90aW1lIjoyMDQsImVycm9yIjp7ImNvZGUiOjF9fSx7ImNhbXBhaWduX2lkIjoxNTk3MzQ2LCJyZXNwb25zZV90aW1lIjoyMjAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2MDViZGJmNjNkNWEyZGFiMjRkNmE1ODgifV0%3D&date=2021-11-26T11%3A18%3A53.801%2B00%3A00&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&enable-flat-highlight=1&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&grab-orig-len=624&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1150%2C%22top%22%3A432%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A12%2C%22ad_no%22%3A6%7D&p2=fjgg&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-version=49422&pd=26&pdh=1200&pdw=1600&pp=ibf&pr=4042162708&pr1=3505132614&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&prr=&ps=cgiu&pv=11&pw=5&raw-smart-content=1&route=ssr&screenType=tablet%20desktop%20desktopFull&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&services=%5Bobject%20Object%5D&skip-token=&slotNumber=12&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&ssr-request=true&tga-with-creatives=1&use-server-side-rendering=1&utf8=%E2%9C%93&ybv=0.49422&ylv=0.49422&ytt=148434074208277&lvlfrom=20&rqs=naq6bQEUh1qdwqBh8sYwVCXuaeTsMLGU&rtb-si=1&dmv=2&csl=&ad-session-id=4873901637925533324&rtb-answer-hash=6845637026971293562&usgn=AbZhQIK5e6CHxT9pBapqskQ1DlZVifmONxYHPKd0M-2c&resp-time=1459
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3128fd91777357710fb63bda44f0272e4d48595bf281722d9087d3f51f3134d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
ssr
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925535549090-917099541156042590500273-production-app-host-man-pcode-94
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:55 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmt&hash=d8c35567177b8119&duid=1637925534998130503&pxo=rLVZJwBicc_tRxFOCRKSKLJCX59UMaQinI_1TEi5R74Jg8QZPjmjJGPEBqS9CjYk2l7C1ZISK_72R-JRPh-XQqISceD52ZgWLCOeueDoYG1vTQl1mcNp8IrcQQp_Qy-Gjlsd6cxkv5c8bqg8gP9soStfHNp3VtBY_bP5qclWjfVkLV6dPPQ%3D&p5=gdhai&rand=nihmwod&sj=MmTP3nuFLLcIu0T_yQr5nwZM7Kd1SDTbh8vhEyKxOZioDqNrE1fZqw07WWG4rw%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvnei&rqs=naq6bQEUh1qdwqBh8sYwVCXuaeTsMLGU&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame F784 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 19:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
56351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Nov 2022 19:39:44 GMT
css
fonts.googleapis.com/ Frame 9106 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 09:49:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 26 Nov 2021 11:18:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Nov 2021 11:18:55 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9106 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:15:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 11:15:11 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9106 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrJPUnsKgYa32NuSl9u8PueWwkA726IHeZsi8j9e5CdzSoqXhExABINeUwm5gldL1gZQHoAHx7OHYA8gBCakC5zR8h0PZsj7gAgCoAwHIA5sEqgS6Ak_QmvfV_nVeIeu1YD17ae-0SrLVEb7Y4gb59VvnooXPnEZ7qVHIGYLi0RDfeXIEHlJlqy3IywzX9t8VjG2VSeYSH-ID2wT4kaaJUf1T3gGreTPsq7OjfKjH0gMYWfU760SnP0KH9fxgZtq3pRqydvcLOw0ybXwwnnHqhYnlHd3DXbDrOo_RLCBANH-nS3E6VRsu-fMOecpAVuhy8J1yks47RjexOJO-e-u-CNdyIdrhmrT9P0f1j57cfI0D8A9L4RK7UDAObXDil50gfxX6xiIJtto4I88a3YyJ09UseYCr5T0_VuZmqZaG3HttwHbzNi5F4APE6TqYkx-DGiXOWWcT6hD1yikeVlEVbwqI-evQbXWUcPMCZoU7quvXZXXVhMgZlNVKR5iXxnRjskkqeQ_qY8l9x9uHwtwRwASMu9PanwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH95KeJ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBD58iTSCAkIiOGAEBABGB2ACgPICwHYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTk1MjY0NTE2MDcyMTQzOBi7lW8&sigh=5LgMWWSgD5s&uach_m=[UACH]&template_id=494
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 9106 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
962
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 11:02:53 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9106 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:14:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 11:14:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9106 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 26 Nov 2021 11:18:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9106 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
16810888504096353422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Dec 2021 11:16:09 GMT
l
www.google.com/ads/measurement/ Frame 9106 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTj4Bg_oOaM_TW5yNK2HAcq1BEOdAYu1tYFqk9A6RTIhEuH-OJGWXhrKfs7fHXLzTFS26aD9T2RpAKvGRdhB-38hU2ag
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 9106 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 21:25:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 22 Feb 2022 21:25:22 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 9106 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTqW0hmC0nV_zzLLpxCK9Mwj_VsCqmDzpctXfFHXbuarm9GHOkoKLpfOkn4hA&usqp=CAI
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02026547b95b05176f1fee450499b6b4312c3d1a490a061ed024b56e29513d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 11:21:55 GMT
x-content-type-options
nosniff
age
86220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42119
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 04:13:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 25 Nov 2022 11:21:55 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 9106 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSYxMqs_4LonWl_QEbSUO6lhN-O1_Ykgu3Owlbv5G80TMGnBjJoln4jqppSvE4&usqp=CAI
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642af5e97ae2e08d20a1211a17598390a974f3f3439e82e6bce1255da54c4a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 11:10:26 GMT
x-content-type-options
nosniff
age
432509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54298
x-xss-protection
0
last-modified
Sat, 30 Oct 2021 04:13:33 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 21 Nov 2022 11:10:26 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 9106 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcT6NneIKQth9HUFwgvb6aWKiz-NboLnOOgFBg24fDy-CNtsF4f5m5umujv0AQI&usqp=CAI
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f32387e6ef22029330de5a2045d6788bad2535e4fdca260365aff30ac41b984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 00:03:57 GMT
x-content-type-options
nosniff
age
40498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29619
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 07:05:04 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 26 Nov 2022 00:03:57 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 9106 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSCKQNvGGS0dK_J8RW3HOft-196Y-lXrl7PRpqwAQAXRI2kZMkKimxQN5ZJUw&usqp=CAI
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71b5630a6dcf946a05c5ef8d4101688c00e53fff227ea4f269c6cb4198f04e00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 05:57:20 GMT
x-content-type-options
nosniff
age
451295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41803
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 16:37:08 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 21 Nov 2022 05:57:20 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 9106 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRQAc23DCGMwGE4sJBq01K7Z28mU6GvWt7F-GSAgD-YIFjErP1W&usqp=CAI
Requested by
Host: 303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
URL: https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3eeac4d89ad1bbcf137266bc9314e17ba275949379e3309075d44b181b4b474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 22:50:20 GMT
x-content-type-options
nosniff
age
304115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15487
x-xss-protection
0
last-modified
Thu, 04 Apr 2019 14:51:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 22 Nov 2022 22:50:20 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=6804e682c2bbc365&duid=1637925534998130503&p5=kljec&rand=bibznzn&sj=ZEnN3ELpW0oZiLJZZ9jo6jHw_zVJWrBfbZwNhDH2hoaBh2C3Ud-bKBLFcALyzQ%3D%3D&ad-session-id=4873901637925533324&utg=oxum&lts=fhwhatz&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=chfiz&rqs=naq6bQEUh1qdwqBhjcYlJ7TiwcMgDGk5&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
4769286.a1d3013d788792c2f25578c927d74607.gif
banners.adfox.ru/211108/adfox/1292588/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banners.adfox.ru/211108/adfox/1292588/4769286.a1d3013d788792c2f25578c927d74607.gif
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
b1afeb37d1070e879ac626902872c8a71c7bcb1b874c2a626b05451e8aa7b2db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
last-modified
Mon, 08 Nov 2021 01:41:39 GMT
server
nginx
x-amz-request-id
56ac62672a3f068a
etag
"a1d3013d788792c2f25578c927d74607"
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/gif
access-control-allow-origin
*
content-length
139533
accept-ranges
bytes
x-amz-version-id
null
x-nginx-request-id
56ac62672a3f068a
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4E8E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
events
bidder.criteo.com/csm/ Frame 1F13 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
an.yandex.ru/adfox/5906/getBulk/ Frame 1F13 		171 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2F&date=2021-11-26T11%3A18%3A55.608%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=3384435718&pr=2355864844&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434069948437&is-turbo=0&skip-token=&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A728%2C%22win_height%22%3A90%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22quirks%22%3Atrue%2C%22w%22%3A728%2C%22h%22%3A0%2C%22width%22%3A728%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=728&availableHeight=0&pp=i&ps=cgiu&p2=fjgg&slotNumber=1&bids=W3siY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6Mjg3LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5NDUxMSJ9LHsiY2FtcGFpZ25faWQiOjk5ODQ3NCwicmVzcG9uc2VfdGltZSI6MTU4LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNDM6cmdfNzI4eDkwX2JvdHRvbSJ9LHsiY2FtcGFpZ25faWQiOjg3Mzk4MSwicmVzcG9uc2VfdGltZSI6NTcsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI0MTQwOTI3In0seyJjYW1wYWlnbl9pZCI6ODc0Njk4LCJyZXNwb25zZV90aW1lIjoxNTEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5NDQzNzMifSx7ImNhbXBhaWduX2lkIjoxNDIxNDQzLCJyZXNwb25zZV90aW1lIjo5MiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI4NzgifSx7ImNhbXBhaWduX2lkIjoxMzUyMTMzLCJyZXNwb25zZV90aW1lIjo1NiwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjlkT3hkdGRpR2puZjRNYzZZVmJSIn0seyJjYW1wYWlnbl9pZCI6MTU5NzM0NiwicmVzcG9uc2VfdGltZSI6MTUyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjEyOGRjZDBlYTBlNWQ0MmMwMWFkMjc1In1d&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C93%3B426972%2C0%2C60%3B460723%2C0%2C23%3B452125%2C0%2C85%3B462337%2C0%2C8%3B457739%2C0%2C2%3B457473%2C0%2C55%3B458000%2C0%2C2%3B451373%2C0%2C89%3B204299%2C0%2C69&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%5D%2C%22testId%22%3A%22426972%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22460723%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22SMART_BANNER_VERSION%22%3A%5B%7B%22value%22%3A%22smart-banner-adaptive_v1%22%2C%22testId%22%3A%22462337%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457473%22%7D%5D%2C%22ENABLE_SSR_ADFOX_WIDGET%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22458000%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=J2bEewD6gG3N47ovGff%2FLOeQTBpAvcvhy2hAP2hZVaKZP443GFqkmD2QBh%2FDhrWrvpeIcRZx257t9Q4F9Eevcs0PzeM%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
83b2b158fa89813684db61d69e10f3bb2117971e63c62de5552c7c1f28f29b97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925535645617-877652687005150132600284-production-app-host-vla-pcode-218
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:55 GMT
khaos.jpg
token.rubiconproject.com/ Frame A245 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
widget.js
an.yandex.ru/system/ 		177 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/widget.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5cebda09c6832715388731cae40700c991107865e9999aa82014ff68bd1dc9d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
2001201539
x-yandex-req-id
1637925535752723-48948760969917937500273-production-app-host-vla-pcode-24
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 26 Nov 2021 12:18:55 GMT
v2
an.yandex.ru/adfox/5906/getBulk/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?dl=%2Fsite%2F&date=2021-11-26T11%3A18%3A55.751%2B00%3A00&pd=26&pdh=1200&pdw=1600&pr1=1722457360&pr=4042162708&prr=&pv=11&pw=5&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&ylv=0.49422&ybv=0.49422&ytt=148434074077205&is-turbo=0&skip-token=yabs.NzIwNTc2MDUzNzc4NjYwNjQKNzIwNTc2MDUyMzg4OTE5MjQKNzIwNTc2MDQ4MDc5NDQ5ODE%3D&ad-session-id=4873901637925533324&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A660%2C%22h%22%3A0%2C%22width%22%3A660%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A430%2C%22top%22%3A1890%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A21%2C%22ad_no%22%3A21%7D&enable-flat-highlight=1&pcode-version=49422&availableWidth=660&availableHeight=0&pp=qcg&ps=cgiu&p2=fjgg&pk=astra&slotNumber=28&bids=W3siY2FtcGFpZ25faWQiOjE3MzQ3MDQsInJlc3BvbnNlX3RpbWUiOjIzMCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjYxNzE1NjU3MzFkNDkzZmQ5NjZkZDMwYyJ9XQ%3D%3D&utf8=%E2%9C%93&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&grab-orig-len=624&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
cf1707f3eece048458b777c3236c0752b54c10e38a73ce20446787043ba7d21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925535786138-1192278554348709927200273-production-app-host-vla-pcode-81
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:55 GMT
469608
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 6FB1 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/469608
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.14/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.14/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7275 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstziIejtHcCvhb_TjaZtwxlgjaQuj7Yu1Mv8y1sgiI8zmZbA6iRIoIV2tthxl0rDWuvNi12IDU128QZXbzlgEzDA6RTFttbQnWUjEpu_OKIR0jSR1iilPicAvU6SyYj-cz6d0K66fhCc8ZqnXqSCqsOwLOUAJa3ENVll7eQy6d84GjkHINIjcQsnqyKHm7dnJtO9a3LKyUBT5hf5wHi6wObbgjmchLtpphdeb1X84yhFsO0CsJaLBxXuZXkOPcSHfriIW-PgEJw3xW13ljWeYXJxTp0P2hnc5SYD_hP9Q&sai=AMfl-YQzsXn0qtg9cum6Xkv6zQyKczp6u-HACBhPppF8h0QKyjSRcpkaH-1v_MKZ9LTn8_9npBZeq9rlB4L6T_BV7nTZI4Tb8Xak0JsyF4jzMWLRWGgcewYLOGcgIOu_-wE&sig=Cg0ArKJSzLXBBOV0jPqaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adfox-adx-stub.js
yastatic.net/pcode/adfox/ Frame 7275 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode/adfox/adfox-adx-stub.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
15032
last-modified
Wed, 17 Mar 2021 06:04:30 GMT
server
nginx/1.17.9
etag
"21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Nov 2021 12:16:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7275 		0
0
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmv&hash=d611b68b490752ba&duid=1637925534998130503&pxo=jDJkFyVIoDS71IcH7d_IurPonE22NTCpgndwdgNT3Jk6FuIb7HJb357u-pFilYDLTuIUtrLZ_WtpoFMTCAP_9nTaiPixu8IhaHYDkS2u1vBuA6wUvD1cLvturqenUcJM6LARs6yu4obOxN6yvNe0IJo_rN44Z1BTOoUCUc_N1N_sw7jinxg%3D&p5=gdhai&rand=hmdpksu&sj=BF_7uRcMtYGqZ_Urz-aYh4NRnZNSmrJOIHMd9NFeczVlcHKFHuCv_NugPWycDw%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvneu&rqs=naq6bQEUh1qdwqBhsAhBn4JJZllHGFJH&rtb-si=b&p2=fjgg&resp-time=1627&creative-id=138252786677&google-width=630&google-height=240
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
setuid
ib.adnxs.com/ Frame 6FB1
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=51eb3150-c48b-524a-b638-ab83d798691e&expires=60
  • https://ib.adnxs.com/setuid?entity=388&code=d9078758-6364-4304-a3ea-ad1856650774
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=388&code=d9078758-6364-4304-a3ea-ad1856650774
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:55 GMT
X-Proxy-Origin
168.119.25.196; 168.119.25.196; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5f7d95c7-449f-487c-a780-bb10b7e159ef
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Location
//ib.adnxs.com/setuid?entity=388&code=d9078758-6364-4304-a3ea-ad1856650774
Date
Fri, 26 Nov 2021 11:18:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
widget.js
yastatic.net/partner-code-bundles/49422/bundles/ 		672 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/49422/bundles/widget.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
76a566ac71fd3b58c5863cbd72d963f47d0ba03611739c62affe8be841c15cae
