urlscan.io logo urlscan.io
SecurityTrails logo

warning.rt.ru Open in urlscan Pro
95.167.13.51  Public Scan

Go To Rescan Add Verdict Report
URL: http://warning.rt.ru/
Submission: On May 02 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 27 HTTP transactions. The main IP is 95.167.13.51, located in Russian Federation and belongs to ROSTELECOM-AS, RU. The main domain is warning.rt.ru.
This is the only time warning.rt.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 95.167.13.51 12389 (ROSTELECO...)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 13238 (YANDEX)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 185.15.175.147 43226 (SAFEDATA ...)
1 185.15.175.137 43226 (SAFEDATA ...)
1 172.217.18.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 185.15.175.134 43226 (SAFEDATA ...)
2 31.172.81.197 44066 (DE-FIRSTC...)
2 3 31.172.81.172 44066 (DE-FIRSTC...)
2 2 31.172.81.159 44066 (DE-FIRSTC...)
1 31.172.81.158 44066 (DE-FIRSTC...)
1 195.181.175.52 60068 (CDN77)
27 16
1    95.167.13.51 (Russian Federation)

ASN12389 (ROSTELECOM-AS, RU)
warning.rt.ru
2    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    185.15.175.147 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
tag.digitaltarget.ru
1    185.15.175.137 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
fn.rt.ru
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
www.googleadservices.com
1    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    185.15.175.134 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
2    31.172.81.197 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
static.terratraf.io
3    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
1    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
synce.user-red.com
1    195.181.175.52 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-52.datapacket.com
static.user-red.com
Domain Requested by
7 mc.yandex.ru 3 redirects warning.rt.ru
4 dmg.digitaltarget.ru 2 redirects warning.rt.ru
4 www.google-analytics.com 2 redirects warning.rt.ru
www.googletagmanager.com
3 sync.bumlam.com 2 redirects warning.rt.ru
3 tag.digitaltarget.ru www.googletagmanager.com
tag.digitaltarget.ru
3 www.google.de warning.rt.ru
3 www.google.com 2 redirects warning.rt.ru
2 sync3.adsniper.ru 2 redirects
2 static.terratraf.io fn.rt.ru
static.terratraf.io
2 stats.g.doubleclick.net 2 redirects
2 www.googletagmanager.com warning.rt.ru
www.googletagmanager.com
1 static.user-red.com static.terratraf.io
1 synce.user-red.com static.terratraf.io
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 fn.rt.ru www.googletagmanager.com
1 warning.rt.ru
0 sync.ndazara.com Failed static.terratraf.io
27 18

This site contains links to these domains. Also see Links.

Domain
eais.rkn.gov.ru
nap.rkn.gov.ru
398-fz.rkn.gov.ru
97-fz.rkn.gov.ru
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
tag.digitaltarget.ru
Let's Encrypt Authority X3		 2020-03-16 -
2020-06-14		 3 months crt.sh
fn.rt.ru
Thawte RSA CA 2018		 2019-11-05 -
2021-01-03		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
dmg.digitaltarget.ru
Let's Encrypt Authority X3		 2020-04-27 -
2020-07-26		 3 months crt.sh
*.terratraf.io
Let's Encrypt Authority X3		 2020-02-05 -
2020-05-05		 3 months crt.sh
*.bumlam.com
Let's Encrypt Authority X3		 2020-04-23 -
2020-07-22		 3 months crt.sh
*.user-red.com
Let's Encrypt Authority X3		 2020-04-20 -
2020-07-19		 3 months crt.sh
1287019763.rsc.cdn77.org
Let's Encrypt Authority X3		 2020-03-14 -
2020-06-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://warning.rt.ru/
Frame ID: E80E515E467C53D1977C19F40869B1A9
Requests: 26 HTTP requests in this frame

