urlscan.io logo urlscan.io
SecurityTrails logo

theins.ru Open in urlscan Pro
2606:4700:10::6816:2f68  Public Scan

Go To Rescan Add Verdict Report
URL: https://theins.ru/news/246918
Submission: On December 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 9 countries across 56 domains to perform 225 HTTP transactions. The main IP is 2606:4700:10::6816:2f68, located in United States and belongs to CLOUDFLARENET, US. The main domain is theins.ru.
TLS certificate: Issued by R3 on November 8th 2021. Valid for: 3 months.
This is the only time theins.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2606:4700:10:... 13335 (CLOUDFLAR...)
1 10 2a02:6b8:20::215 208722 (YNDX)
3 2a02:6b8:a::a 208722 (YNDX)
1 88.99.234.26 24940 (HETZNER-AS)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 22 2a02:6b8::1:119 208722 (YNDX)
2 2a00:1450:400... 15169 (GOOGLE)
2 9 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 23.111.211.20 7979 (SERVERS-COM)
5 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6b8::16b 208722 (YNDX)
2 2a00:1148:db0... 47764 (MAILRU-AS...)
3 5 188.42.29.166 7979 (SERVERS-COM)
1 195.201.152.110 24940 (HETZNER-AS)
1 185.184.8.65 204995 (RTB-HOUSE...)
2 3 193.232.150.150 48061 (UMA-TECH-AS)
3 2a02:2638::3 44788 (ASN-CRITE...)
1 3 159.69.64.121 24940 (HETZNER-AS)
1 2a0c:5c81:514... 55081 (24SHELLS)
2 3 138.201.34.239 24940 (HETZNER-AS)
1 195.209.111.22 52007 (ADRIVER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 23.111.115.92 7979 (SERVERS-COM)
3 23.111.115.244 7979 (SERVERS-COM)
2 178.250.2.131 44788 (ASN-CRITE...)
2 9 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 23.111.119.12 7979 (SERVERS-COM)
1 178.250.2.146 44788 (ASN-CRITE...)
1 80.64.106.150 20764 (RASCOM-AS...)
1 3 195.209.108.37 52007 (ADRIVER-AS)
1 23.111.115.236 7979 (SERVERS-COM)
2 176.99.5.169 49352 (LOGOL-AS)
1 135.125.160.160 16276 (OVH)
1 3 188.34.131.134 24940 (HETZNER-AS)
1 4 185.15.175.133 43226 (SAFEDATA ...)
1 37.157.2.239 198622 (ADFORM)
1 2 185.94.180.126 35220 (SPOTX-AMS)
2 95.181.171.233 50214 (QWARTA)
16 2a02:6b8::90 208722 (YNDX)
4 2a00:1450:400... 15169 (GOOGLE)
2 14 195.201.243.72 24940 (HETZNER-AS)
2 81.222.128.213 20597 (ELTEL-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 194.190.117.94 204600 (REPUBLER-AS)
4 6 31.172.81.160 44066 (DE-FIRSTC...)
3 3 31.172.81.158 44066 (DE-FIRSTC...)
1 37.18.103.16 205675 (HYBRID-AS)
2 185.15.175.134 43226 (SAFEDATA ...)
1 195.201.106.117 24940 (HETZNER-AS)
1 1 142.250.185.66 15169 (GOOGLE)
1 1 109.248.237.37 201009 (SUPPORTIT-AS)
1 95.211.66.35 60781 (LEASEWEB-...)
1 95.163.37.253 47764 (MAILRU-AS...)
1 2 88.99.149.88 24940 (HETZNER-AS)
1 1 80.64.106.148 20764 (RASCOM-AS...)
1 1 5.200.44.35 48096 (ITGRAD)
1 1 37.9.245.57 16345 (BEE-AS Ru...)
1 2 89.108.97.2 197695 (AS-REG)
2 2 35.190.16.14 15169 (GOOGLE)
4 4 217.66.147.168 29209 (SPBMTS-AS...)
2 2 213.87.44.187 13174 (MTSNET Mo...)
2 3 89.108.119.43 197695 (AS-REG)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 217.65.2.150 29076 (CITYTELEC...)
1 93.95.102.105 48347 (MTW-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a02:6b8::1be 208722 (YNDX)
1 23.111.109.220 7979 (SERVERS-COM)
1 2a02:6b8::5:114 208722 (YNDX)
1 1 2a02:6b8::2:94 208722 (YNDX)
1 2a02:6b8:0:70... 208722 (YNDX)
9 2a02:6b8::184 208722 (YNDX)
2 3 142.250.185.162 15169 (GOOGLE)
225 71
14    2606:4700:10::6816:2f68 (United States)

ASN13335 (CLOUDFLARENET, US)
theins.ru
api.theins.ru
10    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
3    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
1    88.99.234.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: digitalcaramel.com
ads.digitalcaramel.com
13    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    2606:4700:10::6816:2e68 (United States)

ASN13335 (CLOUDFLARENET, US)
api.theins.ru
2    23.111.211.20 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ru.viadata.store
5    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
matchid.adfox.yandex.ru
2    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
5    188.42.29.166 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    195.201.152.110 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.110.152.201.195.clients.your-server.de
yhb.p.otm-r.com
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
adfox-c2s-ams.creativecdn.com
3    193.232.150.150 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp17.sender.ltmse.com
px.adhigh.net
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    159.69.64.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1397441.sapientru.net
ssp-rtb.sape.ru
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
hb.adtelligent.com
3    138.201.34.239 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.239.34.201.138.clients.your-server.de
exchange.buzzoola.com
1    195.209.111.22 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
pb.adriver.ru
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    23.111.115.92 (Russian Federation)

ASN7979 (SERVERS-COM, US)
cdn.viadata.store
3    23.111.115.244 (Russian Federation)

ASN7979 (SERVERS-COM, US)
logs.viadata.store
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
9    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
0afd0127cab5ef367cb1adc81eafdad5.safeframe.googlesyndication.com
1    23.111.119.12 (Russian Federation)

ASN7979 (SERVERS-COM, US)
pl.viadata.store
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    80.64.106.150 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr5.rutarget.ru
clientside-video-bidder.rutarget.ru
3    195.209.108.37 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
1    23.111.115.236 (Russian Federation)

ASN7979 (SERVERS-COM, US)
rtb-msk-2.viadata.store
2    176.99.5.169 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d41257.acod.regrucolo.ru
vtg1.rktch.com
1    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
n.dyntrk.com
3    188.34.131.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de
adx.com.ru
4    185.15.175.133 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
1    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    95.181.171.233 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv233.qwarta.ru
cdn-rtb.sape.ru
16    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
jstracer.yandex.ru
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
14    195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info
www.acint.net
acint.net
2    81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru
ssp.adriver.ru
1    2606:4700:3039::6815:c09a (United States)

ASN13335 (CLOUDFLARENET, US)
a.utraff.com
2    194.190.117.94 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru
sync.republer.com
6    31.172.81.160 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
3    31.172.81.158 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
1    37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm-eu.hybrid.ai
2    185.15.175.134 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
tag.digitaltarget.ru
1    195.201.106.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.106.201.195.clients.your-server.de
sync.dmp.otm-r.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
1    109.248.237.37 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)
stat.adlabs.ru
1    95.211.66.35 (Purmer, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
adlmerge.com
1    95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io
relap.io
2    88.99.149.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3
sync.1dmp.io
1    80.64.106.148 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru
sape-sync.rutarget.ru
1    5.200.44.35 (Moscow, Russian Federation)

ASN48096 (ITGRAD, RU)
ads.adlook.me
1    37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)
0100007f764db7614d018d3a022e4263-sp.ops.beeline.ru
2    89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru
ut.rktch.com
2    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
4    217.66.147.168 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-168-147-66-217.spbmts.ru
sm.rtb.mts.ru
2    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
3    89.108.119.43 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru
x01.aidata.io
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
1    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
2    2606:4700:10::ac43:dab (United States)

ASN13335 (CLOUDFLARENET, US)
s3.advarkads.com
2    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
ads.adfox.ru
1    23.111.109.220 (Russian Federation)