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
124747
last-modified
Thu, 25 Nov 2021 15:39:43 GMT
server
nginx/1.17.9
etag
"88cd223c7ed216024bad482bf7ede9c8"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2051 17:53:07 GMT
save
ssp.hbrd.io/metrics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/metrics/save?name=banner_not_returned
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.20 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
tdm-id
Origin
https://rg.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
tdm-id
access-control-allow-methods
POST
access-control-allow-origin
https://rg.ru
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
server
Hybrid Web Server
save
ssp.hbrd.io/metrics/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hbrd.io/metrics/save?name=banner_not_returned
Requested by
Host: st.hbrd.io
URL: https://st.hbrd.io/ssp.js?t=1637925534674
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.20 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
tdm-id
e627dd22691f4d2db03431157c705458
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
https://rg.ru
date
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-credentials
true
server
Hybrid Web Server
p3p
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
/
c.lentainform.com/pv/ 		0
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lentainform.com/pv/?pv=5&cbuster=1637925535908650193379&uniqId=09fd3&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&lu=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&sessionId=61a0c2a0-077ee&pageView=1&pvid=17d5bf840a49567f968&site=706556&implVersion=11&dpr=1
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b42b8077f884ed4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD77 		0
0
v2
an.yandex.ru/adfox/5906/getBulk/ 		30 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/5906/getBulk/v2?availableHeight=300&availableWidth=630&bids=W3siY2FtcGFpZ25faWQiOjExOTU3MTAsInJlc3BvbnNlX3RpbWUiOjIwNiwiZXJyb3IiOnsiY29kZSI6MX19LHsiY2FtcGFpZ25faWQiOjg1MTc3MCwicmVzcG9uc2VfdGltZSI6NDAwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ5MTgxNyJ9LHsiY2FtcGFpZ25faWQiOjg3NDY5OCwicmVzcG9uc2VfdGltZSI6MTc1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzM2MDM2In0seyJjYW1wYWlnbl9pZCI6MTQyMTQ0MywicmVzcG9uc2VfdGltZSI6NDgzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjg3OSJ9LHsiY2FtcGFpZ25faWQiOjg3Mzk4MSwicmVzcG9uc2VfdGltZSI6MjA0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjc2OTY5OSJ9LHsiY2FtcGFpZ25faWQiOjEzNTIxMzMsInJlc3BvbnNlX3RpbWUiOjUyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiRTBKaFdVaTNYSTd5THR1NHljQ1kifSx7ImNhbXBhaWduX2lkIjoxNTk3MzQ2LCJyZXNwb25zZV90aW1lIjoyMTgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2MDViZGMyM2QyNzJiOTI0ZTgwODY1YTUifV0%3D&date=2021-11-26T11%3A18%3A53.881%2B00%3A00&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&duid=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&enable-flat-highlight=1&extid_loader=MTYzNzkyNTUzNDk5ODEzMDUwMw%3D%3D&extid_tag_loader=rg.ru&grab=dNCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUg4oCUINCg0L7RgdGB0LjQudGB0LrQsNGPINCz0LDQt9C10YLQsAoxINCn0LjRgdC70L4g0LDRgtCw0Log0L3QsCDQsdC40LfQvdC10YEg0YEg0L_QvtC80L7RidGM0Y4g0L_RgNC-0LPRgNCw0LzQvC3QstGL0LzQvtCz0LDRgtC10LvQtdC5INCy0YvRgNC-0YHQu9C-INCy0YLRgNC-0LUgCjLQmNCy0LDQvSDQp9C10YDQvdC-0YPRgdC-0LIgCjLQn9C-0YHQu9C10LTQvdC40LUg0LfQsNC_0LjRgdC4INCw0LLRgtC-0YDQsCAKMtCT0LvQsNCy0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAKMtCc0LDRgtC10YDQuNCw0LvRiyDRgNGD0LHRgNC40LrQuCAKM9CQ0LLRgtC-0YAg0LzQsNGC0LXRgNC40LDQu9CwIAo%3D&grab-orig-len=624&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A630%2C%22h%22%3A300%2C%22width%22%3A630%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A445%2C%22top%22%3A2642%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A17%2C%22ad_no%22%3A6%7D&p2=fjgg&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22460813%22%2C%22testId%22%3A%22462571%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22SMART_BANNER_PALETTE%22%3A%5B%7B%22value%22%3A%5B%22salePrice%22%2C%22discount%22%5D%2C%22testId%22%3A%22426975%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22460722%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22SMART_BANNER_DISABLE_BOTTOM_PADDING%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22457739%22%7D%5D%2C%22WIDGET_LOAD_VAS_MODULE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457474%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451373%22%7D%5D%7D&pcode-icookie=dLcWQnxJI%2FvW592klqdcAMjfMZBo5l19v9a4Uj0ahVuBb4ClOgBHtwkjrXKIQTxhPEmDudBAt0JiZhqey1TTTudpvPg%3D&pcode-test-ids=462893%2C0%2C90%3B426975%2C0%2C59%3B460722%2C0%2C33%3B452125%2C0%2C10%3B458743%2C0%2C37%3B462727%2C0%2C18%3B457739%2C0%2C27%3B457474%2C0%2C7%3B406668%2C0%2C32%3B451373%2C0%2C33&pcode-version=49422&pd=26&pdh=1200&pdw=1600&pp=ijk&pr=4042162708&pr1=4067009599&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&prr=&ps=cgiu&pv=11&pw=5&raw-smart-content=1&route=ssr&screenType=tablet%20tabletLandscape%20desktop%20desktopFull&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&services=%5Bobject%20Object%5D&skip-token=&slotNumber=6&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&ssr-request=true&tga-with-creatives=1&use-server-side-rendering=1&utf8=%E2%9C%93&ybv=0.49422&ylv=0.49422&ytt=148434074208277&lvlfrom=20&rqs=naq6bQEUh1qdwqBhsAhBn4JJZllHGFJH&rtb-si=1&dmv=2&csl=&ad-session-id=4873901637925533324&rtb-answer-hash=9717110598952839413&usgn=AVHlNhGxc8mq_6kxp3JKixFd0phDuv9hE0hLcmwfto9o&resp-time=1772
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f2e506de19b8f52d1951499528dd412a4edd7ec5eaefa47adf32383745225abe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:56 GMT
ssr
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1637925535968608-1350429222791091722400288-production-app-host-vla-pcode-20
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:56 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmt&hash=8497699aa2fd7673&duid=1637925534998130503&pxo=jDJkFyVIoDS71IcH7d_IurPonE22NTCpgndwdgNT3Jk6FuIb7HJb357u-pFilYDLTuIUtrLZ_WtpoFMTCAP_9nTaiPixu8IhaHYDkS2u1vBuA6wUvD1cLvturqenUcJM6LARs6yu4obOxN6yvNe0IJo_rN44Z1BTOoUCUc_N1N_sw7jinxg%3D&p5=gdhai&rand=etgqpjx&sj=BF_7uRcMtYGqZ_Urz-aYh4NRnZNSmrJOIHMd9NFeczVlcHKFHuCv_NugPWycDw%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvneu&rqs=naq6bQEUh1qdwqBhsAhBn4JJZllHGFJH&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:55 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
/
onetag-sys.com/usync/ Frame 77C8 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=51eb3150-c48b-524a-b638-ab83d798691e&CACHEBUSTER=469608
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
vn_init.js
static.videonow.ru/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.videonow.ru/vn_init.js?profileId=3416566
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.64 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a596f3735bb5938974172d6f7160f36fa1c6ea9f5ce04cbc014e2eacd690307a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
last-modified
Thu, 25 Nov 2021 13:48:45 GMT
server
nginx
etag
W/"619f943d-57f1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-credentials
true
expires
Fri, 26 Nov 2021 12:18:56 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cyz&hash=cc1e049c2982e61b&duid=1637925534998130503&p5=igici&rand=dbnmfin&sj=tyinAnE6hXwupeZ1scqqA73tDLStY4Huyfknz8KedsJf1Rs66bdq4dIvvdagog%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatz&ytt=148434074077205&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2F&pr=ncflyqm&p1=cdbux&rqs=naq6bQEUh1qfwqBhdsU3lETiFnliyNBZ&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:56 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame 043C 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 11:19:01 GMT
server
nginx/1.17.9
etag
W/"82bdc8db563d3e71c35534315f8a9fd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Sun, 28 Nov 2021 23:16:35 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
b8f827f3e949a724
logo_lenta.svg
cdn.lentainform.com/images/lentainform/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.lentainform.com/images/lentainform/logo_lenta.svg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535ab2f2779b29b6ed18af6aa8fb3ecd2e387bdef80583a2dc8ff6caa31f75a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
br
cf-cache-status
HIT
age
4511
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
P5X8B9DKCFZF98M7
x-amz-id-2
ICmW/ulZ63SSRfK2O0BAHS4Y+uMR+mnYTGLXfHW2U6FS/G/uFB11JMVf2AZqd3TQw4gwCBD3mVo=
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
etag
W/"7a861a7f846282a54fc99809519c1cac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6b42b80838f14ed4-FRA
expires
Fri, 26 Nov 2021 15:18:56 GMT
truncated
/ 		126 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebaaa00d7a0d03e309230bc91cf4b9e6994130b9170786840315da05a04aac94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
x80
avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/x80
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
34002f44f45d46f3207505bf46d2af3cf7fe1041fcdd801b65a2fb946c4a1bf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
last-modified
Wed, 11 Aug 2021 14:15:16 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2686
x-request-id
3bd2e22abcbd047d
x80
avatars.mds.yandex.net/get-direct/2771799/m412Aa0w4xTfK8LFOHFd7g/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/2771799/m412Aa0w4xTfK8LFOHFd7g/x80
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
d40a0ab8108e895639accd4a0064bdfd281e307283b65ca7501bb1ae133b1c20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
last-modified
Wed, 18 Dec 2019 15:12:56 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1506
x-request-id
aea4b67a94ae285d
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 14:03:04 GMT
x-content-type-options
nosniff
age
249352
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 14:03:04 GMT
y300
avatars.mds.yandex.net/get-direct/2771799/m412Aa0w4xTfK8LFOHFd7g/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/2771799/m412Aa0w4xTfK8LFOHFd7g/y300
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
c6e545e24635f74a7360f9fa4e05d273273141d0f83b2c2bb46005e0973555c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
last-modified
Wed, 18 Dec 2019 15:12:56 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
15574
x-request-id
eedaa7943e88fcf0
jstracer
an.yandex.ru/ 		2 B
31 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer?pcode_native=49422&values=block_render&adb=false&verison=49422&bundle_version=49422&widget_pf=loader
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
jstracer
an.yandex.ru/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer?pcode_native=49422&values=block_render&adb=false&verison=49422&bundle_version=49422&widget_pf=loader
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmp&hash=9bcd1ab3fc5b481a&duid=1637925534998130503&pxo=kO98sH640Hgx4FoonymLCb1SbRB4TmlLnRiFsDTYOxJMu1ApgMxVSy_isHld81yUqVb7YODHgOefet4UMd_oN6AqM7MI4NH4WdpS-bH-PI83KbV1Jh6XIx9p3IE0tzCyFM5FotkDNRhOgbKZvvAmDNZa7JSGBrU-r3_av4RjS0s4TDH3cb4%3D&p5=gdhai&rand=kzjleih&sj=PGlHicFegmNnF2s3BYXtipb2uaIORhJEHO4xCT2U1o5vTwF2Y-V9HpEV4IP5wg%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bzqke&rqs=naq6bQEUh1qdwqBhZ9aZp-WwMZSeUZYh&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:56 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmp&hash=ec068964c6c662b6&duid=1637925534998130503&pxo=otIgIHxW4O8cmGs-7coFmUeWBWYxAonhL2umvJuxXQ25ULvxGU7LXVIeKLKLQpcpiAoW-s1Fp18hrtiYTcZv8zdoTzM01_dM6ZbuJr5y-T8wz67EeqRgMBTIE5UbfpFu0RT9Hp61KATCBRUAX6mfbSzZspmx9WzNBRQzit61bnZXX-7nPWk%3D&p5=gdhai&rand=msqppkt&sj=3JlQdRK5XdbzYbki6a6FV_OQYyUG61a3YQbtG9xz_mE8b_GAnsjw5TBXQX1apQ%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvobk&rqs=naq6bQEUh1qdwqBhEt8M-kfzYR8woBv6&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:56 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
1
servicer.lentainform.com/1140036/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.lentainform.com/1140036/1?pv=5&cbuster=1637925536191222303740&uniqId=09fd3&niet=4g&nisd=false&jsv=es6&w=695&h=303&cols=10&ref=&cxurl=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&lu=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&sessionId=61a0c2a0-077ee&pageView=1&pvid=17d5bf840a49567f968&implVersion=11&dpr=1
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fa319730855f1500551c683a8671077e496d97923d774e1da5ac667a5df20b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6b42b8094ae74ed4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
watch.js
mc.yandex.ru/metrika/ Frame 043C 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
2d8618e3d2de4948e82bbce7cd6e1cefb6d720a09adb2cae9ea3886785493a0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
br
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-b7ad"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47021
expires
Fri, 26 Nov 2021 12:18:56 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame 043C 		403 B
696 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Frg.ru%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
08edc7a32a9e17242ec96ef415c3244726be3f5259ed9576e2da3ccfa6a67e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
51eb3150-c48b-524a-b638-ab83d798691e
an.yandex.ru/mapuid/betweendigitalis/ Frame 6FB1
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F51eb3150-c48b-524a-b638-ab83d798691e
  • https://an.yandex.ru/mapuid/betweendigitalis/51eb3150-c48b-524a-b638-ab83d798691e
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/51eb3150-c48b-524a-b638-ab83d798691e
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:56 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:56 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/51eb3150-c48b-524a-b638-ab83d798691e
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A1B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=1182795364955596&bg=!R0SlRADNAAZQLpa_UC47ACkAdvg8WmAGbLfFoasGTb7LKLJX2LlvVAus0YXpQoY9o0Z_WCJlkxplxAIAAAFBUgAAAHFoAQcKAMntWgqOCxMgBbPu3DP90mMCoslmu9bXJIHDcVy4ploGzfXxpvIxLOy8obRRzprI2DdE7PNgecHxD4DHr3-a1-vEWK_sLghyCEo2Il01Vb8EfFvRh4c7JCiWysDzTDCThuxu58EIwU6JNsjAbs6T8HPJFPxOoH1nn9rCALBxadnHAhffB91teGDhvmbXZstlNyhEv_HAT6U6w-Qd96YN4muxmT-yEkX1NJVg9LK-0sCoE0gymkxlC50BnAC5QpK5Ax6kxUUfHBKucTWZAnnvnaVrLMXwNUAKF9ZeOHbLdx3T4v1MUG0Fed0fPNvpCl43mVvdMlahIdZ9PHt2AqNOwmAruwrg5RAt-j1XJdPuFvuoDpy2TEKkriXDJ-CHYNFjp_RqUZz_RAEbksotubl0XVlVtAa1_T-tQMo7f_XzmZlwfDko-KQH6PorkhcG779WGyiCd-G5XOlds53bV4EShXq-_-dDs4D6Onkr-dYumKxa2gGNXTpX0MCaA0vhp2GxKfBsygDOwBaxt2XfkixKndQ-JIY5qqb0Ih6M9QHV50P2l4p3CZjrN7poSpqTVEqJOCSjHQaK8iluej8NCBkEQUFKOSqKHMPNWZhZEd8ojSWRuC7dx-cqGc19uHhOKvEKBk9b2nCJSBYn30Jpe65EDF67pi0KaS-SQPg_i7hdAYwteF8Mm52guENmRGdonjQMmLkvP8325jMzp54PFnZ15AqHtjZJ5OE2zcF38KVmI4rOeMs6WxsaOqxExzXHVoKGRDfaey9NTMKHkFteoCXkmhWUko_EPBbeJ5bvqZp1WTcVn3tyr-iOZXK9Jde-tgCHmDeTLb32Sq9ZgZGOkji2RlmURQ00Kr5KxjqSxS-bt50AezdnfOIJoRFeB3kA0cLmJyUxB9jrdegVUcQOWdUUvpFVhOTGczQXWkaW0fTUT8zszFINOphQSd6c-CtwfaCjtM4Gkugp_ArUhtd1Z3heDIexNTZUkt9A0vB4-II0GYVTFwZDlNOZbKkEVV95L4Jlx1pUDeVg7rPZgumfxq-N2QdwbZD5Rg-UQs04hUXLh2HRS-DHZ5dCjESqbbwNgw04Rbs4CMozZ4QLyRhtLnq3epWSOOO5xS4
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1106 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=426023039423202&bg=!w8ClwITNAAZQLpa_UC47ACkAdvg8Wi8-UMjbpxkQ-LHMvDvcsvmCh9cMwNnXEXgz89QBKlYuSYZGdQIAAAIaUgAAAERoAQcKAA5WmkRkl6txJ-Odkp4OaJkCf5WtOamCzgtF6qbPtNiaVcVweXszLJi5E3108TgNbzrT6DbS16pG-V4qC9Zeb6fzK3xEgNPy6XGTPanGeQemnE9w_tA_w3fd7F7Oa5NcIYqvfFWZb0gP40t72ABXMVjWCUvY_d4WE5BYQt2p0M9ROFAuQ4MGduaf2JwIa56ymNciHxPGd7PJ4SfQSYmC6Y5Ys1Mq1Qns0WLBQbrly0QGlpPnp7U2r9eZr8UkK993Dov4AF_cRncxiYsIwHChDFnNDOi1yFy9tQRae3VsUshz_cBMj-wSp4TMecrLQ1rHfjneVK_eJU2r1059ZkYvKN5XmShLwd8eG4xalq7nAnm9yKRI7NWplRirc24l8KuQgu-gCtyJvMyyKTpWK6llyvYUuf5DlUg-OiEZcC9Yhv5NX1HXtoeoTIcxkhlznsD8bp_tLZc5pJUmUkq3tL_Dx8IWcLwu_AGang2Exg1Hn8g37sMjC-6Z74BZoStlBKBEzBpdHhrwRApqIA4fQn63nfhPv5nuZUBFcNVwycO27Bh3fnE7a0Cf18al2hBkVX04WIlETYGijSpUnfe5GZSlpluEj31xewJWXouWsjjPZ3UAvx_Ii4i4nLiwQGItIQdkbseX-Q1mhauXN5zzUyvXzeZEyGrFGfehBmjEmUkWBXVaQy13exTVdFjU1DpjUqdRWTcTTj7jF5yS9vD9OmXk3Vjvh6FIgvzJG74gesfD_vsd1_YLtojyuDdxEMJHqb5Ldrum8Hk16dqi4MuvOfkFdxGIEsntdFlB8oL13wsIDYRhtTvN6KU514Wyhv9U8VI9_RwOAW7s3gvIeYNjRnmtgutbtoGaLA7HNuz3AfA-VVFxnQ
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
init.videonow.ru/ 		397 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://init.videonow.ru/?init&profileId=3416566
Requested by
Host: static.videonow.ru
URL: https://static.videonow.ru/vn_init.js?profileId=3416566
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.64 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx / PHP/7.2.34
Resource Hash
3354d9603e22e854f31cc741761b1dd62f438cd929dbcb6beecb945707d0b738