Frame: https://static.user-red.com/engine/id.html?service=https%3A%2F%2Fsynce.user-red.com&code=2d0382aa-8c52-11ea-86e0-002590c0647c_1588409515
Frame ID: E6C5A511EE88C420D6FC7369A4A40473
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

27
Requests

93 %
HTTPS

41 %
IPv6

14
Domains

18
Subdomains

16
IPs

4
Countries

196 kB
Transfer

468 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 2
  • http://mc.yandex.ru/metrika/watch.js HTTP 301
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 3
  • http://www.google-analytics.com/r/collect?v=1&_v=j81&a=1975509359&t=pageview&_s=1&dl=http%3A%2F%2Fwarning.rt.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=139052590&gjid=1914716959&cid=691376855.1588409515&tid=UA-53335193-1&_gid=1687055057.1588409515&_r=1&z=972473726 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1975509359&t=pageview&_s=1&dl=http%3A%2F%2Fwarning.rt.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=139052590&gjid=1914716959&cid=691376855.1588409515&tid=UA-53335193-1&_gid=1687055057.1588409515&_r=1&z=972473726 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-53335193-1&cid=691376855.1588409515&jid=139052590&_gid=1687055057.1588409515&gjid=1914716959&_v=j81&z=972473726 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53335193-1&cid=691376855.1588409515&jid=139052590&_v=j81&z=972473726 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53335193-1&cid=691376855.1588409515&jid=139052590&_v=j81&z=972473726&slf_rd=1&random=139467508
Request Chain 8
  • http://www.google-analytics.com/r/collect?v=1&_v=j81&a=1975509359&t=pageview&_s=1&dl=http%3A%2F%2Fwarning.rt.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEAB~&jid=987825967&gjid=111950722&cid=691376855.1588409515&tid=UA-28712205-5&_gid=1687055057.1588409515&_r=1&gtm=2wg4m0PBFVGDW&z=812615011 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1975509359&t=pageview&_s=1&dl=http%3A%2F%2Fwarning.rt.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEAB~&jid=987825967&gjid=111950722&cid=691376855.1588409515&tid=UA-28712205-5&_gid=1687055057.1588409515&_r=1&gtm=2wg4m0PBFVGDW&z=812615011 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28712205-5&cid=691376855.1588409515&jid=987825967&_gid=1687055057.1588409515&gjid=111950722&_v=j81&z=812615011 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28712205-5&cid=691376855.1588409515&jid=987825967&_v=j81&z=812615011 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28712205-5&cid=691376855.1588409515&jid=987825967&_v=j81&z=812615011&slf_rd=1&random=2557993655
Request Chain 14
  • https://dmg.digitaltarget.ru/1/6384/i/i?i=990585865942735.60195623170163&c=xdua:du59TBskHC2Wq4hq2HSxBfMU.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmjs_init%20adcmjs_noorient.cr: HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/6384/i/i?call_source=awg&i=990585865942735.60195623170163&c=xdua:du59TBskHC2Wq4hq2HSxBfMU.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmjs_init%20adcmjs_noorient.cr:
Request Chain 15
  • https://mc.yandex.ru/watch/25730126?wmode=7&page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200502105155%3Aet%3A1588409516%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A304983744%3Ahid%3A913245430%3Ads%3A37%2C6%2C92%2C1%2C0%2C0%2C0%2C19%2C0%2C%2C%2C%2C158%3Afp%3A175%3Awn%3A19008%3Ahl%3A2%3Agdpr%3A14%3Av%3A1850%3Ast%3A1588409516%3Au%3A158840951669638967%3At%3A%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD HTTP 302
  • https://mc.yandex.ru/watch/25730126/1?wmode=7&page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200502105155%3Aet%3A1588409516%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A304983744%3Ahid%3A913245430%3Ads%3A37%2C6%2C92%2C1%2C0%2C0%2C0%2C19%2C0%2C%2C%2C%2C158%3Afp%3A175%3Awn%3A19008%3Ahl%3A2%3Agdpr%3A14%3Av%3A1850%3Ast%3A1588409516%3Au%3A158840951669638967%3At%3A%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD
Request Chain 19
  • https://dmg.digitaltarget.ru/1/7120/i/i?i=827737758653822.620756238605529&c=xdua:duLgQJxd2CLVKmkBaAPReen7.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmjs_init%20dso__1pmn3gvzx%20adcmjs_noorient.cr: HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7120/i/i?call_source=awg&i=827737758653822.620756238605529&c=xdua:duLgQJxd2CLVKmkBaAPReen7.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmjs_init%20dso__1pmn3gvzx%20adcmjs_noorient.cr:
Request Chain 21
  • https://sync.bumlam.com/?src=etg1 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABir6bT1BVIFq_at1wM* HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARir6bT1BVIFq_at1wOiARAtDLRMjFIR6qbpACWQyCQ3 HTTP 302
  • https://sync.bumlam.com/?src=etg1&s_data=CAIQABir6bT1BaIBEC0MtEyMUhHqpukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=etg1&s_data=CAIQARir6bT1BaIBEC0MtEyMUhHqpukAJZDIJDc*
Request Chain 25
  • https://mc.yandex.ru/watch/25730126?page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200502105210%3Aet%3A1588409531%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A136%3Arn%3A58179990%3Ahid%3A913245430%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1850%3Ast%3A1588409531%3Au%3A158840951669638967 HTTP 302
  • https://mc.yandex.ru/watch/25730126/1?page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200502105210%3Aet%3A1588409531%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A136%3Arn%3A58179990%3Ahid%3A913245430%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1850%3Ast%3A1588409531%3Au%3A158840951669638967