ASN7979 (SERVERS-COM, US)
api.advarkads.com
1    2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
ysa-static.passport.yandex.ru
1    2a02:6b8::2:94 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
strm.yandex.ru
1    2a02:6b8:0:70d::74 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
strm-rad14.strm.yandex.net
9    2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
avatars.mds.yandex.net
3    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
26 yandex.ru
yandex.ru
mc.yandex.ru
matchid.adfox.yandex.ru
an.yandex.ru
ysa-static.passport.yandex.ru
jstracer.yandex.ru
strm.yandex.ru
453 KB
18 yandex.com
mc.yandex.com
5 KB
18 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
0afd0127cab5ef367cb1adc81eafdad5.safeframe.googlesyndication.com
246 KB
18 theins.ru
theins.ru
api.theins.ru
1 MB
14 acint.net
www.acint.net
acint.net
8 KB
14 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
137 KB
13 google.com
adservice.google.com
www.google.com
3 KB
12 viadata.store
ru.viadata.store
cdn.viadata.store
logs.viadata.store
pl.viadata.store
rtb-msk-2.viadata.store
824 KB
10 yandex.net
strm-rad14.strm.yandex.net
avatars.mds.yandex.net
1 MB
10 yastatic.net
yastatic.net
489 KB
9 google.de
adservice.google.de
www.google.de
2 KB
6 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
4 KB
6 bumlam.com
sync.bumlam.com
3 KB
6 digitaltarget.ru
dmg.digitaltarget.ru
tag.digitaltarget.ru
21 KB
6 adriver.ru
pb.adriver.ru
ad.adriver.ru
ssp.adriver.ru
13 KB
5 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
7 KB
5 sape.ru
ssp-rtb.sape.ru
cdn-rtb.sape.ru
20 KB
5 betweendigital.com
ads.betweendigital.com
3 KB
4 googleapis.com
imasdk.googleapis.com
635 KB
4 rktch.com
vtg1.rktch.com
ut.rktch.com
3 KB
4 googleadservices.com
partner.googleadservices.com
www.googleadservices.com
16 KB
3 adfox.ru
ads.adfox.ru
314 B
3 advarkads.com
s3.advarkads.com
api.advarkads.com
8 KB
3 aidata.io
x01.aidata.io
1 KB
3 adsniper.ru
sync3.adsniper.ru
2 KB
3 com.ru
adx.com.ru
628 B
3 buzzoola.com
exchange.buzzoola.com
1023 B
3 criteo.net
static.criteo.net
39 KB
3 adhigh.net
px.adhigh.net
1 KB
2 googletagservices.com
www.googletagservices.com
63 KB
2 2mdn.net
s0.2mdn.net
33 KB
2 weborama.fr
redirect.frontend.weborama.fr
501 B
2 1dmp.io
sync.1dmp.io
815 B
2 republer.com
sync.republer.com
951 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 rutarget.ru
clientside-video-bidder.rutarget.ru
sape-sync.rutarget.ru
1 KB
2 otm-r.com
yhb.p.otm-r.com
sync.dmp.otm-r.com
317 B
2 mail.ru
ad.mail.ru
1 KB
2 google-analytics.com
www.google-analytics.com
20 KB
1 gnezdo.ru
fcgi4.gnezdo.ru
188 B
1 new-programmatic.com
match.new-programmatic.com
215 B
1 uuidksinc.net
s.uuidksinc.net
206 B
1 beeline.ru
0100007f764db7614d018d3a022e4263-sp.ops.beeline.ru
635 B
1 adlook.me
ads.adlook.me
163 B
1 relap.io
relap.io
1015 B
1 adlmerge.com
adlmerge.com
115 B
1 adlabs.ru
stat.adlabs.ru
108 B
1 hybrid.ai
dm-eu.hybrid.ai
239 B
1 utraff.com
a.utraff.com
818 B
1 adform.net
cm.adform.net
106 B
1 dyntrk.com
n.dyntrk.com
215 B
1 adtelligent.com
hb.adtelligent.com
270 B
1 creativecdn.com
adfox-c2s-ams.creativecdn.com
203 B
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 digitalcaramel.com
ads.digitalcaramel.com
866 B
0 bidvol.com Failed
ssp.bidvol.com Failed
225 56
Domain Requested by
18 mc.yandex.com 2 redirects theins.ru
mc.yandex.ru
15 an.yandex.ru yandex.ru
theins.ru
www.acint.net
an.yandex.ru
13 pagead2.googlesyndication.com theins.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
srcdoc
securepubads.g.doubleclick.net
www.googletagservices.com
12 theins.ru theins.ru
10 www.acint.net 2 redirects cdn-rtb.sape.ru
www.acint.net
10 yastatic.net 1 redirects yandex.ru
yastatic.net
theins.ru
an.yandex.ru
9 avatars.mds.yandex.net
9 www.google.com 2 redirects theins.ru
tpc.googlesyndication.com
8 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
www.googleadservices.com
7 www.google.de theins.ru
6 sync.bumlam.com 4 redirects www.acint.net
6 api.theins.ru theins.ru
5 cdn.viadata.store theins.ru
cdn.viadata.store
5 ads.betweendigital.com 3 redirects yastatic.net
www.acint.net
4 sm.rtb.mts.ru 4 redirects
4 acint.net www.acint.net
4 imasdk.googleapis.com theins.ru
cdn-rtb.sape.ru
imasdk.googleapis.com
4 dmg.digitaltarget.ru 1 redirects www.acint.net
4 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
4 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
4 mc.yandex.ru 1 redirects theins.ru
yastatic.net
3 www.googleadservices.com 2 redirects yastatic.net
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
theins.ru
3 ads.adfox.ru
3 x01.aidata.io 2 redirects www.acint.net
3 sync3.adsniper.ru 3 redirects
3 adx.com.ru 1 redirects www.acint.net
3 ad.adriver.ru 1 redirects theins.ru
3 logs.viadata.store theins.ru
3 exchange.buzzoola.com 2 redirects theins.ru
3 ssp-rtb.sape.ru 1 redirects yastatic.net
cdn-rtb.sape.ru
3 static.criteo.net yastatic.net
theins.ru
3 px.adhigh.net 2 redirects theins.ru
3 yandex.ru theins.ru
yastatic.net
2 www.googletagservices.com yandex.ru
securepubads.g.doubleclick.net
2 s0.2mdn.net imasdk.googleapis.com
2 s3.advarkads.com www.acint.net
s3.advarkads.com
2 tech.rtb.mts.ru 2 redirects
2 redirect.frontend.weborama.fr 2 redirects
2 ut.rktch.com 1 redirects www.acint.net
2 sync.1dmp.io 1 redirects www.acint.net
2 tag.digitaltarget.ru www.acint.net
tag.digitaltarget.ru
2 sync.republer.com 2 redirects
2 ssp.adriver.ru www.acint.net
2 cdn-rtb.sape.ru theins.ru
2 sync.search.spotxchange.com 1 redirects
2 vtg1.rktch.com theins.ru
2 gum.criteo.com 1 redirects static.criteo.net
2 bidder.criteo.com static.criteo.net
2 ad.mail.ru yastatic.net
www.acint.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 ru.viadata.store theins.ru
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 0afd0127cab5ef367cb1adc81eafdad5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 strm-rad14.strm.yandex.net
1 strm.yandex.ru 1 redirects
1 jstracer.yandex.ru yastatic.net
1 ysa-static.passport.yandex.ru
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 api.advarkads.com s3.advarkads.com
1 fcgi4.gnezdo.ru www.acint.net
1 match.new-programmatic.com www.acint.net
1 s.uuidksinc.net 1 redirects
1 0100007f764db7614d018d3a022e4263-sp.ops.beeline.ru 1 redirects
1 ads.adlook.me 1 redirects
1 sape-sync.rutarget.ru 1 redirects
1 relap.io www.acint.net
1 adlmerge.com www.acint.net
1 stat.adlabs.ru 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 sync.dmp.otm-r.com www.acint.net
1 dm-eu.hybrid.ai www.acint.net
1 a.utraff.com www.acint.net
1 cm.adform.net
1 n.dyntrk.com theins.ru
1 rtb-msk-2.viadata.store theins.ru
1 clientside-video-bidder.rutarget.ru theins.ru
1 mug.criteo.com
1 pl.viadata.store theins.ru
1 stats.g.doubleclick.net www.google-analytics.com
1 pb.adriver.ru yastatic.net
1 hb.adtelligent.com yastatic.net
1 adfox-c2s-ams.creativecdn.com yastatic.net
1 yhb.p.otm-r.com yastatic.net
1 matchid.adfox.yandex.ru yastatic.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com theins.ru
1 ads.digitalcaramel.com theins.ru
0 ssp.bidvol.com Failed yastatic.net
www.acint.net
225 89
Subject Issuer Validity Valid
*.theins.ru
R3		 2021-11-08 -
2022-02-06		 3 months crt.sh
caramel.am
R3		 2021-10-31 -
2022-01-29		 3 months crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.viadata.store
Sectigo RSA Domain Validation Secure Server CA		 2021-11-26 -
2022-11-28		 a year crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
matchid.adfox.yandex.ru
Yandex CA		 2021-08-26 -
2022-02-18		 6 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-06 -
2022-02-16		 2 years crt.sh
*.p.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2022-02-06		 2 years crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.sape.ru
R3		 2021-10-15 -
2022-01-13		 3 months crt.sh
hb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-11 -
2022-03-11		 3 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.rutarget.ru
Thawte RSA CA 2018		 2021-05-17 -
2022-06-17		 a year crt.sh
vtg1.rktch.com
R3		 2021-11-16 -
2022-02-14		 3 months crt.sh
*.dyntrk.com
R3		 2021-10-23 -
2022-01-21		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
bs.yandex.ru
Yandex CA		 2021-11-17 -
2022-05-18		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.acint.net
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-18 -
2022-06-17		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
tag.digitaltarget.ru
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
relap.io
GeoTrust RSA CA 2018		 2021-08-26 -
2022-09-26		 a year crt.sh
*.adx.com.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-05-04 -
2022-05-04		 a year crt.sh
new-programmatic.com
R3		 2021-10-24 -
2022-01-22		 3 months crt.sh
fcgi4.gnezdo.ru
R3		 2021-11-08 -
2022-02-06		 3 months crt.sh
advarkads.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.adfox.ru
Yandex CA		 2021-07-27 -
2022-01-06		 5 months crt.sh
*.advarkads.com
GlobalSign GCC R3 DV TLS CA 2020		 2020-12-03 -
2022-01-04		 a year crt.sh
ysa-static.passport.yandex.net
Yandex CA		 2021-08-21 -
2022-02-19		 6 months crt.sh
jstracer.yandex.ru
Yandex CA		 2021-11-17 -
2022-05-18		 6 months crt.sh
dmg.digitaltarget.ru
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
avatars.mds.yandex.net
Yandex CA		 2021-08-31 -
2022-03-01		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh

This page contains 21 frames:

Primary Page: https://theins.ru/news/246918
Frame ID: 9DADE00E54841E20E47CDC390D9925BA
Requests: 119 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 9766DBE700C8E08E86FEFDF79B5EAAFA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=3025194257&lmt=1639402869&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639402869104&bpp=3&bdt=180&idt=163&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3803690234752&frm=20&pv=2&ga_vid=1146171265.1639402869&ga_sid=1639402869&ga_hid=696718403&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=894715821673153&pem=577&tmod=189&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176
Frame ID: 34AF36D5B7D271B0A9799EE333477C05
Requests: 1 HTTP requests in this frame

Frame: https://cdn.viadata.store/js/player/211201.js
Frame ID: 9321A5F210D1BE59028C6B5AB0367BE4
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=theins.ru
Frame ID: 6AADE57D2621B206F3787BCE91A32799
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8710726D49DF67D7ED5DEEA4EC3F465A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F0BB5DBBEFE885E94F9C3019ADD1A50
Requests: 2 HTTP requests in this frame

Frame: https://cdn-rtb.sape.ru/js/vast/vpaid-ssp.min.js
Frame ID: 9EA5598F3136789743C8FF068EC1A334
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 22FD49850294388AAEAA3A790BA86643
Requests: 3 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=131&tc=1
Frame ID: 482AFEC149D4AB720CBB008A17D4CBF3
Requests: 34 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F764DB7614D018D3A022E4263
Frame ID: DB506E6FB2E1827A23ADC94BA5A1230F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: D9D99AE65BEB942C15DA8F0636B19618
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 109318D85B9C527510F23C53778497D9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_ru.html
Frame ID: E8C2781E3F444D3F7953308FDEBDC09D
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B75D91DD51305A6054D17052C0D6F35D
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 201AC86D150E7C184B7D0F90AAB100EC
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: E52BB7704C40A6C61348332DE2570277
Requests: 23 HTTP requests in this frame

Frame: https://0afd0127cab5ef367cb1adc81eafdad5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 781293600D00EF63B26B4E9E401CFC9F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 653B383C84D8876246A8FCEC65DD7671
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44F879E909E71DC08CF33134AC728AD9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_ZaxR-B9Qg0Pb-z_Vk9I7AS91dG6oqVGlQ-rvjhtu6hCcw0--soPqiJtu_xtCKw-xLTETrecpnC2PKqNT0UrXOnZxI7sfyqskistgKXtN9qzxHTIQUZGHCPj1MOI8HO-lAY0b3juZTHDG6fzV77LtVPDxP5tJfbV3XJPO-FpO-ux8_l1VxQvmwnrIJKAui2gXn7G-rZuf2zhGs6ZUCQN2vtAA6LV4siYc0CaqlIRRaIbX6iGqsliT9dfWrpwQtqy3QPN4StouZcsCkHZfrNEE-9UfNHsKaeyXjfwyVGjLKqi4pt9PwEpTVRKoozPQTZS5&sig=Cg0ArKJSzKB3MMG7rqssEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 93D920A5A7BB6CA4F8DE4F88A0AE221D
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