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.34
vary
Origin
content-type
application/json
access-control-allow-origin
https://rg.ru
cache-control
max-age=600
access-control-allow-credentials
true
expires
Fri, 26 Nov 2021 11:28:56 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5LzhiOTNlOWE1MGE1MWQ0YTczN2Y5NzhkYjE2ZTE2NDJiLnBuZw.webp
s-img.lentainform.com/n/9810330/328x328/277x20x354x354/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9810330/328x328/277x20x354x354/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5LzhiOTNlOWE1MGE1MWQ0YTczN2Y5NzhkYjE2ZTE2NDJiLnBuZw.webp?v=1637925536-js99Vs-t2a-7fdPGVMy69LUAWNPHJ40AOHRWOb8EDIg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf2aa4a1a9fd5074e72f2d6fd4a17cd4cb3443b131e1e8d2a02aab82f653fc18

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
14c18696-8d81-4abb-92c3-f3e971afe607
age
85993
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8816
last-modified
Thu, 25 Nov 2021 11:21:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b42b80a39406961-FRA
expires
Fri, 26 Nov 2021 11:22:33 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2I4OTY0M2RlNGUxZWY2NGYzZDU0M2IxZTg0ZjU2NTQ1LmpwZWc.webp
s-img.lentainform.com/n/9799198/328x328/223x0x867x867/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9799198/328x328/223x0x867x867/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2I4OTY0M2RlNGUxZWY2NGYzZDU0M2IxZTg0ZjU2NTQ1LmpwZWc.webp?v=1637925536-j0KRnW0f04KAoDiX48F61lI19H_vPvQdzrbft727a70
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b002d04f00960844720d16d6eac8882f6846e7965a88dfac29ce577b76e6b2

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
de644014-be28-4e21-8f6e-cea21748ac5a
age
9755
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17070
last-modified
Mon, 22 Nov 2021 08:31:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b42b80a39436961-FRA
expires
Sat, 27 Nov 2021 08:35:46 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5LzQzNzBjYWZlYWNhZjJiMjk0ZDZmNmNiOTlhY2RiMmVjLmpwZWc.webp
s-img.lentainform.com/n/9806634/328x328/346x0x906x906/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9806634/328x328/346x0x906x906/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5LzQzNzBjYWZlYWNhZjJiMjk0ZDZmNmNiOTlhY2RiMmVjLmpwZWc.webp?v=1637925536-3E-skulLICrcjTUcHVvM2xixFss9LFISXJfX9rFx4kY
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b032cb242ab03326172619f89ee59cc244e6a569f98e7fb23989914bc7d6ab61

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
899eb5ae-5b74-4227-83ac-3b3c2431379e
age
4014
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15218
last-modified
Wed, 24 Nov 2021 10:11:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b42b80a39446961-FRA
expires
Sat, 27 Nov 2021 10:12:00 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDcvNDI0MDM5LzQ0ZjY0NTdiNWJiZDg5N2YyNmM2OTZhNzY0NmFkNzRiLnBuZw.webp
s-img.lentainform.com/n/9469185/328x328/180x0x376x376/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9469185/328x328/180x0x376x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDcvNDI0MDM5LzQ0ZjY0NTdiNWJiZDg5N2YyNmM2OTZhNzY0NmFkNzRiLnBuZw.webp?v=1637925536-XZTIdVhoLniok1--bOexyRMVNVbxGxpmpm858h-k7t4
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4582d73eab54c3a2b381816269a97555a81ce959a7db863417c0f7fd368aa9e2

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
78605b16-fd68-4be5-a39d-0e79f6d07e5b
age
70955
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13700
last-modified
Fri, 12 Nov 2021 08:26:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b42b80a39466961-FRA
expires
Thu, 25 Nov 2021 19:11:38 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2VhNjZiNTU4ODJmYTczZmFlYmJkYTQ2MjVkNzBlYzMwLmpwZWc.webp
s-img.lentainform.com/n/9769282/328x328/319x0x1037x1037/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9769282/328x328/319x0x1037x1037/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2VhNjZiNTU4ODJmYTczZmFlYmJkYTQ2MjVkNzBlYzMwLmpwZWc.webp?v=1637925536-1VjP7zN9RMmHIHD0xmOeFcj0L5HeGiE6QtZVnyY6Kgs
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b88d69cea6a9ea72d89fb6949974a83b3146270b680c1e3dd3edb1db5528a9a

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
fef73f20-13ea-4c1c-a0ad-924d2c2d40f9
age
49348
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7110
last-modified
Thu, 11 Nov 2021 17:04:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b42b80a394a6961-FRA
expires
Fri, 26 Nov 2021 20:30:25 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTQ3Ni9mZjdkMzgyYzZiYmVkNzExMWY5ZTk5MDcwM2Y3N2JiYy5qcGVn.webp
s-img.lentainform.com/n/9777540/328x328/181x0x465x465/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9777540/328x328/181x0x465x465/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTQ3Ni9mZjdkMzgyYzZiYmVkNzExMWY5ZTk5MDcwM2Y3N2JiYy5qcGVn.webp?v=1637925536-BCVne382Jw_2sashBbjGYzaMf1mlZd7d_ZkDken4ol8
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a2917cbb545ad1ea3e1c83b4bb8a09c185ffd095e4f713beb93a14e0fef1810

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
53f0399b-f180-42eb-90d3-b8791c63e420
age
32171
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17392
last-modified
Mon, 15 Nov 2021 09:25:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b42b80a394b6961-FRA
expires
Sat, 27 Nov 2021 02:22:45 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzYwODI1MC83Y2FhZDliMmQ0YWI1MzFiMjk2ODA0YWViMjViMWYxMi5qcGVn.webp
s-img.lentainform.com/n/9679004/328x328/285x0x630x630/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9679004/328x328/285x0x630x630/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzYwODI1MC83Y2FhZDliMmQ0YWI1MzFiMjk2ODA0YWViMjViMWYxMi5qcGVn.webp?v=1637925536-Fl1Jznzul4cKl7_76pJAVOSEBBmB-DZ7OW8tS--C7qE
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5059ac549f0b3e1c8c8b1745f413937dc3b3c5ff94304046befbb3543424c18b

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
6927aaa2-9288-4dad-abb4-d39f80ff3027
age
39438
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14430
last-modified
Mon, 15 Nov 2021 09:24:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b42b80a59a16961-FRA
expires
Fri, 26 Nov 2021 18:01:56 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MzMzLzNiOWIwZjgxYzk5MWIzZmY3ZWE3ZGU1NDgyNmEzMTEyLmpwZw.webp
s-img.lentainform.com/n/9813555/328x328/61x0x329x329/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9813555/328x328/61x0x329x329/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MzMzLzNiOWIwZjgxYzk5MWIzZmY3ZWE3ZGU1NDgyNmEzMTEyLmpwZw.webp?v=1637925536-zevSM7oIQBdQ5zipHJKOC0F0JZfNljcnkmv20MOa48I
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b649209d9890323540dc0490ee4bb42daa34b97993a383bade3e15ee66dd578

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
d36ff956-a0bc-45ac-a38b-fe8b38d35f60
age
187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13730
last-modified
Fri, 26 Nov 2021 11:11:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b42b80a59a36961-FRA
expires
Sat, 27 Nov 2021 11:15:39 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI3ODIyL2RmMjBkZjg3M2I1NGYxMjdhNjQ4NGMxMDlkYmZlOWRlLmpwZWc.webp
s-img.lentainform.com/n/9813561/328x328/121x0x486x486/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9813561/328x328/121x0x486x486/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI3ODIyL2RmMjBkZjg3M2I1NGYxMjdhNjQ4NGMxMDlkYmZlOWRlLmpwZWc.webp?v=1637925536-A9kTIXy_nADA4vmVCmt3inQo6ADUpHrVubwNffOaUgo
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
967c2ff57ff52f7a41abbfd8450c4f153383c43125489d95982e1c90144233d8

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
1a148117-9044-461d-a839-33788313cbe7
age
191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11772
last-modified
Fri, 26 Nov 2021 11:11:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b42b80a59a56961-FRA
expires
Sat, 27 Nov 2021 11:15:41 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNjA4OS81YTI1YWVhY2M0ZDU5MmRiMjJlNzFlYjc0ODAxZWU3ZS5qcGVn.webp
s-img.lentainform.com/n/9744041/328x328/285x0x630x630/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.lentainform.com/n/9744041/328x328/285x0x630x630/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNjA4OS81YTI1YWVhY2M0ZDU5MmRiMjJlNzFlYjc0ODAxZWU3ZS5qcGVn.webp?v=1637925536-ddM3SBBP1AnS-16WRJVwdvIJ6G9RYaTuUt9yUZ6W5WE
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d276a15e3ce37edd1e9fd367aeddd27ce6e323fbfbc9157fa35f956e31712e66

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
HIT
x-mg-request-uuid
c973f334-f897-4e58-8aef-921dc6bfc779
age
19244
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16632
last-modified
Mon, 15 Nov 2021 10:33:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6b42b80a59a66961-FRA
expires
Sat, 27 Nov 2021 05:58:12 GMT
jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v12/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea7c08207bf016c414051b132152afb005bfd6cd3382b95987fb70ee6a96e2db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rg.ru/
Origin
https://rg.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:38:59 GMT
x-content-type-options
nosniff
age
596397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29880
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 19 Nov 2022 13:38:59 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=cza&hash=31b9ac50a3f91b39&duid=1637925534998130503&p5=jznmh&rand=jjnsgdc&sj=Vp0ZvKvWB2JhY0t1fo-tF1q3Qjr2MqeQANbacg66I3lJGa1CwybUWPdmt_ffqQ%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhaty&ytt=148434074077205&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2F&pr=ncflyqm&p1=chfib&rqs=naq6bQEUh1qewqBhFfyJZf3zvTO4NAiU&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:56 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
sync
t.adx.opera.com/ Frame 6FB1 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=51eb3150-c48b-524a-b638-ab83d798691e
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 043C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14378
x-xss-protection
0
server
cafe
etag
684346926396516684
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 26 Nov 2021 11:18:56 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame 043C
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oMKgYZeRGNSF-gbbg5yoDg...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146646987&crd=&is_vtc=1&random=3615542630
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146646987&crd=&is_vtc=1&random=3615542630&ipr=y
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146646987&crd=&is_vtc=1&random=3615542630&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2146646987&crd=&is_vtc=1&random=3615542630&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame 043C
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oMKgYZyRGMfx-gblqqGwBQ...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1801492335&crd=&is_vtc=1&random=2161070049
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1801492335&crd=&is_vtc=1&random=2161070049&ipr=y
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1801492335&crd=&is_vtc=1&random=2161070049&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1801492335&crd=&is_vtc=1&random=2161070049&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
mc.yandex.com/watch/ Frame 043C 		167 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Frg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A9ezyymqkmizds872r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A103914429470%3Ahid%3A892343034%3Az%3A0%3Ai%3A20211126111856%3Aet%3A1637925536%3Ac%3A1%3Arn%3A1018411931%3Arqn%3A1%3Au%3A163792553681598491%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1637925534038%3Ads%3A0%2C0%2C33%2C1%2C0%2C0%2C%2C517%2C0%2C614%2C614%2C0%2C614%3Adsn%3A0%2C0%2C33%2C0%2C1%2C0%2C%2C578%2C0%2C615%2C615%2C0%2C615%3Aco%3A0%3Ast%3A1637925536&t=gdpr()ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
dc45727e3734439af1a0e348df7058649a85c393ddadf68e780fe5545efb8dc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Nov-2021 11:18:56 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:18:56 GMT
advert.gif
mc.yandex.com/metrika/ Frame 043C 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 26 Nov 2021 12:18:56 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 043C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1637925536427&cv=9&fst=1637925536427&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cbbd799e97db5ff3e33e5037086b53584488f1523102ade4cec99405b781299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1107
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 043C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1637925536431&cv=9&fst=1637925536431&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b91278b29f591c1fbbdd05d28ae1542be8a548111d683e843316456870ba9a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1109
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 043C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1637925536440&cv=9&fst=1637925536440&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86814dd71cbba617d575386846f5db56ac8bec74e1c6c01e61b4bf48cadbfd9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1107
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 043C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1637925536442&cv=9&fst=1637925536442&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b44cfda44260b2be77b8a68a226ff91e5989c710133c4b4045e5d3d96ffa157d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1109
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
37412095
mc.yandex.com/watch/ Frame 043C 		350 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Frg.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A9ezyymqkmizds872r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A903105851765%3Ahid%3A892343034%3Az%3A0%3Ai%3A20211126111856%3Aet%3A1637925536%3Ac%3A1%3Arn%3A822545816%3Arqn%3A1%3Au%3A163792553681598491%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1637925534038%3Ads%3A0%2C0%2C33%2C1%2C0%2C0%2C%2C517%2C0%2C614%2C614%2C0%2C614%3Adsn%3A0%2C0%2C33%2C0%2C1%2C0%2C%2C578%2C0%2C615%2C615%2C0%2C615%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925536%3At%3A&t=gdpr(6)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
99a2b930bf9451b9aa9a8de358d3e117fbd29067c8713c30108b56f8eb33fad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
last-modified
Fri, 26-Nov-2021 11:18:56 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:18:56 GMT
i.js
cm.lentainform.com/ 		127 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.lentainform.com/i.js?&cbuster=1637925536465490699396
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
532652fd00ffb86f5b251922a581a8799e6fe07dc5c75a5f5ab8e5e22165a2e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b42b80b0f694ed4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
www.google.com/pagead/1p-user-list/947884341/ Frame 043C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1637925536427&cv=9&fst=1637924400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=599218000&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame 043C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1637925536427&cv=9&fst=1637924400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=599218000&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame 043C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1637925536442&cv=9&fst=1637924400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=815057421&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame 043C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1637925536442&cv=9&fst=1637924400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=815057421&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame 043C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1637925536440&cv=9&fst=1637924400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=1805253221&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame 043C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1637925536440&cv=9&fst=1637924400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=1805253221&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i-noref.js
cm.lentainform.com/ Frame 30E8 		19 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.lentainform.com/i-noref.js?cbuster=1637925536481855250735
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6b42b80b0f6d4ed4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
cm.mgid.com/setmuidn/ 		0
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/setmuidn/?muidf=laqTcQ_BNvi3&t=20211126111856
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6b42b80baa6e4dc4-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vn_module.js
cdn.videonow.ru/v2/96b5a2b/ 		425 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.videonow.ru/v2/96b5a2b/vn_module.js
Requested by
Host: static.videonow.ru
URL: https://static.videonow.ru/vn_init.js?profileId=3416566
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.64 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ce799d7bc760fc9e754dc9fc5c389aa86e2cdaf1a2a92018783df01ddcd86830

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 09:57:07 GMT
server
nginx
etag
W/"61962373-6a322"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, public
access-control-allow-credentials
true
expires
Fri, 26 Nov 2021 16:57:24 GMT
counter.php
autocounter.lentainform.com/autocreative/ 		0
51 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://autocounter.lentainform.com/autocreative/counter.php?id=706556&pid=64365&referer=&cxurl=https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&undefinedh2=L_VeimGmIyuuyKT7tZS8nX0xQBr8FfDmaPxWdvugzyc*&cbuster=1637925536557265240419
Requested by
Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/r/g/rg.ru.1140036.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 26 Nov 2021 11:18:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b42b80b787a4ed4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
/
data.videonow.ru/
Redirect Chain
  • https://data.videonow.ru/?profile_id=3416566&format=vast&vpaid=0&multi=1&flash=0&location=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelich...
  • https://data.videonow.ru/?profile_id=3416566&format=vast&vpaid=0&multi=1&flash=0&location=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelich...
59 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.videonow.ru/?profile_id=3416566&format=vast&vpaid=0&multi=1&flash=0&location=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ccheck=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
83.222.115.14 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx / PHP/7.2.34
Resource Hash
0a95821a8d0fb51c8a640688c7d94fcf1c4e9af0f5864eff4a00b0d38b616ffc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:56 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
private, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive