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
warning.rt.ru/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://warning.rt.ru/
Protocol
HTTP/1.1
Server
95.167.13.51 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
85d720a03028d0c21be6ef6465d9c86d90f102453bc1b9549aa523b0425f3e54

Request headers

Host
warning.rt.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Server
Apache/2.2.15 (CentOS)
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
gtm.js
www.googletagmanager.com/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PBFVGDW
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd2f935d45e9d56f2712ff355a82c66313925b969b18e3242927f1ac84d11099
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 08:51:55 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25518
x-xss-protection
0
last-modified
Sat, 02 May 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 May 2020 08:51:55 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
800
date
Sat, 02 May 2020 08:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18174
expires
Sat, 02 May 2020 10:38:35 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18b4d3e3e996bd9a9a1ae4959836e1f47e3d1e5296a3c01606c55a7d3ca21d74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Content-Encoding
br
Last-Modified
Tue, 28 Apr 2020 11:04:11 GMT
Server
nginx/1.14.2
ETag
"5ea80dab-9f17"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40727
Expires
Sat, 02 May 2020 09:51:55 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Date
Sat, 02 May 2020 08:51:55 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Length
185
Content-Type
text/html
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j81&a=1975509359&t=pageview&_s=1&dl=http%3A%2F%2Fwarning.rt.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%...
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1975509359&t=pageview&_s=1&dl=http%3A%2F%2Fwarning.rt.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-53335193-1&cid=691376855.1588409515&jid=139052590&_gid=1687055057.1588409515&gjid=1914716959&_v=j81&z=972473726
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53335193-1&cid=691376855.1588409515&jid=139052590&_v=j81&z=972473726
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53335193-1&cid=691376855.1588409515&jid=139052590&_v=j81&z=972473726&slf_rd=1&random=139467508
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53335193-1&cid=691376855.1588409515&jid=139052590&_v=j81&z=972473726&slf_rd=1&random=139467508
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 May 2020 08:51:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 May 2020 08:51:55 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53335193-1&cid=691376855.1588409515&jid=139052590&_v=j81&z=972473726&slf_rd=1&random=139467508
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBFVGDW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
800
date
Sat, 02 May 2020 08:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18174
expires
Sat, 02 May 2020 10:38:35 GMT
adcm.js
tag.digitaltarget.ru/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/adcm.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBFVGDW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
a449f38db2243aae063f2ecda0059d0e6d827b719724791964aa2aba62ea1a74