США и ЕС могут ограничить возможности России по обмену валют в случае нападения на Украину — BloombergViads Video Advertising

Page Statistics

225
Requests

84 %
HTTPS

38 %
IPv6

56
Domains

89
Subdomains

71
IPs

9
Countries

5298 kB
Transfer

12097 kB
Size

99
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
  • https://yandex.ru/ads/system/header-bidding.js
Request Chain 44
  • https://px.adhigh.net/rtb/yandex_hb HTTP 307
  • https://px.adhigh.net/rtb/yandex_hb?bounced=1
Request Chain 49
  • https://exchange.buzzoola.com/ssp/adfox HTTP 307
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Request Chain 51
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9486.zWSotjKMHKCMoAO71c7DG4GBwephZbI-yAyg3uMXX57y0TerIdcuQphEfjEEmId1.vZZPHTE2mZGqM7YibjvYik8FlzA%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9486.FRdloFodvnZ57Fr7-kwvn42GyTu2ZojK2VIA-HXPVGRUP3cmB_IBhhhzRoV5dw0nqZLAGLVWk0Tn2CAy6ow8pg%2C%2C.5ouzO5l-Vv4YW49z44qgqa1vOJ0%2C
Request Chain 64
  • https://mc.yandex.com/watch/45954939?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A672%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A392602888738%3Ahid%3A874650403%3Az%3A0%3Ai%3A20211213134109%3Aet%3A1639402869%3Ac%3A1%3Arn%3A550790071%3Arqn%3A1%3Au%3A1639402869637825254%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639402868344%3Ads%3A23%2C30%2C524%2C4%2C0%2C0%2C%2C82%2C0%2C%2C%2C%2C700%3Adsn%3A23%2C30%2C525%2C3%2C0%2C0%2C%2C81%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639402869%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/45954939/1?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A672%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A392602888738%3Ahid%3A874650403%3Az%3A0%3Ai%3A20211213134109%3Aet%3A1639402869%3Ac%3A1%3Arn%3A550790071%3Arqn%3A1%3Au%3A1639402869637825254%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639402868344%3Ads%3A23%2C30%2C524%2C4%2C0%2C0%2C%2C82%2C0%2C%2C%2C%2C700%3Adsn%3A23%2C30%2C525%2C3%2C0%2C0%2C%2C81%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639402869%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 79
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theins.ru&sn=ChromeSyncframe&so=0&topUrl=theins.ru&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=2lhQqHw1QldvZEZ0bjM1S292TFJIZTRxUDlSWk9uVmFTdkxQTEc5SWNUYWE4OXVNN0F4blIxcVlpVmZyWFpsVTFrQ2ZreFExS3JsdGhDaDl6SFNTM1pNWjEzSFN2Mlp6YjlMcXl0dVNtTTFjT0graFY1WTczYmREUEhUM25UUUFUOTJXaVNHQ2FvdE1hejN0djFIMWRnZkJHeW1xdHlxUlJTR3BUaXE4V2lVUUhiRTNTcWMzQ0R2MG84RlBsZWtEUUd5YmpXbjBMT0t0bkNETjIyK21Qam5NSWJ6OENwQmQxRWxwUEFmODNvd0cxa1lJdmVKRjFGQllZa0RuK3kyaXc3R1RCUTRmeTZWS1IvUGZRVnZLU1ZXS3E0dz09fA&cppv=2
Request Chain 92
  • https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&cbb=9402869903 HTTP 302
  • https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rolltype=content-roll&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&vpaid=false
Request Chain 93
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=61eb2bd0-249a-4095-bb84-5dfe5110aaea&i=1639402869 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=61eb2bd0-249a-4095-bb84-5dfe5110aaea&i=1639402869
Request Chain 95
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&__user_check__=1&sync_id=549a7e99-5c1a-11ec-99b0-1093d7b30206
Request Chain 106
  • https://www.acint.net/mc/?dp=131 HTTP 302
  • https://www.acint.net/mc/?dp=131&tc=1
Request Chain 111
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F764DB7614D018D3A022E4263 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F764DB7614D018D3A022E4263&crf=1
Request Chain 112
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/match?dp=14&euid=0100007F754DB761140003650255967D
Request Chain 113
  • https://px.adhigh.net/p/cm/sape?u=0100007F764DB7614D018D3A022E4263 HTTP 302
  • https://acint.net/match?dp=17&euid=81EqrEiYKe2.AikABlF9tAaSrw
Request Chain 115
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
  • https://www.acint.net/rmatch?dp=45&euid=AI_Kh6YluRxiUUlv96wpvEw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F764DB7614D018D3A022E4263
Request Chain 117
  • https://sync.republer.com/match?dsp=sape HTTP 307
  • https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
  • https://sync.bumlam.com/?src=rp1&uid=d6f23000-318b-4c76-b7e4-8d678b41b267 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj2mt2NBlIEioaQK2IkZDZmMjMwMDAtMzE4Yi00Yzc2LWI3ZTQtOGQ2NzhiNDFiMjY3 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj2mt2NBlIEioaQK2IkZDZmMjMwMDAtMzE4Yi00Yzc2LWI3ZTQtOGQ2NzhiNDFiMjY3ogEQVRTx6lwaEeyG4AAlkMBkfA** HTTP 302
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQABj2mt2NBmIkZDZmMjMwMDAtMzE4Yi00Yzc2LWI3ZTQtOGQ2NzhiNDFiMjY3ogEQVRTx6lwaEeyG4AAlkMBkfA** HTTP 302
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQARj2mt2NBmIkZDZmMjMwMDAtMzE4Yi00Yzc2LWI3ZTQtOGQ2NzhiNDFiMjY3ogEQVRTx6lwaEeyG4AAlkMBkfA**
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf3ZNt2FNAY06Ai5CYw HTTP 302
  • https://www.acint.net/match?dp=77&euid=
Request Chain 122
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F764DB7614D018D3A022E4263 HTTP 302
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F764DB7614D018D3A022E4263
Request Chain 126
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F764DB7614D018D3A022E4263 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F764DB7614D018D3A022E4263&cs=1
Request Chain 127
  • https://sape-sync.rutarget.ru/sync HTTP 302
  • https://www.acint.net/match?dp=104&euid=f9Z-c27U0wDz
Request Chain 128
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://acint.net/match?dp=107&euid=a48a3d90-6943-515b-9774-7888f6c335fe
Request Chain 129
  • https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
  • https://acint.net/match?dp=110&euid=6b525c98cbb54e6e988b2aa5c2d98d14
Request Chain 130
  • https://0100007f764db7614d018d3a022e4263-sp.ops.beeline.ru/p?ssp=sp&id=0100007F764DB7614D018D3A022E4263 HTTP 301
  • https://www.acint.net/match?dp=111&euid=5ab4423f-b86e-480c-8533-ae7d31d05d34
Request Chain 131
  • https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F764DB7614D018D3A022E4263 HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3107074999 HTTP 302
  • https://ut.rktch.com/matchspm?pi=1000006&pui=EbOdFrqniqifLZYHlHaEvu&noredirect
Request Chain 132
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F764DB7614D018D3A022E4263 HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F764DB7614D018D3A022E4263 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=c5b72a0b-7c88-4eb3-af36-f03f98f3f1df&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
  • https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Request Chain 133
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
  • https://www.acint.net/match?dp=126&euid=823564a7-8e36-4117-5a88-2180aae8fb06
Request Chain 134
  • https://s.uuidksinc.net/match/396/?remote_uid=0100007F764DB7614D018D3A022E4263 HTTP 302
  • https://www.acint.net/match?dp=127&euid=oVVCbUm1ueBe9fElFLDb
Request Chain 138
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F764DB7614D018D3A022E4263 HTTP 302
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F764DB7614D018D3A022E4263&bounce=1 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=8LJDwPZLkd%2Bvxnmxr%2B1EfA HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=8LJDwPZLkd%2Bvxnmxr%2B1EfA HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=c5b72a0b-7c88-4eb3-af36-f03f98f3f1df&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FxbcqC3yITrOvNvA_mPPx3w%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D0%2526exu%253D8LJDwPZLkd%25252Bvxnmxr%25252B1EfA%26sign%3D1801877668 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/xbcqC3yITrOvNvA_mPPx3w?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D8LJDwPZLkd%252Bvxnmxr%252B1EfA&sign=1801877668
Request Chain 139
  • https://sync.bumlam.com/?src=sap1&uid=0100007F764DB7614D018D3A022E4263 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj2mt2NBlIFrbKc-w9iIDAxMDAwMDdGNzY0REI3NjE0RDAxOEQzQTAyMkU0MjYz HTTP 302
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQABj2mt2NBmIgMDEwMDAwN0Y3NjREQjc2MTREMDE4RDNBMDIyRTQyNjOiARBVFPHqXBoR7IbgACWQwGR8 HTTP 302
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQARj2mt2NBmIgMDEwMDAwN0Y3NjREQjc2MTREMDE4RDNBMDIyRTQyNjOiARBVFPHqXBoR7IbgACWQwGR8
Request Chain 172
  • https://strm.yandex.ru/vh-canvas-converted/get-canvas/video_5dc3f4e72cb942ba54b8e51c_169_360p.webm?sid=d49b89a2b44894b66edd920195f9d3afa5d5a37b63b5f94a88129c3a05d5ae73&vsid=3d75fb3bf86fa1effa8c15ae466ef78821382081d530xVASx0NaNx1639402870 HTTP 302
  • https://strm-rad14.strm.yandex.net/vh-canvas-converted/get-canvas/video_5dc3f4e72cb942ba54b8e51c_169_360p.webm?sid=d49b89a2b44894b66edd920195f9d3afa5d5a37b63b5f94a88129c3a05d5ae73&vsid=3d75fb3bf86fa1effa8c15ae466ef78821382081d530xVASx0NaNx1639402870&noredir=1&lid=181
Request Chain 213
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eE23Yc3IO8yq-gbynpHgDA&random=1560460213&sscte=1&crd=CNPgGw HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1560460213&crd=CNPgGw&is_vtc=1&random=101858955 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1560460213&crd=CNPgGw&is_vtc=1&random=101858955&ipr=y
Request Chain 214
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eE23Yc3HO4uhx_APwZGEyAs&random=1379814314&sscte=1&crd=CNPgGw HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1379814314&crd=CNPgGw&is_vtc=1&random=263586708 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1379814314&crd=CNPgGw&is_vtc=1&random=263586708&ipr=y