Redirect headers

Date
Fri, 26 Nov 2021 11:18:56 GMT
Server
nginx
Access-Control-Allow-Origin
https://rg.ru
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Content-Type
text/xml; charset=utf-8
Location
https://data.videonow.ru/?profile_id=3416566&format=vast&vpaid=0&multi=1&flash=0&location=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&ccheck=1
Cache-Control
private, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
truncated
/ Frame 9106 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f71fbc0d43debe93f08d27a7ec28e67d32b15e9be734d39a063c530c7b8bea9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 9106 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options
nosniff
age
178137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 24 Nov 2022 09:49:59 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame 043C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1637925536431&cv=9&fst=1637924400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=2749198311&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame 043C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1637925536431&cv=9&fst=1637924400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Frg.ru%2F&async=1&fmt=3&is_vtc=1&random=2749198311&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ssp
sync.videonow.ru/
Redirect Chain
  • https://px.adhigh.net/p/cm/videonow?vn_dsp_id=3&event_id=4d95fad273b60eb2075cd9b82dc2b6d4
  • https://sync.videonow.ru/ssp?dsp=3&uuid=PW9SHFxP88e.AikABlF9W_g3-w
35 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=3&uuid=PW9SHFxP88e.AikABlF9W_g3-w
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
343986
content-length
35

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:56 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f8-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.videonow.ru/ssp?dsp=3&uuid=PW9SHFxP88e.AikABlF9W_g3-w
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ssp
sync.videonow.ru/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5097839&bn=5097839&rnd=3262742701
  • https://sync.videonow.ru/ssp?dsp=4&uuid=AV_jAd0ptmwNq7RiytbfNsQ
35 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=4&uuid=AV_jAd0ptmwNq7RiytbfNsQ
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
343983
content-length
35

Redirect headers

Pragma
no-cache
Date
Fri, 26 Nov 2021 11:18:57 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
//sync.videonow.ru/ssp?dsp=4&uuid=AV_jAd0ptmwNq7RiytbfNsQ
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=115
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:57 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
111
x-xss-protection
1; mode=block
expires
-1
ssp
sync.videonow.ru/
Redirect Chain
  • https://videonow-sync.rutarget.ru/sync?vn_dsp_id=7&event_id=4d95fad273b60eb2075cd9b82dc2b6d4
  • https://sync.videonow.ru/ssp?dsp=7&uuid=IIQKYnSxkT0q
35 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=7&uuid=IIQKYnSxkT0q
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
344361
content-length
35

Redirect headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Server
nginx
Location
https://sync.videonow.ru/ssp?dsp=7&uuid=IIQKYnSxkT0q
Vary
Origin
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin
null
Connection
keep-alive
Content-Length
0
p
19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e-vdn.ops.beeline.ru/ 		35 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e-vdn.ops.beeline.ru/p?ssp=vdn&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
x-route
http://upstream_cookiesync
server
nginx
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.38
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT
counter
top-fwz1.mail.ru/
Redirect Chain
  • https://rtb.com.ru/videonow-sync?uid=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.d...
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg....
  • https://prodmp.ru/li?guid=758B16324ADA6AFA8C8B&uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F%252Fdmg.di...
  • https://an.yandex.ru/mapuid/dmpmediadesk/61a0c29ffa2d935035db4fe8?sign=d2e7f7e1&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61a0c29ffa2d935035db4fe8%26dest%3Dhttps%253A%252F...
  • https://x01.aidata.io/0.gif?pid=6472613&id=61a0c29ffa2d935035db4fe8&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D61a0c29ffa2d935035db4fe8%26i%3D7571482404377090954%26r%...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=61a0c29ffa2d935035db4fe8&i=7571482404377090954&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3...
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=61a0c29ffa2d935035db4fe8&i=7571482404377090954&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f45...
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=njTDkK3rxIw79e57urew&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100...
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESELBUpd4CVIsplacAaHpptPk&ver=1&google_error=&code=224&ts=njTDkK3rxIw79e57urew&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=61a0c29ffa2d935035db4fe8&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D61a0c29ffa2d935035db4fe8%26nc%3D220311379...
  • https://cm.p.altergeo.ru/spnd?aid=61a0c29ffa2d935035db4fe8&nc=2203113793906902846&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D61a0c29ffa2d935035db4fe8%26r%3Dhttps%253A%252F%252Ftop-fwz1.mai...
  • https://cm.p.altergeo.ru/spnd?aid=61a0c29ffa2d935035db4fe8&nc=2203113793906902846&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D61a0c29ffa2d935035db4fe8%26r%3Dhttps%253A%252F%252Ftop-fwz1.mai...
  • https://adx.com.ru/adspend-sync?uid=61a0c29ffa2d935035db4fe8&r=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3138228%3Bpid%3D61a0c29ffa2d935035db4fe8
  • https://top-fwz1.mail.ru/counter?id=3138228;pid=61a0c29ffa2d935035db4fe8
43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?id=3138228;pid=61a0c29ffa2d935035db4fe8
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

location
https://top-fwz1.mail.ru/counter?id=3138228;pid=61a0c29ffa2d935035db4fe8
date
Fri, 26 Nov 2021 11:18:57 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
server
nginx/1.20.1
content-type
text/html; charset=utf-8
content-length
95
p3p
CP="adx.com.ru does not have a P3P policy"
ssp
sync.videonow.ru/
Redirect Chain
  • https://sync.bumlam.com/?src=vn2&uid=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://sync.videonow.ru/ssp?dsp=14&uuid=a394bc24-4eaa-11ec-86e0-002590c0647c
35 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=14&uuid=a394bc24-4eaa-11ec-86e0-002590c0647c
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
343981
content-length
35

Redirect headers

Date
Fri, 26 Nov 2021 11:18:56 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.videonow.ru/ssp?dsp=14&uuid=a394bc24-4eaa-11ec-86e0-002590c0647c
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
ssp
sync.videonow.ru/
Redirect Chain
  • https://dmp.vihub.ru/match?sysid=vn&redir=yes&uid=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://sync.videonow.ru/ssp?dsp=16&uuid=675b0562-05b4-4e42-a186-274d17ccc476
35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=16&uuid=675b0562-05b4-4e42-a186-274d17ccc476
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
343985
content-length
35

Redirect headers

location
https://sync.videonow.ru/ssp?dsp=16&uuid=675b0562-05b4-4e42-a186-274d17ccc476
date
Fri, 26 Nov 2021 11:18:57 GMT
cache-control
no-store, no-cache, must-revalidate
server
fasthttp
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ssp
sync.videonow.ru/
Redirect Chain
  • https://sync.omnidsp.com/match?src=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://sync.videonow.ru/ssp?dsp=23&uuid=bdd27425-5a96-44c3-ba55-8339eafb9748
35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=23&uuid=bdd27425-5a96-44c3-ba55-8339eafb9748
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
343984
content-length
35

Redirect headers

Location
https://sync.videonow.ru/ssp?dsp=23&uuid=bdd27425-5a96-44c3-ba55-8339eafb9748
Date
Fri, 26 Nov 2021 11:18:57 GMT
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
0
matchspm
ut.rktch.com/
Redirect Chain
  • https://ut.rktch.com/matchspm?pi=31&pui=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
  • https://ut.rktch.com/matchspm?pi=1000006&pui=sp2vxU5LpdcS1T4G6mHVBO&noredirect
88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchspm?pi=1000006&pui=sp2vxU5LpdcS1T4G6mHVBO&noredirect
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d50603.reg.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Server
nginx/1.18.0
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Content-Length
88

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:57 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx/1.12.0
location
https://ut.rktch.com/matchspm?pi=1000006&pui=sp2vxU5LpdcS1T4G6mHVBO&noredirect
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
videonow
sync.dmp.otm-r.com/match/ 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/videonow?id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.4.142 Ballenstedt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.4.251.148.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Nov 2021 11:18:56 GMT
server
nginx/1.17.6
0.gif
x01.aidata.io/
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://sm.rtb.mts.ru/match/second?ssp=38&exu=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://tech.rtb.mts.ru/?dsp_uid=71930b56-9fa6-4a5d-8fcb-f42ce0359090&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3...
  • https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D38%26em%3D2%26ssp%3Daidata%26id%3D%24UID
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D38%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51804.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:57 GMT
last-modified
Fri, 26 Nov 2021 11:18:56 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Fri, 26 Nov 2021 11:18:56 GMT

Redirect headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D38%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
ssp
sync.videonow.ru/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=34557&callback_url=https%3A%2F%2Fsync.videonow.ru%2Fssp%3Fdsp%3D30%26uuid%3D%24%7BUSER_ID%7D
  • https://sync.videonow.ru/ssp?dsp=30&uuid=51eb3150-c48b-524a-b638-ab83d798691e
35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=30&uuid=51eb3150-c48b-524a-b638-ab83d798691e
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
343979
content-length
35

Redirect headers

location
https://sync.videonow.ru/ssp?dsp=30&uuid=51eb3150-c48b-524a-b638-ab83d798691e
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
ssp
sync.videonow.ru/
Redirect Chain
  • https://sync.upravel.com/image?source=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&rnd=326274270
  • https://sync.upravel.com/image?source=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&rnd=326274270&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9yZy5ydS8iXX19
  • https://202107fc-2a71-4ff9-a17f-19577684b0da.sync.upravel.com/image?source=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&rnd=326274270&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9yZy5y...
  • https://sync.upravel.com/videonow/sync
  • https://202107fc-2a71-4ff9-a17f-19577684b0da.sync.upravel.com/videonow/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9yZy5ydS8iXX19
  • https://data.videonow.ru/?sync&dsp_id=19&user_id=202107fc-2a71-4ff9-a17f-19577684b0da
  • https://sync.videonow.ru/ssp?dsp=19&uuid=202107fc-2a71-4ff9-a17f-19577684b0da
35 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=19&uuid=202107fc-2a71-4ff9-a17f-19577684b0da
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
344445
x-error
dsp disabled
content-length
35

Redirect headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Server
nginx
Access-Control-Allow-Origin
null
X-Powered-By
PHP/7.2.34
Transfer-Encoding
chunked
Access-Control-Allow-Methods
OPTIONS, GET, POST
Content-Type
text/html; charset=utf-8
Location
https://sync.videonow.ru/ssp?dsp=19&uuid=202107fc-2a71-4ff9-a17f-19577684b0da
Access-Control-Allow-Credentials
true
Connection
keep-alive
ssp
sync.videonow.ru/
Redirect Chain
  • https://relap.io/partners/videonowcs?vn=699
  • https://sync.videonow.ru/ssp?dsp=32&uuid=0zyVboah
35 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=32&uuid=0zyVboah
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
343982
content-length
35

Redirect headers

location
https://sync.videonow.ru/ssp?dsp=32&uuid=0zyVboah
date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
content-length
0
strict-transport-security
max-age=5184000; includeSubdomains;
i
dmg.digitaltarget.ru/awg/custom/7203/i/
Redirect Chain
  • https://mitdmp.whiteboxdigital.ru/pixel?source=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://dmg.digitaltarget.ru/1/7203/i/i?a=840&e=6b8f5f88-690f-4e45-bab9-91837d1a8979
  • https://dmg.digitaltarget.ru/awg/custom/7203/i/i?call_source=awg&a=840&e=6b8f5f88-690f-4e45-bab9-91837d1a8979
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/7203/i/i?call_source=awg&a=840&e=6b8f5f88-690f-4e45-bab9-91837d1a8979
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
7
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/7203/i/i?call_source=awg&a=840&e=6b8f5f88-690f-4e45-bab9-91837d1a8979
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
sync
a.utraff.com/ 		0
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.utraff.com/sync?ssp=videonow&uid=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0F1v%2FL8pOa3lwOTg8fIjZYU1p%2FgHCVzqtr0VEsBVyiL%2FH5kzc%2FiT47XNwmdKiQNHs67jmPja%2F3zSvZsxUvpM9EqgsmP86AFeU6Cu0nJXJf0dSdHsoi0juwo33TnovZc%2BeeHmMMitlXzzA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
6b42b80f7eea16f2-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
matchsem
dsp.e-contenta.com/ 		84 B
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.e-contenta.com/matchsem?ei=813&eui=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
176.99.6.56 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
ops11.ad4tech.net
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:17:51 GMT
server
nginx/1.20.2
etag
-1182037354
content-length
84
strict-transport-security
max-age=31536000
content-type
image/png
ssp
sync.videonow.ru/
Redirect Chain
  • https://d.wi-fi.ru/b/v1/sync?cb=videonow
  • https://d.wi-fi.ru/b/v1/psync?t=u&p=3&cb=videonow
  • https://sync.videonow.ru/ssp?dsp=38&uuid=pbAB_06qEeydvsqG0zuNTg
35 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=38&uuid=pbAB_06qEeydvsqG0zuNTg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
344676
content-length
35

Redirect headers

location
https://sync.videonow.ru/ssp?dsp=38&uuid=pbAB_06qEeydvsqG0zuNTg
date
Fri, 26 Nov 2021 11:18:57 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
X-Requested-With
content-length
0
ssp
sync.videonow.ru/
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=videonow&id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://sync.videonow.ru/ssp?dsp=39&uuid=
35 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.videonow.ru/ssp?dsp=39&uuid=
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs25.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx
x-conn-req
1
vary
Origin
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-conn-id
344647
x-error
http://sync.videonow.ru/ssp?dsp=39&uuid=: empty user dsp
content-length
35