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Last-Modified
Mon, 27 Apr 2020 11:24:59 GMT
Server
nginx
ETag
"5ea6c10b-bc8"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3016
js
www.googletagmanager.com/gtag/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-874607136
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBFVGDW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
423104c93d2e4b1b6c18c3a7c88641c94ab5a06863f25bb2ea9da020b1347ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 08:51:55 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30217
x-xss-protection
0
last-modified
Sat, 02 May 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 May 2020 08:51:55 GMT
rtk.js
fn.rt.ru/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fn.rt.ru/rtk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBFVGDW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.137 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
c50e19bdfb6e4deb44b9ebd79bb6f26711e1708332953bd17adf59a74f511298

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Last-Modified
Wed, 18 Mar 2020 14:31:59 GMT
Server
nginx
ETag
"5e7230df-41c"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1052
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j81&a=1975509359&t=pageview&_s=1&dl=http%3A%2F%2Fwarning.rt.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%...
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1975509359&t=pageview&_s=1&dl=http%3A%2F%2Fwarning.rt.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28712205-5&cid=691376855.1588409515&jid=987825967&_gid=1687055057.1588409515&gjid=111950722&_v=j81&z=812615011
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28712205-5&cid=691376855.1588409515&jid=987825967&_v=j81&z=812615011
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28712205-5&cid=691376855.1588409515&jid=987825967&_v=j81&z=812615011&slf_rd=1&random=2557993655
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28712205-5&cid=691376855.1588409515&jid=987825967&_v=j81&z=812615011&slf_rd=1&random=2557993655
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 May 2020 08:51:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 May 2020 08:51:55 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-28712205-5&cid=691376855.1588409515&jid=987825967&_v=j81&z=812615011&slf_rd=1&random=2557993655
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-874607136
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
28f07389552cf9e3557433f06cf63d9cf59e406f6aace98f63ba8220bb6095a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 08:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
10743
x-xss-protection
0
server
cafe
etag
10886962978695911934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 May 2020 08:51:55 GMT
processor.js
tag.digitaltarget.ru/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/processor.js?i=953188779202096
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
4a87e32c8021d357077f6cc6a13aac85733329429f9ba3ae6e204708c4c7bd5f

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Last-Modified
Mon, 27 Apr 2020 11:24:59 GMT
Server
nginx
ETag
"5ea6c10b-3b56"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15190
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/874607136/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/874607136/?random=1588409515547&cv=9&fst=1588409515547&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwarning.rt.ru%2F&tiba=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5419fe0af8c504928954dd889ef9ae40432263cde871e8d2e470ce31c7fec447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 May 2020 08:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1044
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/874607136/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/874607136/?random=1588409515547&cv=9&fst=1588406400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4m0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwarning.rt.ru%2F&tiba=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&async=1&fmt=3&is_vtc=1&random=908161318&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 May 2020 08:51:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/874607136/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/874607136/?random=1588409515547&cv=9&fst=1588406400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa4m0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwarning.rt.ru%2F&tiba=%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD&async=1&fmt=3&is_vtc=1&random=908161318&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 May 2020 08:51:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
dmg.digitaltarget.ru/awg/custom/6384/i/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/6384/i/i?i=990585865942735.60195623170163&c=xdua:du59TBskHC2Wq4hq2HSxBfMU.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmjs_init%20adcmjs_noorient.cr:
  • https://dmg.digitaltarget.ru/awg/custom/6384/i/i?call_source=awg&i=990585865942735.60195623170163&c=xdua:du59TBskHC2Wq4hq2HSxBfMU.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmj...
49 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/6384/i/i?call_source=awg&i=990585865942735.60195623170163&c=xdua:du59TBskHC2Wq4hq2HSxBfMU.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmjs_init%20adcmjs_noorient.cr:
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:50 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
image/gif
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Request-Time
2
Content-Length
64
X-Content-Type-Options
nosniff