225 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 246918
theins.ru/news/ 		120 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0c44579c6237f5586eb6c9560b5b35fa85a285e4466a7f6cd8dffe4166d12c7d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Dec 2021 13:41:08 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
vary
Accept-Encoding
x-cache-device-type
decktop
x-cache-status
MISS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6bcf9bb78b435c2c-FRA
content-encoding
gzip
application-1e3dfd3e699368fd7dfb-app.optimize.css
theins.ru/public/assets/ 		130 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b281f269aa142078ccfb43c9c187898247c17bac758717ad4a270b5123931c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/news/246918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:40 GMT
server
cloudflare
age
1026700
etag
"619bbfd4-4406"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6bcf9bbaebc95c2c-FRA
content-length
17414
expires
Thu, 01 Dec 2022 16:29:28 GMT
application-1e3dfd3e699368fd7dfb-styles.optimize.css
theins.ru/public/assets/ 		234 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-styles.optimize.css
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3576afae118b48511f152d8ce95a1e19315db7c0a0030726889822498af78d70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/news/246918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:40 GMT
server
cloudflare
age
1026700
etag
"619bbfd4-6d4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6bcf9bbaebca5c2c-FRA
content-length
27978
expires
Thu, 01 Dec 2022 16:29:28 GMT
modernizr.js
theins.ru/public/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/modernizr.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03cb67968a56ab998398f5a5f7b515e817ec487e5ba4b417c1def63eca12ca73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/news/246918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:02 GMT
server
cloudflare
age
1026700
etag
W/"619bbfae-1282"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6bcf9bbb1c3b5c2c-FRA
expires
Thu, 01 Dec 2022 16:29:28 GMT
header-bidding.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/header-bidding.js
  • https://yandex.ru/ads/system/header-bidding.js
166 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
662c4a1e5d72c3545cb995682ad22cc1e4e618d70dd0279678447ee035594708
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1639402869109952-13068534255135668133-man1-4051-man-l7-balancer-8080-BAL-4545
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 13 Dec 2021 14:41:09 GMT

Redirect headers

date
Mon, 13 Dec 2021 13:41:09 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
location
https://yandex.ru/ads/system/header-bidding.js
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
content-length
0
theins.ru.js
ads.digitalcaramel.com/js/ 		2 KB
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.digitalcaramel.com/js/theins.ru.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.234.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
digitalcaramel.com
Software
nginx /
Resource Hash
e4b8f7079db84f76db199ccc4597f1efa957d270eb484bac2e02d343ba848fa4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Oct 2021 07:35:01 GMT
server
nginx
etag
W/"615ff4a5-9e7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
strict-transport-security
max-age=15724800; includeSubdomains; preload
expires
Thu, 31 Dec 2037 23:55:55 GMT
context.js
yandex.ru/ads/system/ 		308 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
38fef94bf6d0a92413fba2cf4a2a44970f00288368ccc6fc12e6697db7211f28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1639402869059042-15818406765170949286-man1-4051-man-l7-balancer-8080-BAL-1039
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 13 Dec 2021 14:41:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7682f66d944955ab09f2eb3d3f8ac6330a66ce18d40015629b09746152c993ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51948
x-xss-protection
0
server
cafe
etag
13329077900255917627
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 13 Dec 2021 13:41:09 GMT
anBn.jpg
api.theins.ru/images/SBxKP86qICU_45b_s4RPgmPDrWYS7hNhyNGWjCI4Hw0/rs:auto:877:579:0:0/dpr:2/q:90/bG9jYWw6L3B1Ymxp/Yy9zdG9yYWdlL3Bv/c3QvMjQ2OTE4L2Zp/bGUtZjBiN2ZjZDJk/YWUxOGQyMzU4ZmUz/M2Q5NWFkMmExYTku/ 		316 KB
316 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.theins.ru/images/SBxKP86qICU_45b_s4RPgmPDrWYS7hNhyNGWjCI4Hw0/rs:auto:877:579:0:0/dpr:2/q:90/bG9jYWw6L3B1Ymxp/Yy9zdG9yYWdlL3Bv/c3QvMjQ2OTE4L2Zp/bGUtZjBiN2ZjZDJk/YWUxOGQyMzU4ZmUz/M2Q5NWFkMmExYTku/anBn.jpg
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c17fa1d31b854a771ec4833b336c218445ccd40f5047880ad496a27b737280

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Dec 2021 13:41:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
content-disposition
inline; filename="file-f0b7fcd2dae18d2358fe33d95ad2a1a9.jpg"
accept-ranges
bytes
cf-ray
6bcf9bbb2c875c2c-FRA
content-length
323516
x-request-id
Ym53NF38A1F1QSRhvPyopC
expires
Tue, 13 Dec 2022 13:41:09 GMT
application-1e3dfd3e699368fd7dfb-app.js
theins.ru/public/assets/ 		1 MB
333 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ad5466bf8e93c888ca830d9b03728feeb7156e6118f878f45f36fca31f17d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/news/246918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:40 GMT
server
cloudflare
age
1026700
etag
"619bbfd4-53148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6bcf9bbb1c5b5c2c-FRA
content-length
340296
expires
Thu, 01 Dec 2022 16:29:28 GMT
application-1e3dfd3e699368fd7dfb-styles.js
theins.ru/public/assets/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-styles.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
692446225814c5bc8e8f73a291afdf6626e40a2a3a533ab737e8dea55e5545d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/news/246918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:40 GMT
server
cloudflare
age
1026700
etag
"619bbfd4-21b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6bcf9bbb1c375c2c-FRA
content-length
8633
expires
Thu, 01 Dec 2022 16:29:28 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-44581081-1
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
447e8602677aa38f43408b40eb2ac1760a933a1f95fafdf6b135059a45b36784
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36250
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Dec 2021 13:41:09 GMT
truncated
/ 		141 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg
RFDewiCondensed-Bold.woff2
theins.ru/public/assets/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/fonts/RFDewiCondensed-Bold.woff2
Requested by
Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559e15e9c1f2aed0308858ccdd55dd9de22dcd2a3a4802de64ab56c5a00bef97

Request headers

Referer
https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Origin
https://theins.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:40 GMT
server
cloudflare
age
1026701
etag
"619bbfd4-a559"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6bcf9bbb2c7d5c2c-FRA
content-length
42329
expires
Thu, 01 Dec 2022 16:29:28 GMT
RFDewiExpanded-Black.woff2
theins.ru/public/assets/fonts/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/fonts/RFDewiExpanded-Black.woff2
Requested by
Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834af6158f003b1d449f2398617ac58ecca6a0d8c0cd653442c49185432fc06e

Request headers

Referer
https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Origin
https://theins.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:08 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:40 GMT
server
cloudflare
age
1026700
etag
"619bbfd4-a649"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6bcf9bbb2c805c2c-FRA
content-length
42569
expires
Thu, 01 Dec 2022 16:29:28 GMT
RFDewi-Regular.woff2
theins.ru/public/assets/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/fonts/RFDewi-Regular.woff2
Requested by
Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20dcd1712a09e708373636f76fb4afc4a7b3a66277ecafbb036d6cb4acac941b

Request headers

Referer
https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Origin
https://theins.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:08 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:40 GMT
server
cloudflare
age
1026700
etag
"619bbfd4-6e0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6bcf9bbb2c815c2c-FRA
content-length
28172
expires
Thu, 01 Dec 2022 16:29:28 GMT
RFDewiCondensed-Ultrabold.woff2
theins.ru/public/assets/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/fonts/RFDewiCondensed-Ultrabold.woff2
Requested by
Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1d777d1448f841f8d6c3dc55073f244022acf5a60d246863cff979748ccf142

Request headers

Referer
https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Origin
https://theins.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:40 GMT
server
cloudflare
age
1026700
etag
"619bbfd4-6ab8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6bcf9bbb2c845c2c-FRA
content-length
27320
expires
Thu, 01 Dec 2022 16:29:28 GMT
RFDewiCondensed-Semibold.woff2
theins.ru/public/assets/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/fonts/RFDewiCondensed-Semibold.woff2
Requested by
Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9efec227fa2dd3f0e1cc60a36dc9b1c27d2a0baf2b03c29efb20e0025ed76d0f

Request headers

Referer
https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Origin
https://theins.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:08 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:40 GMT
server
cloudflare
age
1026700
etag
"619bbfd4-6b3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6bcf9bbb2c855c2c-FRA
content-length
27452
expires
Thu, 01 Dec 2022 16:29:28 GMT
tag.js
mc.yandex.ru/metrika/ 		194 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
debb229daffbe34e17c32f8d56a72dfa9ba4debfcfcb330e733bf56d88da117c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
br
last-modified
Fri, 10 Dec 2021 11:53:03 GMT
etag
"61b3156f-107fa"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67578
expires
Mon, 13 Dec 2021 14:41:09 GMT
application-1e3dfd3e699368fd7dfb-article.js
theins.ru/public/assets/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-article.js
Requested by
Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce400adf4048173aaf986da2569e97fd793eac19b1863f94132ade681abf0a29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/news/246918
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 16:05:40 GMT
server
cloudflare
age
1026701
etag
"619bbfd4-21fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6bcf9bbbcde85c2c-FRA
content-length
8702
expires
Thu, 01 Dec 2022 16:29:28 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-44581081-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
375
date
Mon, 13 Dec 2021 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 13 Dec 2021 15:34:54 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=theins.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
4507154694380913909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 13 Dec 2021 13:41:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 9766 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 12 Dec 2021 18:36:45 GMT
expires
Sun, 26 Dec 2021 18:36:45 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
68664
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
viewed
api.theins.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.theins.ru/viewed?id=246918&type=Post%3A%3ANews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
user-language
Origin
https://theins.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://theins.ru
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE, HEAD
access-control-allow-headers
DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range, post-referer, session-id, resource, user-language
access-control-max-age
1728000
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6bcf9bbccb52d711-FRA
/
api.theins.ru/proxy/fb/ 		0
0
vk
api.theins.ru/proxy/ 		21 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.theins.ru/proxy/vk?act=count&index=1&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918
Requested by
Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / KPHP/7.4.109614
Resource Hash
5c883fd81aa6616988d11949a780dfa476f39ba7aca55f1cfeaec60b5d19cbe4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-powered-by
KPHP/7.4.109614
x-frontend
front609307
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE, HEAD
content-type
text/html; charset=windows-1251
access-control-allow-origin
https://theins.ru
access-control-expose-headers
X-Frontend, Content-Length,Content-Range
cache-control
no-store
access-control-allow-credentials
true
cf-ray
6bcf9bbccb4ed711-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control, Content-Type,Range, post-referer, session-id, resource
dk
api.theins.ru/proxy/ok/ 		25 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.theins.ru/proxy/ok/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Ftheins.ru%2Fnews%2F246918
Requested by
Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security max-age=63072000;includeSubdomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
rendered-blocks
WidgetExtLike
content-security-policy-report-only
default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000;includeSubdomains;preload
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE, HEAD
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
https://theins.ru
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-cache, no-store
access-control-allow-credentials
true, true
content-security-policy
default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
cf-ray
6bcf9bbccb51d711-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control, Content-Type,Range, post-referer, session-id, resource
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
viewed
api.theins.ru/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.theins.ru/viewed?id=246918&type=Post%3A%3ANews
Requested by
Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
User-Language
ru