Redirect headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin
Location
https://sync.videonow.ru/ssp?dsp=39&uuid=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
weborama-sync
adx.com.ru/
Redirect Chain
  • https://adx.com.ru/videonow-plazsync?uid=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://adx.com.ru/sync?sspKey=6&sspUserID=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=61a0c2a1d41e0649104f37a6&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61a0c2a1d41e0649104f37a6%2526r%253Dhttps%25253A...
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61a0c2a1d41e0649104f37a6%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61a0c2a1d4...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61a0c2a1d41e0649104f37a6%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61a0c2a1d41e0649104f37a6%2526dest%253Dhttps%25253A%25252F%25252Fsync.videonow.ru%25252Fssp%25253Fdsp%25253D40%252526uuid%25253D61a0c2a1d41e0649104f37a6&webouid=sp2vxU5LpdcS1T4G6mHVBO
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Server
188.34.131.130 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.130.131.34.188.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:57 GMT
via
1.1 google
last-modified
Fri, 26 Nov 2021 11:18:57 GMT
server
nginx/1.12.0
location
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61a0c2a1d41e0649104f37a6%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61a0c2a1d41e0649104f37a6%2526dest%253Dhttps%25253A%25252F%25252Fsync.videonow.ru%25252Fssp%25253Fdsp%25253D40%252526uuid%25253D61a0c2a1d41e0649104f37a6&webouid=sp2vxU5LpdcS1T4G6mHVBO
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
i
dmg.digitaltarget.ru/awg/custom/6323/i/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/6323/i/i?a=622&e=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&i=326274270
  • https://dmg.digitaltarget.ru/awg/custom/6323/i/i?call_source=awg&a=622&e=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&i=326274270
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/6323/i/i?call_source=awg&a=622&e=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&i=326274270
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Server
185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
4
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/6323/i/i?call_source=awg&a=622&e=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&i=326274270
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
an.yandex.ru/mapuid/adfox/ 		43 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adfox/19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e?jsredir=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:57 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:57 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:57 GMT
beeline
sync.dmp.otm-r.com/match/ 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/beeline?r=https%3A%2F%2F%7Bpid_int%7D-otm.ops.beeline.ru%2Fp%3Fssp%3Dotm%26id%3D%7Bpid_int%7D
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.4.142 Ballenstedt, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.4.251.148.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 26 Nov 2021 11:18:56 GMT
server
nginx/1.17.6
/
rtb.videonow.ru/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.videonow.ru/?profile_id=3416566&location=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&link_key=480c2d1604cfb9eaf4ecc5025c66dd54&w=0&h=0&container=
Requested by
Host: cdn.videonow.ru
URL: https://cdn.videonow.ru/v2/96b5a2b/vn_module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.76.131.55 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Server
nginx
X-Conn-Req
7
Vary
Origin
Connection
keep-alive
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Conn-Id
3480904
X-Error
kill tx by timeout
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmn&hash=7c7cea929581e1eb&duid=1637925534998130503&p5=jznmh&rand=cpbjjrl&sj=Vp0ZvKvWB2JhY0t1fo-tF1q3Qjr2MqeQANbacg66I3lJGa1CwybUWPdmt_ffqQ%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhaty&ytt=148434074077205&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2F&pr=ncflyqm&p1=chfib&rqs=naq6bQEUh1qewqBhFfyJZf3zvTO4NAiU&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:57 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:57 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
stats
stats2.videonow.ru/ 		35 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats2.videonow.ru/stats?profile_id=3416566&category_id=0&user_id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&link_key=480c2d1604cfb9eaf4ecc5025c66dd54&predictor=dead&location=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&event=pass&adv_id=6095&seq=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.76.131.37 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs09.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:57 GMT
Server
nginx
Vary
Origin
Access-Control-Allow-Methods
GET, POST, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,Authorization,Origin
Content-Length
35
vn_providers_vpaid.js
cdn.videonow.ru/v2/96b5a2b/ Frame 7ADF 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.videonow.ru/v2/96b5a2b/vn_providers_vpaid.js
Requested by
Host: cdn.videonow.ru
URL: https://cdn.videonow.ru/v2/96b5a2b/vn_module.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.64 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f9797abd3809d6d1acdc3904d2f9de8661aaeba998398a8b3d24c1b42e78962b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 09:57:07 GMT
server
nginx
etag
W/"61962373-1bc07"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, public
access-control-allow-credentials
true
expires
Sat, 27 Nov 2021 09:57:19 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7ADF 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.videonow.ru
URL: https://cdn.videonow.ru/v2/96b5a2b/vn_providers_vpaid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
expires
Fri, 26 Nov 2021 11:18:57 GMT
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame 7C19 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Tue, 23 Nov 2021 05:05:22 GMT
expires
Wed, 23 Nov 2022 05:05:22 GMT
last-modified
Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
281615
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 7ADF 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 11:18:57 GMT
integrator.js
adservice.google.com/adsid/ Frame 7ADF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7F91 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 10:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 26 Nov 2021 11:22:15 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmn&hash=9b23eeb15879b6be&duid=1637925534998130503&pxo=kO98sH640Hgx4FoonymLCb1SbRB4TmlLnRiFsDTYOxJMu1ApgMxVSy_isHld81yUqVb7YODHgOefet4UMd_oN6AqM7MI4NH4WdpS-bH-PI83KbV1Jh6XIx9p3IE0tzCyFM5FotkDNRhOgbKZvvAmDNZa7JSGBrU-r3_av4RjS0s4TDH3cb4%3D&p5=gdhai&rand=jretaqb&sj=PGlHicFegmNnF2s3BYXtipb2uaIORhJEHO4xCT2U1o5vTwF2Y-V9HpEV4IP5wg%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bzqke&rqs=naq6bQEUh1qdwqBhZ9aZp-WwMZSeUZYh&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:57 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:57 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 7C19 		156 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F106064978%2C21770387747%2Fca-video-pub-6038027899573286-tag%2F123450001&description_url=http%3A%2F%2Frg.ru&env=vp&correlator=1462644001610029&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x400%7C640x480&nofb=1&unviewed_position_start=1&vpmute=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&sdkv=h.3.489.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=447634369&sdk_apis=2%2C8&sid=0115DF9A-D134-4327-8E0D-5FA5AFF47477&nel=1&eid=44747319&dt=1637925537784&cookie=ID%3D2acc242e6cb051d6-228c67b202cc008a%3AT%3D1637925534%3AS%3DALNI_MYgWHwJwZcWadZBfcmTyEpGLXCxcw&scor=2945676017764576&ged=ve4_td1_er1863.395.2013.695_vi0.0.1200.1600_vp0_eb16616
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9106 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYNJ9LzYSaTfQu0fJQVhqpsSzF1pdVyGOOKRxxm0LtpRPC9FpyTC-FurNJcTL2fTS8V2pBtD0bk52ad-ZF7Dv6RZ3DN0M9gqp9LwdWjYhJjmbY1Efjhw&sai=AMfl-YQ4xg2QeEiO78ADnCavelVBc0BlMr4ziQOE9pDsqzA0mXY1CUi7RyYNwqTG3-iEBSiivyJc2wS2YKjAa0P1Xiasbl7rFGYDsd1NxyxdtXkc5i-_py3i5pfnkUxB4Kw&sig=Cg0ArKJSzIJsoPJiJmSkEAE&id=lidar2&mcvt=1000&p=166,315,416,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=428226366&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637925535347&rpt=1488&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stats
stats2.videonow.ru/ 		35 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats2.videonow.ru/stats?profile_id=3416566&category_id=0&user_id=19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e&link_key=480c2d1604cfb9eaf4ecc5025c66dd54&predictor=dead&location=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&event=pass&adv_id=6035&seq=1
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.76.131.37 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
vs09.videonow.ru
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Fri, 26 Nov 2021 11:18:58 GMT
Server
nginx
Vary
Origin
Access-Control-Allow-Methods
GET, POST, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://rg.ru
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,Authorization,Origin
Content-Length
35
vn_providers_vpaid.js
cdn.videonow.ru/v2/96b5a2b/ Frame 8425 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.videonow.ru/v2/96b5a2b/vn_providers_vpaid.js
Requested by
Host: cdn.videonow.ru
URL: https://cdn.videonow.ru/v2/96b5a2b/vn_module.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.64 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f9797abd3809d6d1acdc3904d2f9de8661aaeba998398a8b3d24c1b42e78962b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:58 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 09:57:07 GMT
server
nginx
etag
W/"61962373-1bc07"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400, public
access-control-allow-credentials
true
expires
Sat, 27 Nov 2021 09:57:19 GMT
1SE82N-f0U8100000000U9nJdBjgLowZI7kKuPNN7Y_VLKrBj9nxQ44Y0n1umaH2prz_7nGRMyB0aCe85C-yydh1FP1ugIYGLvi095ePGUHKeAm2mqp6gW86C5Z8Q1S1OQraz566i3Q2J7Z02YJsCfvgu6Su2fQvoWWIlil8OCF0y9Tn5XC3mrmcaCXIfWz0SYtJ1...
an.yandex.ru/rtbcount/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/rtbcount/1SE82N-f0U8100000000U9nJdBjgLowZI7kKuPNN7Y_VLKrBj9nxQ44Y0n1umaH2prz_7nGRMyB0aCe85C-yydh1FP1ugIYGLvi095ePGUHKeAm2mqp6gW86C5Z8Q1S1OQraz566i3Q2J7Z02YJsCfvgu6Su2fQvoWWIlil8OCF0y9Tn5XC3mrmcaCXIfWz0SYtJ123dBDD_87ZAz8APWU4Lay2fShTZLrupC8Y7pNLSVv6LuIyJ2yWXp22ZUvaLGSvX1Xanbva9v00WgG1n07FFjtrbsoSlTZx9FBUhgTqX8vpZAbZbNJ3vazd1YH-iSXQBGbvYeLbIe6jeXc5XIdcXKuP5SMHvc7D4QM9gIB6lZtleGXRxgJrWnIjO5alkO64-mC9uWUNulTSJEYSVlIjsamNYwG_s3rbcpGI1c_PlMK0Udi0wTSA4feO7YWjOEK-ofhcpWTNTP9sxBshhpE-QPbzPGPwTm3RtwgktqngE7evQmBPxqyCtNIy-_LdFk98DPjWZDjuiSsUhg4JB2gCaip3pbsmm2t-oCVc_vDtOyDqU01u2dxW0?test-tag=148434408964125&rnd=8629902047035&confirmRatio=1000000&confirmTime=2111000&width=240&height=402&banner-test-tags=eyI3MjA1NzYwNDgwNzk0NDk4MSI6IjQ5MTY4IiwiNzIwNTc2MDUzNzc4NjYwMjIiOiI0OTE2OSJ9&pcode-active-testids=462727%2C0%2C18%3B406668%2C0%2C32
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:58 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:58 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:58 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8425 		368 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.videonow.ru
URL: https://cdn.videonow.ru/v2/96b5a2b/vn_providers_vpaid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125138
x-xss-protection
0
expires
Fri, 26 Nov 2021 11:18:58 GMT
bridge3.489.0_en.html
imasdk.googleapis.com/js/core/ Frame 1719 		580 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194780
date
Tue, 23 Nov 2021 05:05:22 GMT
expires
Wed, 23 Nov 2022 05:05:22 GMT
last-modified
Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
281616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 8425 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Nov 2021 11:18:58 GMT
integrator.js
adservice.google.com/adsid/ Frame 8425 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 26 Nov 2021 11:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BC76 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 10:22:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 26 Nov 2021 11:22:15 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 1719 		156 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F106064978%2C21770387747%2Fca-video-pub-6038027899573286-tag%2F777980111&description_url=http%3A%2F%2Frg.ru&env=vp&correlator=643871465055182&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x400%7C640x480&vpmute=1&nofb=1&unviewed_position_start=1&url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&sdkv=h.3.489.0&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=447634369&sdk_apis=2%2C8&sid=5ECD2AD4-0750-448F-B89A-9C11A40C0127&nel=1&eid=44747319%2C44750823&dt=1637925538599&cookie=ID%3D2acc242e6cb051d6-228c67b202cc008a%3AT%3D1637925534%3AS%3DALNI_MYgWHwJwZcWadZBfcmTyEpGLXCxcw&scor=2350464125602454&ged=ve4_td1_tt0_pd1_la1000_er1863.395.2013.695_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 11:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
WLaejI_zOCa0VGe0T15IxzVF2zdje0K0oG4GW8200J6Tmg1X000003YwqGE80XMv0XtnjduSdcjby0Bkqwwj2_050Q06m0791fsgkcq158TQ1G000Aa7rEkWtkvwbc701xR3Yvm2W0e1Y0g90QWAw0U82ogg2n3ATqR6rEi001TMdK6lqV0B1fWEdPMAl8Y8sgi8g...
an.yandex.ru/count/ 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/count/WLaejI_zOCa0VGe0T15IxzVF2zdje0K0oG4GW8200J6Tmg1X000003YwqGE80XMv0XtnjduSdcjby0Bkqwwj2_050Q06m0791fsgkcq158TQ1G000Aa7rEkWtkvwbc701xR3Yvm2W0e1Y0g90QWAw0U82ogg2n3ATqR6rEi001TMdK6lqV0B1fWEdPMAl8Y8sgi8g0_KrwFAxjsUos6G4FpYyBhChEkVkW7RuOME0U0K0TWLmOhsxAEFlFnZy80MbP2GWe3W8SaMy3-15wWN2PaOq1WX-1Y06R0PdTNgxPQ0nSDQk1d06PtzwggRy_sKDj8P4dbXOdDVSsLoTcLoBt8rEJ0jCkWPy07m6O320u8S3MetGpfQOJbuCc8sLZVf780T_tyH0538U850TjWV2ZP2qJ29RY5acXYUorQQPMxXrmpowQDSgqKgtn8P6y_QEMuAVsmUyZN3C0C0~1=WfaejI_zO2K2VHG0z29A3SxX9GFSrg-WfGg00PVIa8W5Y07ihvN_Tv01ggoBdz20W802c06gh8kVKA01jgce0RQfYvzGk07Yy_2I8jW1mi7ocW7W0PQLhva1w06Q0w02Zlg50O03z-dOtWU80wF-kfu7c0EGzGQm0wy4Y0NqcqcG1UN8JB05tRiJk0NTknF01UVNOCW5iieOq0NOv0VW1L2e1i01k0U01V4708Y7_KA02W712YzgQ8qZiEa_oVWAWBKOsGlKww3UxdgMOUWBz9j9cmQO3SgaEp-W3i24FO0GuTxX7S2ma881q13dZwzVu16_gh84w17wa-Qsh86BjTT6gK0R_h1KE8FJFvWJ0gWJnzxha8cJnTqMu1FTknE85ElSvhNjuVQu3g0KtRiJg1Jbo4om5Ek1CBWKWDCE0j0KtztM7jWKcx7bYWRe58m2q1MRiUMA1jWLmOhsxAEFlFnZe1O1i1Qo0yaM003mFz0Mpf_UlW615vWNbxMqBBWN0i0NjHBG5z260zWNcfiyw1S1cHW0y3-W60Um687QWeq6k1W1-1ZuWVkqzB7_bUq1W1c96MP71W000000a1a1e1d00QWPuugQbWIu6V___m7W6GRe6V01y1c0mWE16l__LnCwE8UXY1h0X3sG6e10k1e3zHe10000c1lAf3lf6x-Bamc0uen1y1kLmivn-1lSwSGdwHm0y3-07Vz_cHq0y3_W7Rx9BgWU0T0UeEBQzQdubu1Vs1xwsXw87_y17m01Sk0Ia1gW5U4myQCCR1ig0pV76Ve5eIYwg6KZ6uXRJ0dGQ_Oc3251u5MumWZuW10JXCK0nanXGrRPUIIzx_Gy0YuFgdCcKSyn25JuvBAnbCuOKM4w4zNCEjWcu000~1?test-tag=148434408964125&rnd=7590485802500&confirmRatio=1000000&confirmTime=2100000&width=240&height=402&wmode=0&banner-test-tags=eyI3MjA1NzYwNDgwNzk0NDk4MSI6IjQ5MTY4In0%3D&pcode-active-testids=462727%2C0%2C18%3B406668%2C0%2C32
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:58 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:58 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:58 GMT
WLaejI_zOCa0VGe0T15IxzVF2zdje0K0oG4GW8200J6Tmg1X000003YwqGE80XMv0XtnjduSdcjby0Bkqwwj2_050Q06m0791fsgkcq158TQ1G000Aa7rEkWtkvwbc701xR3Yvm2W0e1Y0g90QWAw0U82ogg2n3ATqR6rEi001TMdK6lqV0B1fWEdPMAl8Y8sgi8g...
an.yandex.ru/count/ 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/count/WLaejI_zOCa0VGe0T15IxzVF2zdje0K0oG4GW8200J6Tmg1X000003YwqGE80XMv0XtnjduSdcjby0Bkqwwj2_050Q06m0791fsgkcq158TQ1G000Aa7rEkWtkvwbc701xR3Yvm2W0e1Y0g90QWAw0U82ogg2n3ATqR6rEi001TMdK6lqV0B1fWEdPMAl8Y8sgi8g0_KrwFAxjsUos6G4FpYyBhChEkVkW7RuOME0U0K0TWLmOhsxAEFlFnZy80MbP2GWe3W8SaMy3-15wWN2PaOq1WX-1Y06R0PdTNgxPQ0nSDQk1d06PtzwggRy_sKDj8P4dbXOdDVSsLoTcLoBt8rEJ0jCkWPy07m6O320u8S3MetGpfQOJbuCc8sLZVf780T_tyH0538U850TjWV2ZP2qJ29RY5acXYUorQQPMxXrmpowQDSgqKgtn8P6y_QEMuAVsmUyZN3C0C0~1=WaqejI_zOE417H8051w0s-umuGAqv_hvZII00V_5fOotYVsR_G680PNikQM10P01pEJDljI0W802c07CvCs-LA01ukAe0UBYpRvKk07-wRQa8zW1d9IZdm7W0TAZrXde0RW2-078Yjw-0Q02-FpA5vW3m8Gze0C4i0FFAuW5qwq6a0NmcGUm1R3g0RW5iEe1trtW1NUe1i01k0U01V470032lBv29IswF7d-Fydu2e2r6DaBrEkWtkvwbc7e2zEj1eWCqfi6c0tAf3kmFg0Em8GzW12EYFeVW8CGu16_gh84w17wa-Qsh86BjTT6gK2cFOKHi8gfFvWJ0gWJnzxha8cJnTqMu1EmwW685ElSvhNjuVQu3iWK0T0KXCplLjWKuRwxZ0Re58m2q1NXlhkC1jWLmOhsxAEFlFnZe1O1i1Qo0yaMq1RIdjw-0O4Nc1VsZxqTk1S2m1Ur4j0Nq8O3s1VgqZpe5mAP6A0O1h0ObUY2ZGQu60Zu6FY1-xJqiV-LxG606OaPPaS60000002G6G6W6S01k1d___y1u1a5w1dm0V0PWC83WHh__pV263xSwuWQm8Gzg1hE-Iwu6WFr6W40002O6ygaE-aRlRH6nyuKTK7m6vZkkYdu6yoTsGVf780T_t-P7QWU0TWU-jeU7W0uX6oOKP4ySlAJOMz3mHn5CWsHjpoYFV8jRj9hI5pJCW5apPvh8IJykmgN5m4V40s2aEnYXT4yQ3ab5ii8CXizbpP7ZCR4wyvApp7829zCa-CFtWnOIcS8DJCCjeaY~1?test-tag=148434408964125&rnd=7590485802500&confirmRatio=1000000&confirmTime=2100000&width=240&height=402&wmode=0&banner-test-tags=eyI3MjA1NzYwNTM3Nzg2NjAyMiI6IjQ5MTY5In0%3D&pcode-active-testids=462727%2C0%2C18%3B406668%2C0%2C32
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:58 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 11:18:58 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 26 Nov 2021 11:18:58 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmq&hash=762d9a1c642bf50e&duid=1637925534998130503&pxo=kO98sH640Hgx4FoonymLCb1SbRB4TmlLnRiFsDTYOxJMu1ApgMxVSy_isHld81yUqVb7YODHgOefet4UMd_oN6AqM7MI4NH4WdpS-bH-PI83KbV1Jh6XIx9p3IE0tzCyFM5FotkDNRhOgbKZvvAmDNZa7JSGBrU-r3_av4RjS0s4TDH3cb4%3D&p5=gdhai&rand=ktyhdtq&sj=PGlHicFegmNnF2s3BYXtipb2uaIORhJEHO4xCT2U1o5vTwF2Y-V9HpEV4IP5wg%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bzqke&rqs=naq6bQEUh1qdwqBhZ9aZp-WwMZSeUZYh&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:59 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:59 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmq&hash=b209e7ebb4b66fda&duid=1637925534998130503&pxo=otIgIHxW4O8cmGs-7coFmUeWBWYxAonhL2umvJuxXQ25ULvxGU7LXVIeKLKLQpcpiAoW-s1Fp18hrtiYTcZv8zdoTzM01_dM6ZbuJr5y-T8wz67EeqRgMBTIE5UbfpFu0RT9Hp61KATCBRUAX6mfbSzZspmx9WzNBRQzit61bnZXX-7nPWk%3D&p5=gdhai&rand=hizockk&sj=3JlQdRK5XdbzYbki6a6FV_OQYyUG61a3YQbtG9xz_mE8b_GAnsjw5TBXQX1apQ%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvobk&rqs=naq6bQEUh1qdwqBhEt8M-kfzYR8woBv6&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:18:59 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:18:59 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmr&hash=9f5dd877a5f59e4a&duid=1637925534998130503&pxo=kO98sH640Hgx4FoonymLCb1SbRB4TmlLnRiFsDTYOxJMu1ApgMxVSy_isHld81yUqVb7YODHgOefet4UMd_oN6AqM7MI4NH4WdpS-bH-PI83KbV1Jh6XIx9p3IE0tzCyFM5FotkDNRhOgbKZvvAmDNZa7JSGBrU-r3_av4RjS0s4TDH3cb4%3D&p5=gdhai&rand=jfocnlv&sj=PGlHicFegmNnF2s3BYXtipb2uaIORhJEHO4xCT2U1o5vTwF2Y-V9HpEV4IP5wg%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bzqke&rqs=naq6bQEUh1qdwqBhZ9aZp-WwMZSeUZYh&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:19:04 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:19:04 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/5906/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/5906/event?pm=bmr&hash=d105b3ea44b4fded&duid=1637925534998130503&pxo=otIgIHxW4O8cmGs-7coFmUeWBWYxAonhL2umvJuxXQ25ULvxGU7LXVIeKLKLQpcpiAoW-s1Fp18hrtiYTcZv8zdoTzM01_dM6ZbuJr5y-T8wz67EeqRgMBTIE5UbfpFu0RT9Hp61KATCBRUAX6mfbSzZspmx9WzNBRQzit61bnZXX-7nPWk%3D&p5=gdhai&rand=jucxqyh&sj=3JlQdRK5XdbzYbki6a6FV_OQYyUG61a3YQbtG9xz_mE8b_GAnsjw5TBXQX1apQ%3D%3D&ad-session-id=4873901637925533324&utg=bdvoy&lts=fhwhatx&ytt=148434074208277&ybv=0.49422&ylv=0.49422&dl=%2Fsite%2Ftema%2Fdigital%2Fart%2F%24spec%3A%2Fproject-rgdigital%2F%24sujet-4040%24url%3A%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&pr=ncflyqm&p1=bvobk&rqs=naq6bQEUh1qdwqBhEt8M-kfzYR8woBv6&rtb-si=b&p2=fjgg
Requested by
Host: rg.ru
URL: https://rg.ru/2021/11/25/kolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rg.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:19:04 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Nov 2021 11:19:04 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
22322746
mc.yandex.com/watch/ 		43 B
157 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/22322746?page-url=https%3A%2F%2Frg.ru%2F2021%2F11%2F25%2Fkolichestvo-atak-na-biznes-s-pomoshchiu-programm-vymogatelej-uvelichilos-na-200.html&charset=utf-8&browser-info=nb%3A1%3Acl%3A856%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A1%3Als%3A1454109463667%3Ahid%3A814935483%3Az%3A0%3Ai%3A20211126111908%3Aet%3A1637925549%3Ac%3A1%3Arn%3A809020092%3Arqn%3A3%3Au%3A1637925534998130503%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637925532079%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925549&t=gdpr(14)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rg.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:19:08 GMT
last-modified
Fri, 26-Nov-2021 11:19:08 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://rg.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:19:08 GMT
37412095
mc.yandex.com/watch/ Frame 043C 		43 B
227 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/37412095?page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&charset=utf-8&browser-info=nb%3A1%3Acl%3A155%3Aar%3A1%3Agdpr%3A6%3Avf%3A9ezyymqkmizds872r%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A903105851765%3Ahid%3A892343034%3Az%3A0%3Ai%3A20211126111911%3Aet%3A1637925551%3Ac%3A1%3Arn%3A246480627%3Arqn%3A2%3Au%3A163792553681598491%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637925534038%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637925551&t=gdpr(6)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yastatic.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 26 Nov 2021 11:19:11 GMT
last-modified
Fri, 26-Nov-2021 11:19:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 26-Nov-2021 11:19:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.1dmp.io
URL
https://static.1dmp.io/tm.js?id=78c12ed7-f586-4fe6-a75f-3a9ff1918f54
Domain
sm.rtb.mts.ru
URL
https://sm.rtb.mts.ru/p?ssp=aidata&id=BgaKtMBNON5TbG6581MT5g
Domain
nativeroll-sync.rutarget.ru
URL
https://nativeroll-sync.rutarget.ru/sync
Domain
nativeroll-sync.rutarget.ru
URL
https://nativeroll-sync.rutarget.ru/sync
Domain
statsb.nativeroll.tv
URL
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sp2vxU5LpdcS1T4G6mHVBO&gt=0&rand=670509
Domain
wam-google.solution.weborama.fr
URL
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEIe7Ba2BKGgZ0tIf0p8eumw&google_cver=1
Domain
idsync.frontend.weborama.fr
URL
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6670528900167045665
Domain
idsync.frontend.weborama.fr
URL
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=uBohprqcyl76OqSVtDgMOvCAN7cFQQ9F
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=c3AydnhVNUxwZGNTMVQ0RzZtSFZCTw
Domain
idsync.frontend.weborama.fr
URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A6216F1C-E9FB-40A6-96D4-2197A0F136B7
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=3387278542120340&rc=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics&cls=0.000&mls=0.000&nls=0&cas=0.000&nas=0&wls=0.000&tls=0.000&was=0.000&lcp=0&lcps=0&cbt=131&mbt=100&nlt=4&nif=1&ifi=1&eid=31060545%2C31062324%2C21065725%2C31063246&top=0&pvsid=1417310507231258&gpt=1