Redirect headers

Date
Sat, 02 May 2020 08:51:49 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Location
https://dmg.digitaltarget.ru/awg/custom/6384/i/i?call_source=awg&i=990585865942735.60195623170163&c=xdua:du59TBskHC2Wq4hq2HSxBfMU.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmjs_init%20adcmjs_noorient.cr:
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
1
mc.yandex.ru/watch/25730126/
Redirect Chain
  • https://mc.yandex.ru/watch/25730126?wmode=7&page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101...
  • https://mc.yandex.ru/watch/25730126/1?wmode=7&page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136261...
152 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/25730126/1?wmode=7&page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200502105155%3Aet%3A1588409516%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A304983744%3Ahid%3A913245430%3Ads%3A37%2C6%2C92%2C1%2C0%2C0%2C0%2C19%2C0%2C%2C%2C%2C158%3Afp%3A175%3Awn%3A19008%3Ahl%3A2%3Agdpr%3A14%3Av%3A1850%3Ast%3A1588409516%3Au%3A158840951669638967%3At%3A%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d87eaa1e07d6b0f6114b9615a06f543d2d27060166f8b75c2229488085c5b79b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 May 2020 08:51:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 02-May-2020 08:51:55 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://warning.rt.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Sat, 02-May-2020 08:51:55 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 May 2020 08:51:55 GMT
Last-Modified
Sat, 02-May-2020 08:51:55 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://warning.rt.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/25730126/1?wmode=7&page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200502105155%3Aet%3A1588409516%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A304983744%3Ahid%3A913245430%3Ads%3A37%2C6%2C92%2C1%2C0%2C0%2C0%2C19%2C0%2C%2C%2C%2C158%3Afp%3A175%3Awn%3A19008%3Ahl%3A2%3Agdpr%3A14%3Av%3A1850%3Ast%3A1588409516%3Au%3A158840951669638967%3At%3A%D0%94%D0%BE%D1%81%D1%82%D1%83%D0%BF%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B5%D0%BD
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sat, 02-May-2020 08:51:55 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 02 May 2020 09:51:55 GMT
GP.js
static.terratraf.io/engine/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.terratraf.io/engine/GP.js
Requested by
Host: fn.rt.ru
URL: https://fn.rt.ru/rtk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
31.172.81.197 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
b22e3298dff58954e7f5426404ba85360a26b7a31f5d4c1f2b6da7f7407cb98d

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Apr 2020 12:49:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
processor.js
tag.digitaltarget.ru/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/processor.js?i=529997747579588
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
4a87e32c8021d357077f6cc6a13aac85733329429f9ba3ae6e204708c4c7bd5f

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Last-Modified
Mon, 27 Apr 2020 11:24:59 GMT
Server
nginx
ETag
"5ea6c10b-3b56"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15190
i
dmg.digitaltarget.ru/awg/custom/7120/i/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/7120/i/i?i=827737758653822.620756238605529&c=xdua:duLgQJxd2CLVKmkBaAPReen7.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmjs_init%20dso__1pmn3gvzx%...
  • https://dmg.digitaltarget.ru/awg/custom/7120/i/i?call_source=awg&i=827737758653822.620756238605529&c=xdua:duLgQJxd2CLVKmkBaAPReen7.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcm...
49 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/7120/i/i?call_source=awg&i=827737758653822.620756238605529&c=xdua:duLgQJxd2CLVKmkBaAPReen7.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmjs_init%20dso__1pmn3gvzx%20adcmjs_noorient.cr:
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:50 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
image/gif
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Request-Time
2
Content-Length
64
X-Content-Type-Options
nosniff