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS, PUT, PATCH, DELETE, HEAD
content-type
application/octet-stream
access-control-allow-origin
https://theins.ru
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
6bcf9bbcebacd711-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control, Content-Type,Range, post-referer, session-id, resource
content-length
0
load.js
ru.viadata.store/tag/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.viadata.store/tag/load.js?sid=102696&tag_id=via_102696
Requested by
Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-article.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
18afe37eb02a7e3c09c8ce84604fd27d7abf985d893bcbc9558e08e9ffd95931

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
anBn.jpg
api.theins.ru/images/xlWqHxGK1IPOr0ILgYKDs7F4t9gnW62ax95ybGyy4pw/rs:auto:877:579:0:0/dpr:1/q:90/bG9jYWw6L3B1Ymxp/Yy9zdG9yYWdlL3Bv/c3QvMjQ2OTE4L2Zp/bGUtZjBiN2ZjZDJk/YWUxOGQyMzU4ZmUz/M2Q5NWFkMmExYTku/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.theins.ru/images/xlWqHxGK1IPOr0ILgYKDs7F4t9gnW62ax95ybGyy4pw/rs:auto:877:579:0:0/dpr:1/q:90/bG9jYWw6L3B1Ymxp/Yy9zdG9yYWdlL3Bv/c3QvMjQ2OTE4L2Zp/bGUtZjBiN2ZjZDJk/YWUxOGQyMzU4ZmUz/M2Q5NWFkMmExYTku/anBn.jpg
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac676d115d20505b7728ea958e6b20b980243fb7ba8cfa92f6aab4f5ce4edb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Dec 2021 13:41:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
content-disposition
inline; filename="file-f0b7fcd2dae18d2358fe33d95ad2a1a9.jpg"
accept-ranges
bytes
cf-ray
6bcf9bbca8405c2c-FRA
content-length
126321
x-request-id
dyd2Vzpm0Gb0_oOjT5a4Ww
expires
Tue, 13 Dec 2022 13:41:09 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=696718403&t=pageview&_s=1&dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&ul=en-us&de=UTF-8&dt=%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=877116863&gjid=1534675853&cid=1146171265.1639402869&tid=UA-44581081-1&_gid=1282047491.1639402869&_r=1&gtm=2ouc10&z=864011902
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://theins.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
68da7864e4daa9af47b1.js
yastatic.net/partner-code-bundles/50770/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/50770/68da7864e4daa9af47b1.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
f3a07c94de7e82d979ff85c625e15241a5201688bfdecea1ef09354f49369914
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://theins.ru/
Origin
https://theins.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4453
last-modified
Fri, 10 Dec 2021 15:18:03 GMT
server
nginx/1.17.9
etag
"49d1508d112165b352971a2e3247ee66"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2051 20:15:52 GMT
eedfc603338c8658da87.js
yastatic.net/partner-code-bundles/50770/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/50770/eedfc603338c8658da87.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
b08a7f2cc41d0a826952afa86255a7e951b7239f1c574c8cd12790138e6c4188
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://theins.ru/
Origin
https://theins.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17061
last-modified
Fri, 10 Dec 2021 15:18:03 GMT
server
nginx/1.17.9
etag
"6a9d1e9f91813befca77b6cad02a096b"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2051 20:15:52 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://theins.ru/
Origin
https://theins.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2051 20:16:24 GMT
4988e24bad13ffae4c6a.js
yastatic.net/partner-code-bundles/50770/ 		610 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/50770/4988e24bad13ffae4c6a.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d3aa13506c9d3258a4025719fb1f717b2335a1ceb987b992e83ad92f9130475d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://theins.ru/
Origin
https://theins.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
126942
last-modified
Fri, 10 Dec 2021 15:18:02 GMT
server
nginx/1.17.9
etag
"20afc3d78ac9f2165869033bada8f95d"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2051 20:15:59 GMT
cookie.js
partner.googleadservices.com/gampad/ 		213 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=theins.ru&callback=_gfp_s_&client=ca-pub-4894759983606832
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=theins.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
aef9e04403a355d2edd03be9f841e18667e975445d055536e623f5cd6fdb5055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=theins.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=theins.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=theins.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=theins.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&tn=HEADER&cls=_1K0cJ&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 34AF 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=3025194257&lmt=1639402869&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639402869104&bpp=3&bdt=180&idt=163&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3803690234752&frm=20&pv=2&ga_vid=1146171265.1639402869&ga_sid=1639402869&ga_hid=696718403&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=894715821673153&pem=577&tmod=189&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=theins.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 13 Dec 2021 13:41:09 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Dec 2021 13:41:09 GMT
cache-control
private
getcookie
matchid.adfox.yandex.ru/ 		88 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f632f6462b8569ba427daf06e00a64c6306c122a24dbaae7d8e1d101618d0266
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://theins.ru
date
Mon, 13 Dec 2021 13:41:09 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
88
x-content-type-options
nosniff
content-type
application/json
/
ad.mail.ru/hbid_yandex/ 		11 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 13 Dec 2021 13:41:09 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://theins.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
adjson
ads.betweendigital.com/ 		11 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://theins.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
yhb
yhb.p.otm-r.com/ 		11 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://theins.ru
date
Mon, 13 Dec 2021 13:41:09 GMT
access-control-allow-credentials
true
server
nginx/1.17.6
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://theins.ru
date
Mon, 13 Dec 2021 13:41:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
content-type
application/json;charset=utf-8
yandex_hb
px.adhigh.net/rtb/
Redirect Chain
  • https://px.adhigh.net/rtb/yandex_hb
  • https://px.adhigh.net/rtb/yandex_hb?bounced=1
11 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Server
193.232.150.150 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp17.sender.ltmse.com
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
server
nginx
x-backend-id
f17-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://theins.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
11
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
server
nginx
access-control-allow-origin
https://theins.ru
x-backend-id
f17-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
publishertag.js
static.criteo.net/js/ld/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:13 GMT
server
nginx
etag
W/"618cb9a1-1d4ec"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Dec 2021 13:41:09 GMT
pl999
ssp.bidvol.com/rtb/ 		0
0
adfoxhb
ssp-rtb.sape.ru/ 		11 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/adfoxhb
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.64.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1397441.sapientru.net
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 13 Dec 2021 13:41:09 GMT
Server
openresty
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://theins.ru
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
11
auction
hb.adtelligent.com/v3/ 		11 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adtelligent.com/v3/auction
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://theins.ru
Date
Mon, 13 Dec 2021 13:41:09 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
11
Content-Type
application/json; charset=UTF-8
adfox
exchange.buzzoola.com/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/ssp/adfox
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
11 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Server
138.201.34.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.34.201.138.clients.your-server.de
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
server
nginx
serverid
TODO
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://theins.ru
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
11

Redirect headers

date
Mon, 13 Dec 2021 13:41:09 GMT
server
nginx
access-control-allow-origin
https://theins.ru
etag
W/"e5c7e464839a9a7ced7ad3ca4558366467f280c30dacdb6bb7f2f24aefb0cd62"
serverid
TODO
location
/ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
0
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://theins.ru
Pragma
no-cache
Date
Mon, 13 Dec 2021 13:41:09 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9486.zWSotjKMHKCMoAO71c7DG4GBwephZbI-yAyg3uMXX57y0TerIdcuQphEfjEEmId1.vZZPHTE2mZGqM7YibjvYik8FlzA%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9486.FRdloFodvnZ57Fr7-kwvn42GyTu2ZojK2VIA-HXPVGRUP3cmB_IBhhhzRoV5dw0nqZLAGLVWk0Tn2CAy6ow8pg%2C%2C.5ouzO5l-Vv4YW49z44qgqa1vOJ0%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9486.FRdloFodvnZ57Fr7-kwvn42GyTu2ZojK2VIA-HXPVGRUP3cmB_IBhhhzRoV5dw0nqZLAGLVWk0Tn2CAy6ow8pg%2C%2C.5ouzO5l-Vv4YW49z44qgqa1vOJ0%2C
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9486.FRdloFodvnZ57Fr7-kwvn42GyTu2ZojK2VIA-HXPVGRUP3cmB_IBhhhzRoV5dw0nqZLAGLVWk0Tn2CAy6ow8pg%2C%2C.5ouzO5l-Vv4YW49z44qgqa1vOJ0%2C
date
Mon, 13 Dec 2021 13:41:09 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44581081-1&cid=1146171265.1639402869&jid=877116863&gjid=1534675853&_gid=1282047491.1639402869&_u=YEBAAUAAAAAAAC~&z=876607874
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 13 Dec 2021 13:41:09 GMT
content-type
text/plain
access-control-allow-origin
https://theins.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
last-modified
Fri, 10 Dec 2021 11:53:03 GMT
etag
"61b3156f-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 13 Dec 2021 14:41:09 GMT
hls.js
cdn.viadata.store/static/js/ 		235 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/static/js/hls.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.115.92 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 14:39:05 GMT
server
nginx/1.17.6
etag
W/"5ffdb489-3ab3e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
code.js
ru.viadata.store/tag/ 		30 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.viadata.store/tag/code.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
cache-control
public
content-type
application/javascript; charset=utf-8
server
nginx/1.19.5
content-encoding
br
vary
Accept-Encoding
expires
Tue, 14 Dec 2021 13:41:09 GMT
site
logs.viadata.store/req/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/req/site?sid=102696&cid=0&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&event=playerLoaded&cb=1639402869352
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 13:41:09 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
cdb
bidder.criteo.com/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=72953896057
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://theins.ru
date
Mon, 13 Dec 2021 13:41:08 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44581081-1&cid=1146171265.1639402869&jid=877116863&_u=YEBAAUAAAAAAAC~&z=537087228
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44581081-1&cid=1146171265.1639402869&jid=877116863&_u=YEBAAUAAAAAAAC~&z=537087228
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
211201.js
cdn.viadata.store/js/player/ Frame 9321 		180 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/js/player/211201.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.115.92 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
09f5a546d338271977ebb834261b2f45b0aabcb9e0a19a16beb0c7ba4b01412f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 16:20:02 GMT
server
nginx/1.17.6
etag
W/"61aa43b2-2d167"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
events
bidder.criteo.com/csm/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://theins.ru
date
Mon, 13 Dec 2021 13:41:08 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 08 Dec 2022 13:41:09 GMT
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 08 Dec 2022 13:41:09 GMT
1
mc.yandex.com/watch/45954939/
Redirect Chain
  • https://mc.yandex.com/watch/45954939?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A672%3Afu%3A0%3Aen%3Autf-...
  • https://mc.yandex.com/watch/45954939/1?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A672%3Afu%3A0%3Aen%3Aut...
350 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/45954939/1?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A672%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A392602888738%3Ahid%3A874650403%3Az%3A0%3Ai%3A20211213134109%3Aet%3A1639402869%3Ac%3A1%3Arn%3A550790071%3Arqn%3A1%3Au%3A1639402869637825254%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639402868344%3Ads%3A23%2C30%2C524%2C4%2C0%2C0%2C%2C82%2C0%2C%2C%2C%2C700%3Adsn%3A23%2C30%2C525%2C3%2C0%2C0%2C%2C81%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639402869%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f6255acdd46a48d0ed625a2da7a9fc0b44501a16345621d22e395797dec5c6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 13-Dec-2021 13:41:09 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:09 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
last-modified
Mon, 13-Dec-2021 13:41:09 GMT
location
/watch/45954939/1?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A672%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A392602888738%3Ahid%3A874650403%3Az%3A0%3Ai%3A20211213134109%3Aet%3A1639402869%3Ac%3A1%3Arn%3A550790071%3Arqn%3A1%3Au%3A1639402869637825254%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639402868344%3Ads%3A23%2C30%2C524%2C4%2C0%2C0%2C%2C82%2C0%2C%2C%2C%2C700%3Adsn%3A23%2C30%2C525%2C3%2C0%2C0%2C%2C81%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639402869%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=theins.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a047e870f84062867d54a98b556c2399db11dfb242cbf7cf9e580d1399096628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8558
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 6AAD 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=theins.ru
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2288
date
Mon, 13 Dec 2021 13:41:09 GMT
content-length
4685
strict-transport-security
max-age=86400; preload;
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=theins.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 13 Dec 2021 13:41:09 GMT
12_news_eng.m3u8
cdn.viadata.store/media/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/media/12_news_eng.m3u8
Requested by
Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.115.92 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
45f0f17894ab482b67a6d7f5fa80bd19fb44da017e93a2df668311c9409c0970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
last-modified
Fri, 26 Feb 2021 14:49:33 GMT
server
nginx/1.17.6
etag
"60390a7d-513"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
1299
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		371 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
pl.viadata.store/export/102696/ Frame 9321 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.viadata.store/export/102696/?secured=1&language=en&page_url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pub_sid=102696&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=theins.ru&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=869674&VIA_WIDTH=736&VIA_HEIGHT=414&imp=false&rc=1&cb=1639402869724
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
8bc835b41dbf1a892a18fdeca5bc46c37d0e30b00ea6e80e291954a07c013136