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| RG function| $ function| jQuery object| YaHeaderBiddingSettings function| _ function| Ractive object| PubSub function| moment function| Cookies object| Lockr function| Quill string| fotoramaVersion boolean| mCustomScrollbar object| jQuery111308874502651274756 object| lsbridge function| Waypoint function| io object| tingle function| fetchJsonp object| pbjs function| _toConsumableArray function| _classCallCheck function| _createClass function| _extends function| _typeof number| $scrollTop number| $windowHeight number| $windowWidth number| $currentWindowWidth string| GoogleAnalyticsObject function| ga object| core object| __core-js_shared__ object| firebase object| rutarget object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackChunkrelap_widgets object| perfTiming function| relapSendStorageAvailability object| preinitScope object| Ya object| pcodeJsonp49422TXG1FdQQcA number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| __activeTestIds object| __pcodeAllActiveTestIds object| ya object| yandexZenAsyncCallbacks object| t object| s function| Hammer object| AdfoxOuterData object| dmpkitdl object| ShareResponse object| _tmr function| ym object| Criteo boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks object| SPKLW object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| _jsload object| jsapi object| ttsmi2_data object| smi2TrackerSend object| __statmedia_callbacks undefined| callbackPartners object| yaCounter22322746 object| googletag object| criteo_pubtag object| criteo_pubtag_116 object| Criteo_116 object| seedrInit function| SeedrPlayer number| _mt_rnd string| _mt_referrer string| _mt_location function| _MT_jsLoadDelayed object| _mgIntExchangeNews object| LentaInformInfC1140036 function| LentaInformCContextBlock1140036 function| LentaInformCMainBlock1140036 function| LentaInformCInternalExchangeBlock1140036 function| LentaInformCRejectBlock1140036 function| LentaInformCCriteoBlock1140036 function| LentaInformCInternalExchangeLoggerBlock1140036 function| LentaInformCObserverBlock1140036 function| LentaInformCSendDimensionsBlock1140036 function| LentaInformCRtbBlock1140036 function| LentaInformCDiscountBlock1140036 function| LentaInformCContentPreviewBlock1140036 boolean| mg_loaded_706556_1140036 object| relapCbRegistry object| relapAPI object| relapTasks object| __statmedia object| T function| StatMedia object| statmedia37846 object| jsapi_ object| JsAPI object| yaCounter29789 boolean| seedrAdBlock object| buxrrlmswobu object| closure_lm_278377 function| getCompvideononr2 function| getCompvideonrcompete2 function| secondInitvideononr2 function| secondInitvideonrcomplete2 function| nrReport string| __placeId string| __classImage function| __setAdContainer function| __setAdScript object| images object| _tx object| webpackChunkdelivery_content object| $jscomp object| HybridBobId object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| onClickExcludes function| mgReject1140036 function| mgLoadAds1140036_09fd3 function| LentaInformCReject1140036 function| LentaInformLoadGoods1140036_09fd3 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| yaads string| _mgCanonicalUri boolean| _mgPageViewEndPoint706556 string| _mgPvid function| vnOnStubCallback boolean| __videonowLibHasInited__id_3416566 boolean| _mgPageView706556 object| videonow function| LoadCriteoAllPlaces1140036_09fd3 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgRequests function| createVPAIDAd function| getVPAIDAd object| vnCreateVPAIDAdSaved object| vnGetVPAIDAdSaved number| google_global_correlator object| closure_lm_571380 object| closure_lm_578443

156 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
rg.ru/2021/11/25 Name: seedr_cid
Value: 6c018077-dcdd-4908-b84d-f7ede88fb615
.mediatoday.ru/core Name: idntfy
Value: VOn2DghXAp4IoSM
.instreamvideo.ru/core Name: idntfy
Value: VOn2DghXAp4IoSM
.wi-fi.ru/b/v1 Name: _dw_uid3p
Value: a5b001ff4eaa11ec9dbeca86d33b8d4e:1637925537:1637925537:1!ba7547c1
.rg.ru/ Name: uidtrack
Value: wr4l4mGgwpwkTAoeyaN9Ag==
.rg.ru/ Name: _ga
Value: GA1.2.1781524426.1637925533
.rg.ru/ Name: _gid
Value: GA1.2.688762289.1637925533
.rg.ru/ Name: _gat_digital
Value: 1
.adfox.ru/ Name: luid1
Value: cfsj:cda:cfsj:cda:a
.adfox.ru/ Name: luid1_ts
Value: fhwhatx:fhwhatx
.rg.ru/ Name: rguniqueid
Value: f547ec9cb1f24bfbead8e35db95fb4db
.rg.ru/ Name: _gat_customGaScope_0
Value: 1
.rg.ru/ Name: _gat
Value: 1
.rg.ru/ Name: _gat_site
Value: 1
rg.ru/ Name: promo_fullscreen
Value: 1
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 51eb3150-c48b-524a-b638-ab83d798691e
.betweendigital.com/ Name: ss
Value: 1
.smi2.ru/ Name: _sm_uid
Value: e403bd3b-55b0-47b1-bcdb-bc9f3c867c2e
.smi2.ru/ Name: _sm_udt
Value: 1637925533351
.smi2.ru/ Name: _sm_sid
Value: 19345883-5ee3-4bbd-8064-f51505d3a1ae
.smi2.ru/ Name: nid
Value: ads5-3smir10
.exchange.buzzoola.com/ Name: uuid
Value: 9f5c4ec1-7c48-4d76-4dc8-145eae78bc26
.yadro.ru/ Name: FTID
Value: 1XeCAT0kcruD1XeCAT0002Pq
.relap.io/ Name: fsts
Value: 1637925533
.relap.io/ Name: rlprp
Value: eZJFUg--6f79badecc2374dd0949d76ce63464132467d72e62b6c85b07112fe12efcdb97
.relap.io/ Name: 3rdpce
Value: 1
.tns-counter.ru/ Name: guid
Value: F511683661A0C29DX1637925533
.yadro.ru/ Name: VID
Value: 0ihsTO2lJ3uD1XeCAT000Rz9
.rg.ru/ Name: _ym_uid
Value: 1637925534998130503
.rg.ru/ Name: _ym_d
Value: 1637925534
.yandex.ru/ Name: yandexuid
Value: 6523204581637925533
.relap.io/ Name: unique
Value: 0zyVboah
.relap.io/ Name: suid
Value: d3814ca6562368c83929bfdcc810203a75f15ecd--d60772b83b13b65cbdde86b13a895a27fd06db21e4c00a472266fba5190035c6
.rg.ru/ Name: tmr_lvid
Value: a4c4dae650f5532bb5bc14367f1bd277
.rg.ru/ Name: tmr_lvidTS
Value: 1637925533578
.rg.ru/ Name: tmr_reqNum
Value: 1
.bidswitch.net/ Name: tuuid
Value: d9078758-6364-4304-a3ea-ad1856650774
.bidswitch.net/ Name: c
Value: 1637925533
.bidswitch.net/ Name: tuuid_lu
Value: 1637925533
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4099774378fake
.lijit.com/ Name: ljt_reader
Value: 82995b5021d5c0ff615e7eef
.adhigh.net/ Name: gi_u
Value: PW9SHFxP88e.AikABlF9W_g3-w
.adsniper.ru/ Name: uuid3
Value: IiRhMzk0YmMyNC00ZWFhLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3894706074fake
.otm-r.com/ Name: mpid
Value: NjFhMGMyOWQxMzk5NmQ3NA==
.rg.ru/ Name: _ym_isad
Value: 2
.adhigh.net/ Name: btw_sync
Value: IGg
pool.admedo.com/ Name: tuuid
Value: 03f06c0e-1456-4440-854c-1894a8a29496
pool.admedo.com/ Name: c
Value: 1637925533
pool.admedo.com/ Name: tuuid_lu
Value: 1637925533
.yandex.com/ Name: yandexuid
Value: 6523204581637925533
.yandex.com/ Name: yuidss
Value: 6523204581637925533
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.bumlam.com/ Name: suuid3
Value: IiRhMzk0YmMyNC00ZWFhLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.stat.media/ Name: _sm_uid
Value: e403bd3b-55b0-47b1-bcdb-bc9f3c867c2e
.stat.media/ Name: _sm_udt
Value: 1637925533351
.stat.media/ Name: _sm_sid
Value: 19345883-5ee3-4bbd-8064-f51505d3a1ae
.stat.media/ Name: _sm_cm
Value: 6
mc.yandex.com/ Name: yabs-sid
Value: 855189161637925534
.yandex.com/ Name: i
Value: iEXcW/w9ohOsX6euJRiv0wfylg8yGN9pVD/V1LQ0lWKJAmVm+hfdxcGGjNoNd7eOfmfyi1LVONWnxNoMzWi7o177Mhs=
.yandex.com/ Name: ymex
Value: 1669461534.yrts.1637925534#1669461534.yrtsi.1637925534
.creative-serving.com/ Name: tuuid
Value: cfd951ea-8bea-41a9-9509-f901ec9f41d4
.creative-serving.com/ Name: c
Value: 1637925534
.creative-serving.com/ Name: tuuid_lu
Value: 1637925534
.idntfy.ru/ Name: idntfy
Value: VOn2DghXAp4IoSM
.relap.io/ Name: hllc
Value: 2
.relap.io/ Name: rlpagcs
Value: eyJ1aWQiOiJDTU55Q0VmM2NpUzlpQTFTeE5YaUwzb0E9PSIsInRzIjoxNjM3OTI1NTM0fQ--065094802d21494274e4cea89cb0275414911a4af486b4b419c30f8a686388b4
.rg.ru/ Name: _ym_visorc
Value: b
.weborama.fr/ Name: AFFICHE_W
Value: wE2d8b4q@VfA64
.yandex.ru/ Name: yuidss
Value: 6523204581637925533
.1dmp.io/ Name: uid
Value: a417e902-4eaa-11ec-ad67-f832e4719dd9
.relap.io/ Name: rlpisvcs
Value: eyJ1aWQiOiJWT24yRGdoWEFwNElvU00iLCJ0cyI6MTYzNzkyNTUzNH0--690deb88f40c65b39feafe388cd999e3dac31cc6987471cb3fff07c80cf2d304
.adriver.ru/ Name: cid
Value: AV_jAd0ptmwNq7RiytbfNsQ
.wi-fi.ru/ Name: dmpuid
Value: Ct22uhz4RqKOn2dR3GhtNA
.aidata.io/ Name: __upints
Value: 1637925534
.aidata.io/ Name: __upin
Value: BgaKtMBNON5TbG6581MT5g
.nativeroll.tv/ Name: wdata[social_class]
Value: 0
.nativeroll.tv/ Name: wdata[age]
Value: 0
.nativeroll.tv/ Name: wdata[gender]
Value: 0
.nativeroll.tv/ Name: wdata[expire]
Value: 1637932734
.nativeroll.tv/ Name: nr[expire]
Value: 1638098334
.nativeroll.tv/ Name: cid
Value: 6c018077-dcdd-4908-b84d-f7ede88fb615
cstatic.weborama.fr/ Name: _xttrk2_ids_sync
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_ids
Value: 1
cstatic.weborama.fr/ Name: _xttrk2
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_mpub
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_uk
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1637925534963
.tapad.com/ Name: TapAd_DID
Value: 26b06193-e395-45c0-840a-02366c115350
.adnxs.com/ Name: uuid2
Value: 6670528900167045665
.rlcdn.com/ Name: pxrc
Value: CAA=
.weborama.com/ Name: wui
Value: 65322932-FD65-49F5-ADE7-B6542DBCDEDB
.ops.beeline.ru/ Name: BeeAID
Value: edca2bb7-2acf-4d67-b569-be4bd5a014a1
.criteo.com/ Name: uid
Value: 0f55e566-482f-4707-92df-e76bf217b762
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.rlcdn.com/ Name: rlas3
Value: 9OY/1LUCgNckaJerNRW3/2CWKjVg6D0EQ0faQSXUx/s=
.weborama.com/ Name: wam-sync
Value: ok
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A6216F1C-E9FB-40A6-96D4-2197A0F136B7
.doubleclick.net/ Name: IDE
Value: AHWqTUlSZFMk14JHR3PZDfjwlKw-HtdqEbwUderCc2nFQlHjDnH4kHYR6ijlByG00vo
.yandex.ru/ Name: i
Value: F9nBZP8VvCxuGYV61s/7j1Se18grhmEIJDqU3v0dOtEwDlGZA8BR2050VvISntcGiyhcIE7YH0RtWcqlNzw167/luEc=
rtb.com.ru/ Name: as-user
Value: 61a0c29ffa2d935035db4fe8
.sniperlog.ru/ Name: guid
Value: FE1D512B1468D4B9
.relap.io/ Name: rlpvp
Value: eZJFUg--975c6075d6f293646149c08270ebbf47ea641d543cd2fa172c505bfff9f8464d
.relap.io/ Name: rlpdp
Value: S1dqZU9nAQ--08e1122a21dae5ceda8d9eeba54a29173a68837ccab536957356dba4d99ceae6
.relap.io/ Name: rlpvff
Value: 7RpEUtu9PlKfwqBhAAHuelJSn8KgYQABBzUpUp_CoGEAATkfSVKfwqBhAAE--2a0a94fdf2e77a3142483b51c726c58e415922b8935ff6460654a438a4002057
.amazon-adsystem.com/ Name: ad-id
Value: AwmjZjkHNk0crIyp_udShFA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
prodmp.ru/ Name: rai
Value: 218826dceaa8d61525292f8a79cb45e6
ssp.afp.ai/ Name: afp_cookie
Value: "gAAAAABhoMKfPJYeTIfsP2100DNyl_hdnz2FLjJtU7UKrobYeMkqmJcCzRzhkquS6Zqa56qJbN2DJf4uxhkrPoDg2QszdNPHIeECdezPFK0wQ5WAA55EYn0Mzw0greJuuxSsUTIh3252mt21c44x89pOgP3rRvgD6VCcfeiDGrdd4_lEVQ_0tQ4U3g9Ls3yO8NjvANF6BDM38vngZsnrLKkA8xF28PJSZYQtJnFtzNkyZu9ARd5R4IEQ6YxmRb_Q9bSrxV2Xszh5nZINQGSwoJYIoSGIurGWVUoCIBDaG927oaREjhJcgWE="
.rg.ru/ Name: __gads
Value: ID=2acc242e6cb051d6-228c67b202cc008a:T=1637925534:S=ALNI_MYgWHwJwZcWadZBfcmTyEpGLXCxcw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M4.FEVNsVF']wIg2GUl]+2[8!1yIE`TM#2D%F'!?K#/Q3]ndu`Iuhj5Hee@3kGe8=k/YBj7nYp_sSCs4KuoJ5aHK:lB)ozd'AFsd/2)Ld$SM<d'`7Z
.lentainform.com/ Name: muidn
Value: laqTcQ_BNvi3
x01.aidata.io/ Name: mts
Value: 1
.mts.ru/ Name: dspid
Value: 71930b56-9fa6-4a5d-8fcb-f42ce0359090
servicer.lentainform.com/ Name: __mglb
Value: 2b804be0d04e992ad0d5ca78c8f32d46
rg.ru/ Name: LentaInformStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1140036%22%3A%7B%22page%22%3A1%2C%22time%22%3A1637925536312%7D%7D
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: COC+ehCWUxgB
.adx.opera.com/ Name: UID
Value: 1bb606ea6f0e49469ecfbb871e6b6425
cm.lentainform.com/ Name: mg_sync
Value: {"433147":1637925536}
rg.ru/ Name: tmr_detect
Value: 0%7C1637925536616
.mgid.com/ Name: muidn
Value: laqTcQ_BNvi3
.mgid.com/ Name: __cf_bm
Value: goo7OYOKCW9hEAN1eCglO2MeP_kftBI.ENiBckHsyV8-1637925536-0-AVPEPFh7Q3NP2rRbzJKdn4ZOeG0/If8khqw8NbdMzD3qczoFm4mBA+EP1nvm1Gc7yo0otqUoztQsxrmuN70enro=
.videonow.ru/ Name: vn_user_key
Value: 19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e
.videonow.ru/ Name: ud
Value: a%2Cs3482%2Cp3416566
.videonow.ru/ Name: uw
Value: a%2Cs3482%2Cp3416566
.videonow.ru/ Name: um
Value: a%2Cs3482%2Cp3416566
.betweendigital.com/ Name: ut
Value: YaDCoAAPIwDCRsV5fJ9qBA6xhD6lPfY2i3Lgqg==
.adhigh.net/ Name: videonow_sync
Value: IGg
.relap.io/ Name: lsts
Value: 1637925537
.upravel.com/ Name: session_tptc
Value: 1637925537125
.rktch.com/ Name: b_uid
Value: e54e722955f3463e1ba902c71eb631a756a7
.upravel.com/ Name: user_id
Value: 202107fc-2a71-4ff9-a17f-19577684b0da
.videonow.ru/ Name: dsp_30
Value: 51eb3150-c48b-524a-b638-ab83d798691e
.videonow.ru/ Name: dsp_14
Value: a394bc24-4eaa-11ec-86e0-002590c0647c
.videonow.ru/ Name: dsp_3
Value: PW9SHFxP88e.AikABlF9W_g3-w
.videonow.ru/ Name: dsp_23
Value: bdd27425-5a96-44c3-ba55-8339eafb9748
.videonow.ru/ Name: dsp_4
Value: AV_jAd0ptmwNq7RiytbfNsQ
.videonow.ru/ Name: dsp_32
Value: 0zyVboah
.videonow.ru/ Name: dsp_16
Value: 675b0562-05b4-4e42-a186-274d17ccc476
.mts.ru/ Name: mts_id
Value: f30080b5-91bd-413e-b4a2-4e680d2a2921
.mts.ru/ Name: mts_id_last_sync
Value: 1637925537
.utraff.com/ Name: preutid
Value: 1
.rutarget.ru/ Name: userId
Value: IIQKYnSxkT0q
adx.com.ru/ Name: yabbi-user
Value: 61a0c2a1d41e0649104f37a6
.videonow.ru/ Name: dsp_7
Value: IIQKYnSxkT0q
.whiteboxdigital.ru/ Name: MiId
Value: 6b8f5f88-690f-4e45-bab9-91837d1a8979
.e-contenta.com/ Name: b_uid
Value: e54e722955f3463e1ba902c71eb631a756a7
.videonow.ru/ Name: dsp_38
Value: pbAB_06qEeydvsqG0zuNTg
.dmg.digitaltarget.ru/ Name: viuserid
Value: TwZpRdErxIhzjfB7uWea
.mail.ru/ Name: VID
Value: 0iUoKG0YIHo600000Y14H4I6:::0-0-0-6bb1b5d:CAASENQEqn6wEZg9THVV0YpSnN4aYAZdu6PmIQmX3JuZgRZqlShBVrAh8UTte0HQ7trRhbfWlTYDJEl4AsQI5acjuaQIxbGWXWZG0KTu3G6hKf3IxGWoBhvojHUEQGb82YGYrMffnOzCwpgJKBhKkvg6trSh-w