Redirect headers

Date
Sat, 02 May 2020 08:51:49 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Location
https://dmg.digitaltarget.ru/awg/custom/7120/i/i?call_source=awg&i=827737758653822.620756238605529&c=xdua:duLgQJxd2CLVKmkBaAPReen7.xps:xpsc6IdgUCl3Iuwz61N2Q8hVk.dn:warning__rt__ru.dn:rt__ru.tg:adcmjs_init%20dso__1pmn3gvzx%20adcmjs_noorient.cr:
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
10001F44.js
static.terratraf.io/GP/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.terratraf.io/GP/10001F44.js
Requested by
Host: static.terratraf.io
URL: https://static.terratraf.io/engine/GP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
31.172.81.197 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
01c3ea2bbcb946a35aea4f5c17fb51669403e63acc1325dec3c3cea377acf35d

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Apr 2020 13:27:13 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
/
sync.bumlam.com/
Redirect Chain
  • https://sync.bumlam.com/?src=etg1
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABir6bT1BVIFq_at1wM*
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARir6bT1BVIFq_at1wOiARAtDLRMjFIR6qbpACWQyCQ3
  • https://sync.bumlam.com/?src=etg1&s_data=CAIQABir6bT1BaIBEC0MtEyMUhHqpukAJZDIJDc*
  • https://sync.bumlam.com/?src=etg1&s_data=CAIQARir6bT1BaIBEC0MtEyMUhHqpukAJZDIJDc*
66 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.bumlam.com/?src=etg1&s_data=CAIQARir6bT1BaIBEC0MtEyMUhHqpukAJZDIJDc*
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
670231ea997eb20265d38a03a0cedd8c783181af073df8c3f3a9bb42dabbebf6

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
application/javascript
Content-Length
66
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Sat, 02 May 2020 08:51:55 GMT
Server
nginx
ETag
2d0cb44c-8c52-11ea-a6e9-002590c82437
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=etg1&s_data=CAIQARir6bT1BaIBEC0MtEyMUhHqpukAJZDIJDc*
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
/
synce.user-red.com/ 		66 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://synce.user-red.com/
Requested by
Host: static.terratraf.io
URL: https://static.terratraf.io/GP/10001F44.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
cc094a5f1f621c7ea4d1b43f6a782979b738784aca5daef76344912284e922bd

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 08:51:55 GMT
Last-Modified
Sat, 02 May 2020 08:51:55 GMT
Server
nginx
Etag
2d0382aa-8c52-11ea-86e0-002590c0647c_1588409515
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
application/javascript
Content-Length
66
Expires
Tue, 01 Dec 2030 16:00:00 GMT
id.html
static.user-red.com/engine/ Frame E6C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.user-red.com/engine/id.html?service=https%3A%2F%2Fsynce.user-red.com&code=2d0382aa-8c52-11ea-86e0-002590c0647c_1588409515
Requested by
Host: static.terratraf.io
URL: https://static.terratraf.io/GP/10001F44.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash

Request headers

:method
GET
:authority
static.user-red.com
:scheme
https
:path
/engine/id.html?service=https%3A%2F%2Fsynce.user-red.com&code=2d0382aa-8c52-11ea-86e0-002590c0647c_1588409515
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://warning.rt.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
etaguid=2d0382aa-8c52-11ea-86e0-002590c0647c_1588409515
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://warning.rt.ru/