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
br
server
nginx/1.19.5
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://theins.ru
access-control-allow-credentials
true
access-control-allow-headers
sentry-trace
sid
mug.criteo.com/ Frame 6AAD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theins.ru&sn=ChromeSyncframe&so=0&topUrl=theins.ru&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=2lhQqHw1QldvZEZ0bjM1S292TFJIZTRxUDlSWk9uVmFTdkxQTEc5SWNUYWE4OXVNN0F4blIxcVlpVmZyWFpsVTFrQ2ZreFExS3JsdGhDaDl6SFNTM1pNWjEzSFN2Mlp6YjlMcXl0dVNtTTFjT0graFY1WTczYmREUEhUM2...
451 B
626 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2lhQqHw1QldvZEZ0bjM1S292TFJIZTRxUDlSWk9uVmFTdkxQTEc5SWNUYWE4OXVNN0F4blIxcVlpVmZyWFpsVTFrQ2ZreFExS3JsdGhDaDl6SFNTM1pNWjEzSFN2Mlp6YjlMcXl0dVNtTTFjT0graFY1WTczYmREUEhUM25UUUFUOTJXaVNHQ2FvdE1hejN0djFIMWRnZkJHeW1xdHlxUlJTR3BUaXE4V2lVUUhiRTNTcWMzQ0R2MG84RlBsZWtEUUd5YmpXbjBMT0t0bkNETjIyK21Qam5NSWJ6OENwQmQxRWxwUEFmODNvd0cxa1lJdmVKRjFGQllZa0RuK3kyaXc3R1RCUTRmeTZWS1IvUGZRVnZLU1ZXS3E0dz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
885992e2d5a282d27f068b095e1bf76044d382a36e362c825ed316e8064b31cd
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3393
strict-transport-security
max-age=86400; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
strict-transport-security
max-age=86400; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=2lhQqHw1QldvZEZ0bjM1S292TFJIZTRxUDlSWk9uVmFTdkxQTEc5SWNUYWE4OXVNN0F4blIxcVlpVmZyWFpsVTFrQ2ZreFExS3JsdGhDaDl6SFNTM1pNWjEzSFN2Mlp6YjlMcXl0dVNtTTFjT0graFY1WTczYmREUEhUM25UUUFUOTJXaVNHQ2FvdE1hejN0djFIMWRnZkJHeW1xdHlxUlJTR3BUaXE4V2lVUUhiRTNTcWMzQ0R2MG84RlBsZWtEUUd5YmpXbjBMT0t0bkNETjIyK21Qam5NSWJ6OENwQmQxRWxwUEFmODNvd0cxa1lJdmVKRjFGQllZa0RuK3kyaXc3R1RCUTRmeTZWS1IvUGZRVnZLU1ZXS3E0dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2111
content-length
541
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8710 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 13 Dec 2021 10:36:17 GMT
expires
Tue, 13 Dec 2022 10:36:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7F0B 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a7f370c85196b2bf2844b805d2052684d654747d6d1a4e7b107b6b955647c923
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-thQ9iorpH0WWpL8FEMOKGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 13 Dec 2021 13:41:09 GMT
date
Mon, 13 Dec 2021 13:41:09 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-thQ9iorpH0WWpL8FEMOKGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 8710 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 14:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
81688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:59:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7F0B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=894715821673153&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
12_news_eng000.ts
cdn.viadata.store/media/ 		242 KB
242 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/media/12_news_eng000.ts
Requested by
Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.115.92 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
a75fe9acfb784bda910aec728288489aed0d6afcd101c109af4d9726e32da7a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
last-modified
Fri, 26 Feb 2021 14:46:45 GMT
server
nginx/1.17.6
etag
"603909d5-3c670"
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp2t
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
247408
3f5bbf6a-18b9-46ba-9516-7e07957714b8
https://theins.ru/ 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://theins.ru/3f5bbf6a-18b9-46ba-9516-7e07957714b8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length
62028
Content-Type
text/javascript
bid
clientside-video-bidder.rutarget.ru/ Frame 9321 		27 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&request_id=1026969402869897&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr5.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin
https://theins.ru
Rutarget-SameSite-Cookie
true
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
rle.cgi
ad.adriver.ru/cgi-bin/ Frame 9321 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=223429&bn=1&bt=61&pz=0&w=736&h=414&vp=3&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=9402869901&tail256=https%3A%2F%2Ftheins.ru%2F
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.37 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
5e2655264dcd3b15d9b0ffd33481b17f6d5badf3761e7d39f4c9566ae68fb5b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:41:10 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://theins.ru
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
rtb-msk-2.viadata.store/vast/ Frame 9321 		71 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb-msk-2.viadata.store/vast/cs?zone=102696&w=736&h=414&site=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&vp=2&cbb=9402869902
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
age
0
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://theins.ru
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
access-control-allow-headers
Content-Type, Accept
rle.cgi
ad.adriver.ru/cgi-bin/ Frame 9321 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222694&bn=1&bt=61&pz=0&w=400&h=220&vp=3&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=9402869902
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.37 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
8ea90a6ce1a888acbbea5feb59a6a0ec48a410eb75e242f0b1c75b178360e60b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 13:41:10 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://theins.ru
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v0
vtg1.rktch.com/ Frame 9321 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&siteid=102696&cbb=9402869902
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41257.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
d5136d53de834f6d5cba9a89dcc57f18b6f8ff3ba7b790cb3ff3441667686e62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://theins.ru
Access-Control-Max-Age
0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Authorization, x-ad4-*
bid.php
n.dyntrk.com/ Frame 9321 		21 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.dyntrk.com/bid.php?bsrc=d5ad5bs9ht&cpu=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&uint=2&ist=1&cdid=DYN-OPM-0389&plw=736&plh=414&addu=60&pubid=102696&uifa=61eb2bd0-249a-4095-bb84-5dfe5110aaea&ad_ct=application%2Fjavascript%2Cvideo%2Fmp4&gdpr=0&gdpr_consent=&cbb=9402869902
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.160.160 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3198892.ip-135-125-160.eu
Software
proxy /
Resource Hash
e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://theins.ru
pragma
no-cache
access-control-allow-credentials
true
server
proxy
x-rc
10
content-length
21
content-type
text/xml
viads-vast
adx.com.ru/ Frame 9321
Redirect Chain
  • https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&cbb=9402869903
  • https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rolltype=content-roll&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&vpaid=false
0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rolltype=content-roll&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&vpaid=false
Protocol
H2
Server
188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.134.131.34.188.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://theins.ru
date
Mon, 13 Dec 2021 13:41:09 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
p3p
CP="adx.com.ru does not have a P3P policy"