6 Console Messages

Source Level URL
Text
network error URL: https://front.rg.ru/geo/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://relap.io/cookie_checker?_s=PqYQog&callback=window.relapCbRegistry.relapCb7584170077
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nativeroll-sync.rutarget.ru/sync
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://nativeroll-sync.rutarget.ru/sync
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61a0c2a1d41e0649104f37a6%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61a0c2a1d41e0649104f37a6%2526dest%253Dhttps%25253A%25252F%25252Fsync.videonow.ru%25252Fssp%25253Fdsp%25253D40%252526uuid%25253D61a0c2a1d41e0649104f37a6&webouid=sp2vxU5LpdcS1T4G6mHVBO#632
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19c624898d0e74b5f2cbdf0c3ea5ffa3a2c8de2e-vdn.ops.beeline.ru
202107fc-2a71-4ff9-a17f-19577684b0da.sync.upravel.com
2ba75d1ebbc5822591ce4f0f9c859d93.safeframe.googlesyndication.com
2cf980604263f33e5ced0888867d8f4f.safeframe.googlesyndication.com
303d408206015942dc45a1deb904a62c.safeframe.googlesyndication.com
515ad06a5de5c8ec73c13cbac309a501.safeframe.googlesyndication.com
a.utraff.com
aax-eu.amazon-adsystem.com
ad.adriver.ru
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
ads.creative-serving.com
adservice.google.com
adservice.google.de
adx.com.ru
ajax.googleapis.com
an.yandex.ru
ap.lijit.com
autocounter.lentainform.com
avatars.mds.yandex.net
banners.adfox.ru
bidder.criteo.com
c.lentainform.com
cache.betweendigital.com
cdn.ampproject.org
cdn.lentainform.com
cdn.relap.io
cdn.rutarget.ru
cdn.videonow.ru
cdn01.nativeroll.tv
cdn01.seedr.com
cdn02.nativeroll.tv
cdnimg.rg.ru
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.lentainform.com
cm.mgid.com
cm.p.altergeo.ru
counter.yadro.ru
cstatic.weborama.fr
d.wi-fi.ru
data.videonow.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dmp.vihub.ru
ds.frontend.weborama.fr
dsp.e-contenta.com
dx.frontend.weborama.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
exchange.buzzoola.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
fp.hybrid.ai
front.rg.ru
googleads.g.doubleclick.net
gum.criteo.com
hbe199.hybrid.ai
ib.adnxs.com
idntfy.ru
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
init.videonow.ru
instreamvideo.ru
jsc.lentainform.com
match.new-programmatic.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mediatoday.ru
mitdmp.whiteboxdigital.ru
nativeroll-sync.rutarget.ru
onetag-sys.com
pagead2.googlesyndication.com
pb.adriver.ru
pixel.tapad.com
pool.admedo.com
prodmp.ru
pubads.g.doubleclick.net
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
rg.ru
rtb.com.ru
rtb.videonow.ru
s-img.lentainform.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.lentainform.com
sm.rtb.mts.ru
smi2.net
smi2.ru
ssp.afp.ai
ssp.hbrd.io
ssp.hybrid.ai
st.hbrd.io
stat.media
static.1dmp.io
static.criteo.net
static.smi2.net
static.videonow.ru
static1.smi2.net
static2.smi2.net
static3.smi2.net
static6.smi2.net
stats.g.doubleclick.net
stats2.videonow.ru
statsa.nativeroll.tv
statsb.nativeroll.tv
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.omnidsp.com
sync.upravel.com
sync.videonow.ru
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
target.smi2.ru
tech.rtb.mts.ru
tms.dmp.wi-fi.ru
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
ut.rktch.com
videonow-sync.rutarget.ru
von2dghxap4iosm-mdt.ops.beeline.ru
voo2mhq75byesxo-mdt.ops.beeline.ru
wam-google.solution.weborama.fr
wf.frontend.weborama.fr
widgets.sprinklecontent.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
yhb.p.otm-r.com
ysa-static.passport.yandex.ru
zen.yandex.ru
aax-eu.amazon-adsystem.com
idsync.frontend.weborama.fr
nativeroll-sync.rutarget.ru
pagead2.googlesyndication.com
sm.rtb.mts.ru
static.1dmp.io
statsb.nativeroll.tv
wam-google.solution.weborama.fr
www.googletagservices.com
104.109.78.125
104.19.136.78
104.19.217.61
116.202.236.172
136.243.149.224
138.201.139.144
142.250.181.226
142.250.185.98
143.204.98.110
146.185.195.94
148.251.4.142
151.236.71.19
151.236.71.64
176.9.0.57
176.9.8.252
176.99.6.56
178.250.2.131
18.192.223.130
18.196.195.54
185.137.232.40
185.15.175.145
185.162.95.76
185.180.43.83
185.184.8.65
185.64.190.78
188.34.131.130
188.42.191.196
193.106.95.134
194.190.23.28
194.190.37.226
195.201.152.105
195.209.108.51
195.209.111.20
195.54.48.25
2.19.35.65
2001:6d0:4001::226
212.76.131.37
212.76.131.50
212.76.131.55
213.87.44.187
216.52.2.19
216.58.212.162
217.65.2.150
217.66.147.165
217.69.133.145
23.109.54.164
2606:4700:3039::6815:c07d
2606:4700::6810:125e
2a00:1148:db00::17
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
2a02:24b0:300:2::31
2a02:2638:1::13
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::211
2a02:6b8::2:158
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a02:6ea0:c700::11
2a02:6ea0:c700::2
2a03:90c0:41:2801::254
3.120.83.159
31.172.81.158
31.172.81.172
34.117.231.160
35.190.16.14
35.201.80.102
35.201.81.244
35.210.53.219
35.227.248.159
35.244.174.68
35.244.223.69
37.18.16.16
37.18.16.17
37.18.16.20
37.18.16.6
37.252.172.123
37.252.173.38
37.9.245.57
46.161.36.3
46.235.190.61
46.46.137.178
46.46.137.179
51.89.9.254
52.95.126.160
69.173.144.139
77.88.21.179
80.64.106.149
81.163.17.245
82.145.213.8
82.202.225.240
83.222.114.188
83.222.115.14
88.212.201.216
88.212.234.126
88.212.234.233
88.212.234.27
88.212.234.52
88.212.252.73
89.108.120.76
89.108.97.2
91.207.59.213
91.220.120.21
91.220.120.9
93.184.221.133
95.163.37.253
95.163.37.254
95.216.101.186
0042d508c0caeb7dc0fe620937e0edd5ec719587315f3cfe76d020341d2a9cb5
011f4d1976bb909f96210eeb752814090291a71f1b06cd770736d4be754eeaa2
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
0181a0956f10bbb1f6bd3e8c0ee7bda323f5e28ad4b9101bd5c62a6b7f771550
02026547b95b05176f1fee450499b6b4312c3d1a490a061ed024b56e29513d3f
076cd51028cb16bdc138052656d87969974c8b125b7372445cae99750c7f6006
08edc7a32a9e17242ec96ef415c3244726be3f5259ed9576e2da3ccfa6a67e55
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0980c84f480a7ce75347815b0e8d7d523158ffa820a75f9aef79c4ead3a1868d
0a95821a8d0fb51c8a640688c7d94fcf1c4e9af0f5864eff4a00b0d38b616ffc
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5
0bb16d2d4bdac7b4420adfa048c02877e035cbba937a1630c04a683cea79bfd6
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f71fbc0d43debe93f08d27a7ec28e67d32b15e9be734d39a063c530c7b8bea9
0fa17907e1c98d916e515dcaa207c77aab5846ad2b9417fdb95ff721fb00dbd0
1642af5e97ae2e08d20a1211a17598390a974f3f3439e82e6bce1255da54c4a5
1756bca6dd68409e0ad6e1949c87f1d36af48320b002e99e6e8233345ff2a808
17cca1ca98461fed6c8f14c2ea54c8291ede3a8962df8ce7a3450c255ba32126
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1c78e00b0d0eae9458bdb13c90425be1942872ef0394a94e5daeb5a6fbe01e82
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1eec55342d3c385315e63c367aa6c5fdabbdb33f1ef7a9f0ba3c0df8691576d8
21b11fa79fbc01b62f356aac5dca3e719f120c68d215cf93b2744988dbaf16c7
21b7a12f0d00f7d337bd2798352f73d64ba135e59fda0c6293b58ab4c7b2b771
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2739b41ed125db5bb73853d753ecc38fc8ebee3ab5620aa559929a2fca85a060
28b1ecd782783d2b7167933b3cfc16ccdad2efabafaab59fd7370c47e81f17a2
2a2917cbb545ad1ea3e1c83b4bb8a09c185ffd095e4f713beb93a14e0fef1810
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bf767ddbfabd1c25f0abcf9f4416cab55034e773d37d274fb6eba0505cf009c
2c1534534a2971fbbd1cf34eaf665be1a553f12b4980cff9e14e098d9ce83d69
2cbbd799e97db5ff3e33e5037086b53584488f1523102ade4cec99405b781299
2d7fc271515683ce6082541d76702d855d72ba050bf1062493782d0b45d74839
2d8618e3d2de4948e82bbce7cd6e1cefb6d720a09adb2cae9ea3886785493a0e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3224976f57868dc3d4dbfceddfc956fbd9e7760431e74b4a25323ae06f7ce4c7
3354d9603e22e854f31cc741761b1dd62f438cd929dbcb6beecb945707d0b738
336a820bc4a20c23c8409779d1a47f752cc39a6b2fa05a5659dcabaa8d301e19
34002f44f45d46f3207505bf46d2af3cf7fe1041fcdd801b65a2fb946c4a1bf5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34f94b3d478ef0fff55d0c993f3b82059bab957650d4b16c0b397461464e2ed8
356f198f42c656c66643aab85487d744d1699c6205847cb5667a25b26ff9d779
360c6ce9cde0594ceacc3fb178293b41a9df002b66e4532f62fce02ab924df3b
365069116bc27694af2acc83cab0226a89f97517038d52752873155dabeef5d6
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f
3b80334011e2b10cdb61cb145661e37e99f2b73402e99570e353ee5301c29fc5
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3daf4b8639f4fa60233b136a38a1381220c9809bc756822afafc9215e897619e
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7
3e63218871fec07f5885ac6eaef05b557ae641c5e485edda2e6d55050d5992ca
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
416a16693dc9e064035a4ab3334707e04cc1b89d0658512fcae23c4259c7219c
42f778eacf147663de14a5a700f83fef31c1dbdf56001b1f71478145c9391369
440ff5e3fff37e4bd2fbb03b7e9c5b713d377a39bef6c378beb4cebf394de616
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f86ee05a7423ba6d49e22b6e5d16d03615e75affb54888e8e8180efcb67580
4582d73eab54c3a2b381816269a97555a81ce959a7db863417c0f7fd368aa9e2
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b649209d9890323540dc0490ee4bb42daa34b97993a383bade3e15ee66dd578
4c1b37b585cec05275c0eb002effa116081caaff2a3139a5fb87712994222591
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
4d6464c93e8743d8773dd26c4daa08ff90201029322b1e2ec5f6ddc5599170e3
4dfaf53c384e808f63cd97972180b3bc01498202d186f85c55bf4a95b8dc932a
4e754b1f4e9d2759981f4f898f2434952ebec34ab17f12e9106e75e2113d85f9
4edf2b984a9492049d1d46ee0f3ad9e13b9f303831e8b8d93a8c681887e1eae3
4efc7bae0f267c675c4cce712fd7b6dd7d69528899330340228259013376ba64
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4faae8c0b0c70a34af53eaf526cf14a3763459e855020519849042a7c52fd2b2
5005559ffcb7ef2903abe26fff4f75ac60c7b77c07ea6a8a4ea74c92cb9fdaa8
5059ac549f0b3e1c8c8b1745f413937dc3b3c5ff94304046befbb3543424c18b
5157a6351c1d72cd61d9a19936b9307d8ddf2ec3c89146437602853547cc1a93
532652fd00ffb86f5b251922a581a8799e6fe07dc5c75a5f5ab8e5e22165a2e5
535ab2f2779b29b6ed18af6aa8fb3ecd2e387bdef80583a2dc8ff6caa31f75a1
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53e0bc194196646c3b126bb63fb3564f561cb39d196059759c78e43112d059df
5428f1b998eaa9e73289bc72b89b485935dab6b47c4f1b21254b846ad6cafea0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
5731a6da0d87f94ff381a5135019341850f1afbfa99d13490865438e076b5546
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a70e4836f12f6e56664bc7a07f440e9e4b15968a02e1bc11e028028b971c6a4
5a92a4fd113e4e6077e5d23a5d7242924293061a06143be6fbf45f6e594e2bbf
5cafbcb1e043b6a9425bdaf283a64a6ecec632424e9258e6fa72788e40714a7c
5ce50030d5f36790254a4ec5325ce051848fa702c563e28899027e517e8438ba
5cebda09c6832715388731cae40700c991107865e9999aa82014ff68bd1dc9d0