Response headers

status
200
date
Sat, 02 May 2020 08:51:56 GMT
content-type
text/html
last-modified
Wed, 21 Jun 2017 10:00:05 GMT
etag
W/"594a43a5-654"
access-control-allow-origin
*
access-control-allow-headers
*
server
CDN77-Turbo
x-edge-ip
195.181.175.50
x-edge-location
frankfurtDE
x-cache
HIT
x-age
422980
content-encoding
br
check.js
sync.ndazara.com/ 		0
0
1
mc.yandex.ru/watch/25730126/
Redirect Chain
  • https://mc.yandex.ru/watch/25730126?page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3...
  • https://mc.yandex.ru/watch/25730126/1?page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1...
43 B
444 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/25730126/1?page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200502105210%3Aet%3A1588409531%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A136%3Arn%3A58179990%3Ahid%3A913245430%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1850%3Ast%3A1588409531%3Au%3A158840951669638967
Requested by
Host: warning.rt.ru
URL: http://warning.rt.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://warning.rt.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 May 2020 08:52:10 GMT
Last-Modified
Sat, 02-May-2020 08:52:10 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Sat, 02-May-2020 08:52:10 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 May 2020 08:52:10 GMT
Last-Modified
Sat, 02-May-2020 08:52:10 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://warning.rt.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/25730126/1?page-url=http%3A%2F%2Fwarning.rt.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1588409515163%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200502105210%3Aet%3A1588409531%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A136%3Arn%3A58179990%3Ahid%3A913245430%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1850%3Ast%3A1588409531%3Au%3A158840951669638967
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sat, 02-May-2020 08:52:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.ndazara.com
URL
https://sync.ndazara.com/check.js?uid=2d0382aa-8c52-11ea-86e0-002590c0647c_1588409515&cid=10001F44&sid=25574374-d226-427c-9614-c0ac5efd7576&UserID=dso__1pmn3gvzx

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| adcm_config object| adcm function| gtag function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Ya object| yaCounter25730126 function| getCookie function| get_user_id object| script string| user_id object| script2 object| generalPixel object| tfData object| adsnData string| _userCode

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dmg.digitaltarget.ru
fn.rt.ru
googleads.g.doubleclick.net
mc.yandex.ru
static.terratraf.io
static.user-red.com
stats.g.doubleclick.net
sync.bumlam.com
sync.ndazara.com
sync3.adsniper.ru
synce.user-red.com
tag.digitaltarget.ru
warning.rt.ru
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
sync.ndazara.com
172.217.18.98
185.15.175.134
185.15.175.137
185.15.175.147
195.181.175.52
2a00:1450:4001:809::200e
2a00:1450:4001:814::2003
2a00:1450:4001:819::2002
2a00:1450:4001:819::2004
2a00:1450:4001:824::2008
2a00:1450:400c:c0c::9d
2a02:6b8::1:119
31.172.81.158
31.172.81.159
31.172.81.172
31.172.81.197
95.167.13.51
01c3ea2bbcb946a35aea4f5c17fb51669403e63acc1325dec3c3cea377acf35d
18b4d3e3e996bd9a9a1ae4959836e1f47e3d1e5296a3c01606c55a7d3ca21d74
28f07389552cf9e3557433f06cf63d9cf59e406f6aace98f63ba8220bb6095a5
423104c93d2e4b1b6c18c3a7c88641c94ab5a06863f25bb2ea9da020b1347ddd
4a87e32c8021d357077f6cc6a13aac85733329429f9ba3ae6e204708c4c7bd5f
5419fe0af8c504928954dd889ef9ae40432263cde871e8d2e470ce31c7fec447
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
670231ea997eb20265d38a03a0cedd8c783181af073df8c3f3a9bb42dabbebf6
85d720a03028d0c21be6ef6465d9c86d90f102453bc1b9549aa523b0425f3e54
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
a449f38db2243aae063f2ecda0059d0e6d827b719724791964aa2aba62ea1a74
b22e3298dff58954e7f5426404ba85360a26b7a31f5d4c1f2b6da7f7407cb98d
bd2f935d45e9d56f2712ff355a82c66313925b969b18e3242927f1ac84d11099
c50e19bdfb6e4deb44b9ebd79bb6f26711e1708332953bd17adf59a74f511298
cc094a5f1f621c7ea4d1b43f6a782979b738784aca5daef76344912284e922bd
d87eaa1e07d6b0f6114b9615a06f543d2d27060166f8b75c2229488085c5b79b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629