Redirect headers

date
Mon, 13 Dec 2021 13:41:09 GMT
server
nginx/1.20.1
access-control-allow-origin
https://theins.ru
p3p
CP="adx.com.ru does not have a P3P policy"
location
/viads-vast?confirm=1&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rolltype=content-roll&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&vpaid=false
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
content-length
243
i
dmg.digitaltarget.ru/awg/custom/7205/i/ Frame 9321
Redirect Chain
  • https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=61eb2bd0-249a-4095-bb84-5dfe5110aaea&i=1639402869
  • https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=61eb2bd0-249a-4095-bb84-5dfe5110aaea&i=1639402869
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=61eb2bd0-249a-4095-bb84-5dfe5110aaea&i=1639402869
Protocol
HTTP/1.1
Server
185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
8
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=61eb2bd0-249a-4095-bb84-5dfe5110aaea&i=1639402869
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
cookie
cm.adform.net/ Frame 9321 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:09 GMT
server
nginx
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 9321
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea
  • https://sync.search.spotxchange.com/partner?adv_id=273596&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&__user_check__=1&sync_id=549a7e99-5c1a-11ec-99b0-1093d7b30206
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=273596&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&__user_check__=1&sync_id=549a7e99-5c1a-11ec-99b0-1093d7b30206
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
46
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 13 Dec 2021 13:41:09 GMT
Server
nginx
Location
/partner?adv_id=273596&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&__user_check__=1&sync_id=549a7e99-5c1a-11ec-99b0-1093d7b30206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
7
Connection
keep-alive
Content-Length
0
dsp
logs.viadata.store/event/ Frame 9321 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/dsp?sid=102696&event=rtb&event2=request&cb=1639402869903&tids=3459,3456,3457,3458,7593,3439,3460,3461,8427,3462,7369
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 13:41:09 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=894715821673153&bg=!Li2lLWnNAAZKWFskSlg7ACkAdvg8WsAmdZAB1n6i3vDGiNF5Kj6gYQr_0MJ0JEx9YRR8mJVIAyqh5gIAAAB4UgAAAApoAQcKAIHPWksGxYV-kNA3oHM4YoOol_XrpWeQMY6rE84t-DhR3n8FGhTJEHF55RqKVRPcThl-WpESrDtTc9Em12dqh-bFzWg8fUb5vwVUSzxY909jJGPEj73vxpyZI3Iw_JAfXcXmJ5aGRbT2n2NpOPiTdyNCAyGsnbqEB3D8sRE97aY9BmmZAqJIJ911eeVEExtQNDcmnJlp9I-sM9hYYCwUoq_HAFUCp9rjCNFLnPHMXo3k_mYoRYK-QULum0EII6k4siKAGHbNxsYLBn0LCrOyJJ42heP7aBEmHaz-x6f-EnzB0tzDBeO-aga9A2pq0fsJ_e-Yhx3wLSYa8wi6598SU3CFm9LJVcPBocKHvE5BDq1tpZsC5nVxMDcZGNjv_BVUSlLFFg2vZnH55IXnrzXMbljewPmt8zmwXa1y0zORf2gff3oRfdn2iOWLPxJbnka7ZqSMC6N_x-OZWrVf1G9TuB4u2A2u6PVPgYTyP4Q2D5mvBlkEgzVl2LclP_FaiuF9ReveYZgT5uO3Gek7WUZeUs4_YGDhf9lh9Ko5O-Etf8fPnfPGIK55w6OhT0EhVI8QvTM9ruiSMa0bYGaEy9FRPhyfcNRNiinDaBmqXnV3TWc_SUpn8Nxae90gqB0f_CPZX2fBEGhnj6UyM3Cjla10tRO_-Fmc6jLaHYpeQcGmaH4Ey2aVpSYUv4dDtWKrFztaVyOQ5Rp0S57ZUTAe-vM94DCfeOzevJ-VHhHDbRB62nn-rpaIkhKxHE9am3uywoGef71RmUuGabOm9gNqUbQyUcX_pgd0lwbrA86DbKcwF6NNmKF1qm5S2_291_n506dS0GocM0bxhNdJPxCqDorcIrT0KDSvdNUolgONFuZuiBnZU3sv0Idv51sw7XwIm67JcnpXlfB2XcZI4UREkNWu7xHRzvbJgug9vfNqn4jFqHQ5m4iECqRGIW_J29b0MIdbDU5wWrYw4a3F1Mzg_CzpgP-hy0smt2MF4zn5DsJqj6HHP8xl_OT4hUkQ6We04TH3ZlGtx6MWkp8rypX00lcGoMyM6W0fE19BOEQiIelMTXNJU8It8-oEKg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
12_news_eng001.ts
cdn.viadata.store/media/ 		411 KB
411 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.viadata.store/media/12_news_eng001.ts
Requested by
Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.115.92 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
b2501d83e7a70f991d54ba2762dc364f54f6e081055b24f688c4e90e3fbc6590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Fri, 26 Feb 2021 14:46:51 GMT
server
nginx/1.17.6
etag
"603909db-66acc"
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp2t
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
420556
596179.xml
cdn-rtb.sape.ru/rtb-b/vast/179/ Frame 9321 		1 KB
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-rtb.sape.ru/rtb-b/vast/179/596179.xml
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
asrv233.qwarta.ru
Software
openresty /
Resource Hash
dad7730e8295c62ac978c7c81e1965e8d248ad008d0c96d92bde4c02887218dd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
x-amz-request-id
16BF602F095357DB
x-cache-status
HIT
x-xss-protection
1; mode=block
last-modified
Fri, 10 Dec 2021 10:58:35 GMT
server
openresty
etag
W/"e4251df038107d580c8963e91b880da0"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://theins.ru
cache-control
max-age=3600
access-control-allow-credentials
true
content-security-policy
block-all-mixed-content
expires
Mon, 13 Dec 2021 14:41:10 GMT
v0
vtg1.rktch.com/ Frame 9321 		21 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&bb=63&siteid=102696&att=1&ma=6
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
d41257.acod.regrucolo.ru
Software
nginx/1.14.2 /
Resource Hash
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://theins.ru
Access-Control-Max-Age
0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Authorization, x-ad4-*
vpaid-ssp.min.js
cdn-rtb.sape.ru/js/vast/ Frame 9EA5 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-rtb.sape.ru/js/vast/vpaid-ssp.min.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
asrv233.qwarta.ru
Software
openresty /
Resource Hash
a16e5102908cbb3fa1300e289c071e33edc1cfa3443ef2293c81a1e36f428d7b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
etag
"f13f6a374f2c33622876792857cdbbbf"
x-amz-request-id
16BA2D13231F38AA
x-cache-status
HIT
content-length
17355
x-xss-protection
1; mode=block
last-modified
Mon, 13 Sep 2021 14:27:45 GMT
server
openresty
date
Mon, 13 Dec 2021 13:41:10 GMT
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Mon, 13 Dec 2021 14:41:10 GMT
v2
an.yandex.ru/adfox/260971/getBulk/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/260971/getBulk/v2?dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&date=2021-12-13T13%3A41%3A10.298%2B00%3A00&pd=13&pdh=1200&pdw=1600&pr1=3673748213&pr=225878757&prr=&pv=13&pw=1&extid_loader=MTYzOTQwMjg2OTYzNzgyNTI1NA%3D%3D&extid_tag_loader=theins.ru&ylv=0.50770&ybv=0.50770&ytt=326554957907989&is-turbo=0&skip-token=&ad-session-id=8135101639402870305&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A300%2C%22h%22%3A500%2C%22width%22%3A300%2C%22height%22%3A500%2C%22visible%22%3A0%2C%22left%22%3A20%2C%22top%22%3A968%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=50770&availableWidth=300&availableHeight=500&p1=cpewf&p2=gxmq&slotNumber=1&bids=W3siY2FtcGFpZ25faWQiOjk1Mjk2MSwicmVzcG9uc2VfdGltZSI6MjAxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzY4NTI5In0seyJjYW1wYWlnbl9pZCI6OTU3ODkzLCJyZXNwb25zZV90aW1lIjoxNDMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyOTUxOTYxIn0seyJjYW1wYWlnbl9pZCI6MTUzNjEzMSwicmVzcG9uc2VfdGltZSI6NTAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyMTEyNyJ9LHsiY2FtcGFpZ25faWQiOjEwMTkxMDUsInJlc3BvbnNlX3RpbWUiOjU0LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiU01YRjJpMlA5aHhsdnNVbGJZdTEifSx7ImNhbXBhaWduX2lkIjoxMDQ4ODk5LCJyZXNwb25zZV90aW1lIjoyMTEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2Nl8zMDB4NjAwX2FsZmFkYXJ0In0seyJjYW1wYWlnbl9pZCI6MTAxNjU1NywicmVzcG9uc2VfdGltZSI6MTQxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ3MzI1NSJ9LHsiY2FtcGFpZ25faWQiOjE0NDU3MjUsInJlc3BvbnNlX3RpbWUiOjEwMDgsImVycm9yIjp7ImNvZGUiOjN9LCJwbGFjZW1lbnRfaWQiOiIxNDk5NyJ9LHsiY2FtcGFpZ25faWQiOjE2NzI2OTcsInJlc3BvbnNlX3RpbWUiOjcyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjcxMTM4In0seyJjYW1wYWlnbl9pZCI6MTY2OTIyNCwicmVzcG9uc2VfdGltZSI6NjMzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjcxODQ4In0seyJjYW1wYWlnbl9pZCI6OTU3MTI5LCJyZXNwb25zZV90aW1lIjo4MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMjQyNjkifSx7ImNhbXBhaWduX2lkIjo5MzAwODgsInJlc3BvbnNlX3RpbWUiOjI3MywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjU3OnRoZWluc18zMDB4NjAwIn1d&utf8=%E2%9C%93&duid=MTYzOTQwMjg2OTYzNzgyNTI1NA%3D%3D&pcode-test-ids=458424%2C0%2C95%3B462893%2C0%2C96%3B452124%2C0%2C65%3B462728%2C0%2C33%3B472750%2C0%2C41%3B471058%2C0%2C91%3B457305%2C0%2C46%3B463993%2C0%2C58%3B471178%2C0%2C60%3B472135%2C0%2C15%3B458000%2C0%2C80%3B472137%2C0%2C36%3B437233%2C0%2C-1&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22472631%22%2C%22testId%22%3A%22472859%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22DISABLE_ETAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468484%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22470857%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22458424%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22462728%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472750%22%7D%5D%2C%22COMBO_SSR_ON_POGODA%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22471058%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22LEADERBOARD_HORIZONTAL_SD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463993%22%7D%5D%2C%22WIDGET_UNIFY_CONFIRMATION%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22471178%22%7D%5D%2C%22POSTER_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472135%22%7D%5D%2C%22ENABLE_SSR_ADFOX_WIDGET%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22458000%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2250770%22%2C%22testId%22%3A%22472137%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%7D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=CNGYFZ19IdIIeft7Nd35Fz0v2KQtg5jD3ZaVxBMY9ssYjwUwDxZ%2FygCu0dENuaptZDo%2BpxHVNnn%2Fzg20pSdHuPwIUSM%3D&top-ancestor=https%3A%2F%2Ftheins.ru&top-ancestor-undetermined=0&grab-orig-len=560&grab=dNCh0KjQkCDQuCDQldChINC80L7Qs9GD0YIg0L7Qs9GA0LDQvdC40YfQuNGC0Ywg0LLQvtC30LzQvtC20L3QvtGB0YLQuCDQoNC-0YHRgdC40Lgg0L_QviDQvtCx0LzQtdC90YMg0LLQsNC70Y7RgiDQsiDRgdC70YPRh9Cw0LUg0L3QsNC_0LDQtNC10L3QuNGPINC90LAg0KPQutGA0LDQuNC90YMg4oCUIEJsb29tYmVyZwox0KHQqNCQINC4INCV0KEg0LzQvtCz0YPRgiDQvtCz0YDQsNC90LjRh9C40YLRjCDQstC-0LfQvNC-0LbQvdC-0YHRgtC4INCg0L7RgdGB0LjQuCDQv9C-INC-0LHQvNC10L3RgyDQstCw0LvRjtGCINCyINGB0LvRg9GH0LDQtSDQvdCw0L_QsNC00LXQvdC40Y8g0L3QsCDQo9C60YDQsNC40L3RgyDigJQgQmxvb21iZXJnIAoy0J3QsNC8INC-0YfQtdC90Ywg0L3Rg9C20L3QsCDQstCw0YjQsCDQv9C-0LzQvtGJ0YwgCg%3D%3D&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
549ff98e83a436627a862580510161579daea5f386e1a055254209dddd3248c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:41:10 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1639402870401284-652066128137035403600367-production-app-host-vla-pcode-47
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Dec 2021 13:41:10 GMT
1
mc.yandex.com/watch/45954939/ 		43 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/45954939/1?page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A392602888738%3Ahid%3A874650403%3Az%3A0%3Ai%3A202112131341010%3Aet%3A1639402870%3Ac%3A1%3Arn%3A997033986%3Arqn%3A2%3Au%3A1639402869637825254%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639402868344%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1258%2C1258%2C6%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1259%2C1259%2C6%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639402870&t=gdpr(14)aw(1)lt(15800)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 13-Dec-2021 13:41:10 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:10 GMT
context.js
an.yandex.ru/system/ 		309 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
626a2f39b146f0d94686eb4d526d451628b31f649b631e0e09ba580f4a86f6f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
x-yandex-req-id
1639402870402933-520809850097742620800404-production-app-host-sas-pcode-209
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 13 Dec 2021 14:41:10 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 22FD 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126530
x-xss-protection
0
expires
Mon, 13 Dec 2021 13:41:10 GMT
/
www.acint.net/mc/ Frame 482A
Redirect Chain
  • https://www.acint.net/mc/?dp=131
  • https://www.acint.net/mc/?dp=131&tc=1
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/mc/?dp=131&tc=1
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/vast/vpaid-ssp.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
1093ecea1fc0f7269983039b120acf32ad51128c0ef42c324a83b6abf9230d7b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

server
openresty
date
Mon, 13 Dec 2021 13:41:10 GMT
content-type
text/html
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding
gzip