5da3e68bb30d7e3a867338bace916d245f4dce6b1a8d470c505973bcd1f6adf5
6278f4711d008b11899f4240e23c61abbacd4957d938309d686917d43e4c0cf4
6295d13afd9ed3fa64b53f1e0a44cf49bc4e162dead7dde7ba1c483f95c8d16b
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6527e81b529ef56b554142b49d4c4a6c562db21381a6765a52d215200af081c1
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
67d72b3895ae0657883c9c7c13721461d2fbe2d4399d659a29721538a6a21ba4
6823dea10949344170cc602ab77daa8e267c3939427e6956318aa4cea3b5b36d
691588bd0d922abd37f7f99d8d6f3942c98930dbcca8caec1b7ca8b08fc1e2f6
696847d4fee1e6e28b4687a7c113f1f20067af307bf90b491ac114f3b5bf2f44
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3ed49ee811a4007dc59020e0e5d75b7a14b47b330b7e24243f116a4f502b58
6b4425b521fda664af1b90d0aa7223670c33a653bebeef1981617bff727110bc
6b88d69cea6a9ea72d89fb6949974a83b3146270b680c1e3dd3edb1db5528a9a
6bbb8190f406c9e4b62506e3b631ee791592a5a9dd3e29bc49f3614801a03102
6c8f12934769d44db458b48918c6a3b8d77a808fc280eb0dd849edebdc637398
6e6728abb78daef28e2375426a7e446a6020291cde536f3518908b3dbf0ffa7b
6e751ab537394229bcef6eabef21082df904e9a9658a1ec50ca71033172f7401
6f9ab9c8edd798835473b909862ab62d984d6c6e8a939665842124bf86d2a28d
709e0ce604a3116f3272f8afeebfb048650fa27a037a9b7857de9c098fbcbfc8
7170b733d833751c5a054598db93cb06aa3573194556a1adfd242e6c271632c4
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71b5630a6dcf946a05c5ef8d4101688c00e53fff227ea4f269c6cb4198f04e00
72de138091a4127d8e5d590c4ae35d14785bbef7e29e045e8f67dede542d16d1
73ca93316b37203ef2bf6287414184717b11c9302ebcf08bbe0885d366b84fb6
752b584142bd8ce13218ba3a53bf07a89b9cff2f0cf001d6b396b35df335c5a6
76a566ac71fd3b58c5863cbd72d963f47d0ba03611739c62affe8be841c15cae
76b4616ecef5607f4520f2014d8f8b3c62d4e8bd580f94fb4e81cdd6a13a84ef
78c6daedbd0f87783775cb8341b317709d35233891c728b610f132ef3d43b5be
7a6fa683e113c7407a53738d3b690e43e4287b73b87acbec6fbefd731ac48836
7adee2bef3d5d2fd7ea4af71b6a81df494c0a61cd3a920b572df22d04c427128
7b2a622046056503e24e44ccb49fbdd87bd9637ac4fa53fe47e9b43224837ca9
7bb365943ed1649e62a95b0ddcbdd8ed1ce7979a14b46f8beaf852037dbcb358
7e0ce8e821f7865d4f65debe643e8021f634367f48b9d3fb9bc7d83bdcea0db2
7f32387e6ef22029330de5a2045d6788bad2535e4fdca260365aff30ac41b984
8051e7af81ee401eb8312de637b52d87a9a2315d58d90d201601fa448b4d31ee
81a04c3c7061efcff4ab4eea7e4ff975fb56341aab0f0596047ff40a2ad00c7a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b2b158fa89813684db61d69e10f3bb2117971e63c62de5552c7c1f28f29b97
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855d4fa8ec1f110f2023edb51eb9c5d4c0038c3aa426fc3812bf2ae9cc1d9ed0
863b2aec3eb2a1aa78cc128d323d04ca00cf3b27dc682ad4a7770e1b8b8cc776
86814dd71cbba617d575386846f5db56ac8bec74e1c6c01e61b4bf48cadbfd9d
8684c73cfa501a7263899fcf425f2adf86e439b56de4c480746b3dfe25b548e0
87752263168b94998b3577467f5e5ca504b2cd88c922baf53bdabc0a450b3fb2
8776e766d8c56112278939057b3374ab3244bb2e5f1a6b984733f16ed2c1daf1
88b8317bad05fa241b8001ba25175171729b7df8d67f4f1c796e36e52a4a624e
890991f67488abd5633b6086f6016c47f3af0999b2dcd803473880c23e931b11
89531292425fe016b60bd31d4db019ca76b09c8b17f0c38362ec091e6b6e5279
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8adca16580f7fd0a41558e437c659279a59c374a27b9514067c882696afa22c0
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cd788405c00e655cb5491de151f3443cc1254bd6926db027bcccf2d17dc3453
8d7cfdaf66eda543cf5bf782ab6d7948addc68be67302b29f26b4140d7fe44b0
8e0df868769c95498c230722195fe755d6cec0bd08330da0e05d0d0cecab336b
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9061f372e65347081ccc226f73a3c961fdf266629e5f4490cea8fa4fb8637582
93c047f6bcfb7f7e8173521abe23a3f2ef3e31424ef5e4d27bef44cf5297d72c
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
958a47a7c00818c5f32210c743ccf6c3b011689f46d55edfb83a94852aa7a0ad
967c2ff57ff52f7a41abbfd8450c4f153383c43125489d95982e1c90144233d8
96a44a9d7d9ffd05d1fb1de1994d4769fad6bed09b641097447dec156305fd49
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99a2b930bf9451b9aa9a8de358d3e117fbd29067c8713c30108b56f8eb33fad3
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a677074194d5978cd10ca4c3ccc78257801e180db818a6aea292b57c0ef3f8a
9be7d0940cf4957dc46e3255b04c9f75ad8b5fc9eff048bfbf38e54b37ca9917
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ee7676ba866e159c66b78b9e71208ec543ba28b5d8ff3601619e3fd8ef1995b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d1f3fea4af3e1b403a82a7e8497029af00651b89370bdf357764668514f4be
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a14d699b59ba1936b9c15e90327139eddcaa76e4ea3db9fc8aabcbb34bdc89
a4012f526954ddff3c2c91c5c89ffe0ec0abb515b022b254b843208166288a42
a4185c2c56dd99bb1ee1b204d4531b12751213807da55fcc8178ee1f4b57fc7b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cfb5544439c0f4258334a41116f1d81a4e993969dbe36a932e696a0bd3a8fa
a596f3735bb5938974172d6f7160f36fa1c6ea9f5ce04cbc014e2eacd690307a
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a66bb5e0ceed83e5a192e063433639255090ba903add7e484bfad59439b42bf7
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a96fb671e8a4bc6f5c53f159039aaa6c1444cd14250d8f54acfa1e0de42fb295
aa36c80b0d36923f6cdd1ff3c5e20f6664bd69653eeebf0c05cd3f31edbe5370
ad8fbcdae9559932a19c504969bd3002b01f40c486a2aa80a95aedfff12336ec
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af60a09556b9e71cf5cc0770144436fc1b68fa23da3709d766bb36b57d0ff92d
b032cb242ab03326172619f89ee59cc244e6a569f98e7fb23989914bc7d6ab61
b093eca41085ec21a15f7151356b7356f71c5f893ac9b46e8015581143c0e36e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1afeb37d1070e879ac626902872c8a71c7bcb1b874c2a626b05451e8aa7b2db
b44cfda44260b2be77b8a68a226ff91e5989c710133c4b4045e5d3d96ffa157d
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b63bb61d126715cdabe020cf5c4831788a1eba333985b55a72c68bed3be8057c
b7e2835bc330a46878e6216aa8f18058d2f35c34844184fb65e4b2d15adf6506
b91278b29f591c1fbbdd05d28ae1542be8a548111d683e843316456870ba9a45
b92087c8f2dbb941e624d2403cf39e049a9d75d62859df03ddda63bfdbda182c
b9b002d04f00960844720d16d6eac8882f6846e7965a88dfac29ce577b76e6b2
b9e666dc07b74d8341d0f65d941f5a47cc3c47d731bc148550f8adefdb820f9f
ba21fbb46af1680aa5753e8bb57d998f3b3a450b89b1497307a3852a82c3e01a
bb5a9a72d77496add15bc9659426418eb1e796eda8af3768d244561a6585f439
bbb2bfc125999f8bc8fa4b38d2aceebec032d94f1021769d0bb339621979f31a
bcfd5d5aace781ae593dfcaf873d1579fbb8aed914585c9aef7356dc97d66645
bf2aa4a1a9fd5074e72f2d6fd4a17cd4cb3443b131e1e8d2a02aab82f653fc18
bfa163fa09b200dd716a31c1e08c15174d921ae1052001d465c4fb2760c39bf8
c02cae5b2de27b0f12598ab23cf91b1e0e99dda2821e2d17510497e23093cbe7
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef
c11f0fbdba797c464433ff6dce1f91cf3dbad181c8143c0a4d80b861e37b2099
c1fa42f83754d24e2a0d6bfae41cd7ea7719dd873730e064fdc3c7f5d118e1bb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23814e7b238180ab5d0245f1aa2f19dac5cabfcb8400aee5055449116372cf1
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c4cb5613ba7318461126fba439ee1419b0eee6a5d4c1ab9bf2053162d777d704
c6e545e24635f74a7360f9fa4e05d273273141d0f83b2c2bb46005e0973555c1
c89d1d95ab3ef9661e764e375d3b7c4bf7d73cf7866440525d7b2c13d1d22341
c8d1acf8e5782331b71a97621affaaf65e2d2a9e733f9c02caa726ed823be817
c97186118215214f3eea98b861927156a00ca3b99954ee222d64a5ffb04d27ed
c9b0a498f37b5113cff3acfeeb6ee83e2d5b6108220032d05879e8bce859bf31
caae280c384cae1dd48233f1d4052f0b04290a595225e19b548a1baa40a92031
cb3454f90458ee2f2abe7da33680bbffa9869baf7a6e6e39783947fb5db31b16
cc06e0839b8c3e8054a4daaba2fa9ed5a4d0d509a3ffbe3799cc749f7bc4720c
cc557ffba117644ca4ed3fe18aa987c4340ab71565837212d8e01e3d93c4343d
ce799d7bc760fc9e754dc9fc5c389aa86e2cdaf1a2a92018783df01ddcd86830
ce982f79f63427f8b7961fdf254d16f60916e1e3371eeb616e4bfa41c1327db1
cf1707f3eece048458b777c3236c0752b54c10e38a73ce20446787043ba7d21c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9943b3977b82cf600a6f65fa5d70980f7c2d23f44131bdb3d46aa77c342763
d0b5320c7ee495ef362d6eec85659531382dd2b993fa5154d12bfec51a6296e9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d276a15e3ce37edd1e9fd367aeddd27ce6e323fbfbc9157fa35f956e31712e66
d3eeac4d89ad1bbcf137266bc9314e17ba275949379e3309075d44b181b4b474
d40a0ab8108e895639accd4a0064bdfd281e307283b65ca7501bb1ae133b1c20
d5fa319730855f1500551c683a8671077e496d97923d774e1da5ac667a5df20b
d70e65e486e2615bb9e6f9dde12aa69b3a433ff505ff382b4a041dd1c5e037cb
d7816b2f5589a2e2b401e3472ffdb40de5ef77e03de40f27e854de8572e02825
d9c9b9f80c7fbdcc2ef6abe5d2182e9891d6f273830b00a744d05552a21b896f
da0f8c900f4f75a593407f0736f9a16cec0632b8a7f196f6e12a3697b4a9091a
dc45727e3734439af1a0e348df7058649a85c393ddadf68e780fe5545efb8dc5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd321da9fbfb2751ef37064414b32f455ae4e64bfdcfc7c89f9681b163dca0fb
ddfb872eca3ef18e312ddb7986b7b0b68bf1ab057461430e16d398b02ac47898
de3bcc9160d6bfda6fa63afeacf534c415d24859eb3b670acc3410b30cd9826e
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
de97bcd9a0c9fdf340d6f6a327a4193297152a68d1ca6181c84cd31cef4d6e4a
e159793d0995ec33447cd89926dc1d44b9e8fb080cf3a6e114b9ff89f7fe6820
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e25ddc90a3feb20d2bd913c7cbf436afe96f5086a764f32129de8837d214c676
e25de9aa65b33a5ff0b079694d5de44784e77ac4d1967ebf0fed6c5ce04bbcd2
e3128fd91777357710fb63bda44f0272e4d48595bf281722d9087d3f51f3134d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4168186be7967ce91530be5fbdbef469fce9622f1f93a6e340c7fd8b5d1961d
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ea7c08207bf016c414051b132152afb005bfd6cd3382b95987fb70ee6a96e2db
eaece72a7fee3c7ca65305b9d8c14e19c81ffe68c00251b0e2c1d1f14509453f
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ebaaa00d7a0d03e309230bc91cf4b9e6994130b9170786840315da05a04aac94
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f116b3f716b35000be63c8696a5944572939d85bb21f97672a7eaa1405b543f7
f12903e34288b0d00155509c6613edeac90845f72477db0f41046662f79a63aa
f2e506de19b8f52d1951499528dd412a4edd7ec5eaefa47adf32383745225abe
f429d3c71afd0c066d9eeb66b79ebf2eb98aa6d77a7f6cbbb6984de866aeaa18
f5acd0aa566dec1ad45d98f2273ca40d08290443b2d86b04cc296872f3602db5
f6f5242e20b67243404b02996af01df7047f6202abfb1f546a0c72e37550502f
f714130a5f0c8f66d5df83b9c3104bcf024f146086b51ed78e1d2d6c21c962e2
f81ae1bbf5d4e057ee84aa00d20d6af30d01c9354b2f9f1f2a6dd4a664e75334
f9797abd3809d6d1acdc3904d2f9de8661aaeba998398a8b3d24c1b42e78962b
fbb4e1347ffc3ebb35ff7c8614b6ee852ea348d98f8b4a949cc7d2abe5b99c8a
fbf07492eb95dd36d31ed9b6b403ed41fbd048231b8a75dd0cadaa4e27004f13
fc75311bf80a77f040c7e159661eb5b716ab15938679e4c53570b80438e2f73f
fc9cca5813eabe10860ec9e297cc211a4915fb4e9d389f162db747f5d81c1d0a
fe70e2ecab0cff436ec5c30952cfcc1219cacd05fee4c0c6672c35f2931aa284
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6