Redirect headers

server
openresty
date
Mon, 13 Dec 2021 13:41:10 GMT
content-type
text/html
content-length
154
location
/mc/?dp=131&tc=1
watch.js
mc.yandex.ru/metrika/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
br
last-modified
Fri, 10 Dec 2021 11:53:03 GMT
etag
"61b3156f-bcf4"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
48372
expires
Mon, 13 Dec 2021 14:41:10 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 9EA5 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/vast/vpaid-ssp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126530
x-xss-protection
0
expires
Mon, 13 Dec 2021 13:41:10 GMT
1
www.acint.net/pxl/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/1?dp=16&id=117202.596179.162878571&sid=61b74d76-69ba-609j-1p4e-y8kbl6e8zzh3&ref=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&r=1639402870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
/
ssp-rtb.sape.ru/data/ Frame 9EA5 		21 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/data/?callback=sapeRTBreadResponse_117202&srtbid=117202&scids=162878571&sx=736&sy=414&u=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&allimps=1&fl=0&tz=%2B00%3A00&op=vast
Requested by
Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/vast/vpaid-ssp.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.64.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1397441.sapientru.net
Software
openresty /
Resource Hash
e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
openresty
Access-Control-Allow-Methods
GET
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
https://theins.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
21
Expires
Wed, 19 Apr 2000 11:43:00 GMT
match
ads.betweendigital.com/ Frame 482A
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F764DB7614D018D3A022E4263
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F764DB7614D018D3A022E4263&crf=1
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F764DB7614D018D3A022E4263&crf=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
188.42.29.166 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=73&external_user_id=0100007F764DB7614D018D3A022E4263&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
acint.net/ Frame 482A
Redirect Chain
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
  • https://acint.net/match?dp=14&euid=0100007F754DB761140003650255967D
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=14&euid=0100007F754DB761140003650255967D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
openresty
P3P
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location
https://acint.net/match?dp=14&euid=0100007F754DB761140003650255967D
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
text/html
Content-Length
142
Expires
Wed, 19 Apr 2000 11:43:00 GMT
match
acint.net/ Frame 482A
Redirect Chain
  • https://px.adhigh.net/p/cm/sape?u=0100007F764DB7614D018D3A022E4263
  • https://acint.net/match?dp=17&euid=81EqrEiYKe2.AikABlF9tAaSrw
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=17&euid=81EqrEiYKe2.AikABlF9tAaSrw
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f17-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://acint.net/match?dp=17&euid=81EqrEiYKe2.AikABlF9tAaSrw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm.gif
ad.mail.ru/ Frame 482A 		43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=48&id=0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Last-Modified
Mon, 13 Dec 2021 13:41:10 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=21600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Mon, 13 Dec 2021 19:41:10 GMT
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 482A
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
  • https://www.acint.net/rmatch?dp=45&euid=AI_Kh6YluRxiUUlv96wpvEw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F764DB7614D018D3A022E4263
42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Server
81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad13.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

date
Mon, 13 Dec 2021 13:41:10 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F764DB7614D018D3A022E4263
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
sync
a.utraff.com/ Frame 482A 		0
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.utraff.com/sync?ssp=sape
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c09a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6M8vz0pcFXWt8zEgh7UjU4ZvD1QRFJ4kO8LuPcSIiYqkrnW972G4K57s2OYSl9BYqa7uKfNykoyaLytq2bUjS72tLlzJtHrl0gl939KEpNlOOExzrV%2F3IyY6OvC%2Fq%2FokYZ8qiLHF5ymXtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
6bcf9bc4996e7031-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
/
sync.bumlam.com/ Frame 482A
Redirect Chain
  • https://sync.republer.com/match?dsp=sape
  • https://sync.republer.com/match?dsp=sape&qset=1
  • https://sync.bumlam.com/?src=rp1&uid=d6f23000-318b-4c76-b7e4-8d678b41b267
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj2mt2NBlIEioaQK2IkZDZmMjMwMDAtMzE4Yi00Yzc2LWI3ZTQtOGQ2NzhiNDFiMjY3
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj2mt2NBlIEioaQK2IkZDZmMjMwMDAtMzE4Yi00Yzc2LWI3ZTQtOGQ2NzhiNDFiMjY3ogEQVRTx6lwaEeyG4AAlkMBkfA**
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQABj2mt2NBmIkZDZmMjMwMDAtMzE4Yi00Yzc2LWI3ZTQtOGQ2NzhiNDFiMjY3ogEQVRTx6lwaEeyG4AAlkMBkfA**
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQARj2mt2NBmIkZDZmMjMwMDAtMzE4Yi00Yzc2LWI3ZTQtOGQ2NzhiNDFiMjY3ogEQVRTx6lwaEeyG4AAlkMBkfA**
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=rp1&s_data=CAIQARj2mt2NBmIkZDZmMjMwMDAtMzE4Yi00Yzc2LWI3ZTQtOGQ2NzhiNDFiMjY3ogEQVRTx6lwaEeyG4AAlkMBkfA**
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Server
31.172.81.160 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
nginx
ETag
5514f1ea-5c1a-11ec-86e0-002590c0647c
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=rp1&s_data=CAIQARj2mt2NBmIkZDZmMjMwMDAtMzE4Yi00Yzc2LWI3ZTQtOGQ2NzhiNDFiMjY3ogEQVRTx6lwaEeyG4AAlkMBkfA**
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
match
dm-eu.hybrid.ai/ Frame 482A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-eu.hybrid.ai/match?id=106&vid=0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
515
x-xss-protection
1; mode=block
expires
-1
adcm.js
tag.digitaltarget.ru/ Frame 482A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/adcm.js
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Last-Modified
Tue, 16 Nov 2021 09:48:08 GMT
Server
nginx
ETag
"61937e58-beb"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3051
sape
sync.dmp.otm-r.com/match/ Frame 482A 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/sape?id=0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.106.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.106.201.195.clients.your-server.de
Software
nginx/1.15.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 13 Dec 2021 13:41:10 GMT
server
nginx/1.15.9
match
www.acint.net/ Frame 482A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf3ZNt2FNAY06Ai5CYw
  • https://www.acint.net/match?dp=77&euid=
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=77&euid=
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.acint.net/match?dp=77&euid=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adlmerge.com/merge_gpsid/ Frame 482A
Redirect Chain
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F764DB7614D018D3A022E4263
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F764DB7614D018D3A022E4263
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
95.211.66.35 Purmer, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

iseu
eu
server
nginx/1.16.0
date
Mon, 13 Dec 2021 13:41:10 GMT
content-type
image/gif

Redirect headers

location
//adlmerge.com/merge_gpsid/?sid=50&id=0100007F764DB7614D018D3A022E4263
date
Mon, 13 Dec 2021 13:41:10 GMT
server
nginx
content-length
0
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 482A 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad13.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sprcs
relap.io/partners/ Frame 482A 		43 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/partners/sprcs?uid=0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-server
back24
content-length
43
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
sape-sync
adx.com.ru/ Frame 482A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.com.ru/sape-sync?uid=0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.134.131.34.188.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
pixel.gif
sync.1dmp.io/ Frame 482A
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F764DB7614D018D3A022E4263
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F764DB7614D018D3A022E4263&cs=1
35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F764DB7614D018D3A022E4263&cs=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dmc-test-dn3
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F764DB7614D018D3A022E4263&cs=1
date
Mon, 13 Dec 2021 13:41:10 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
match
www.acint.net/ Frame 482A
Redirect Chain
  • https://sape-sync.rutarget.ru/sync
  • https://www.acint.net/match?dp=104&euid=f9Z-c27U0wDz
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=104&euid=f9Z-c27U0wDz
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:11 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location
https://www.acint.net/match?dp=104&euid=f9Z-c27U0wDz
Date
Mon, 13 Dec 2021 13:41:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
match
acint.net/ Frame 482A
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
  • https://acint.net/match?dp=107&euid=a48a3d90-6943-515b-9774-7888f6c335fe
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=107&euid=a48a3d90-6943-515b-9774-7888f6c335fe
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://acint.net/match?dp=107&euid=a48a3d90-6943-515b-9774-7888f6c335fe
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
acint.net/ Frame 482A
Redirect Chain
  • https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
  • https://acint.net/match?dp=110&euid=6b525c98cbb54e6e988b2aa5c2d98d14
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=110&euid=6b525c98cbb54e6e988b2aa5c2d98d14
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://acint.net/match?dp=110&euid=6b525c98cbb54e6e988b2aa5c2d98d14
date
Mon, 13 Dec 2021 13:41:10 GMT
server
Kestrel
content-length
0
match
www.acint.net/ Frame 482A
Redirect Chain
  • https://0100007f764db7614d018d3a022e4263-sp.ops.beeline.ru/p?ssp=sp&id=0100007F764DB7614D018D3A022E4263
  • https://www.acint.net/match?dp=111&euid=5ab4423f-b86e-480c-8533-ae7d31d05d34
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=111&euid=5ab4423f-b86e-480c-8533-ae7d31d05d34
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date
Mon, 13 Dec 2021 13:41:10 GMT
x-route
http://upstream_cookiesync
server
nginx
location
https://www.acint.net/match?dp=111&euid=5ab4423f-b86e-480c-8533-ae7d31d05d34
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.36
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
matchspm
ut.rktch.com/ Frame 482A
Redirect Chain
  • https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F764DB7614D018D3A022E4263
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3107074999
  • https://ut.rktch.com/matchspm?pi=1000006&pui=EbOdFrqniqifLZYHlHaEvu&noredirect
88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchspm?pi=1000006&pui=EbOdFrqniqifLZYHlHaEvu&noredirect
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Server
89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d50603.reg.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
nginx/1.18.0
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Content-Length
88

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
via
1.1 google
last-modified
Mon, 13 Dec 2021 13:41:10 GMT
server
nginx/1.12.0
location
https://ut.rktch.com/matchspm?pi=1000006&pui=EbOdFrqniqifLZYHlHaEvu&noredirect
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
0.gif
x01.aidata.io/ Frame 482A
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F764DB7614D018D3A022E4263
  • https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F764DB7614D018D3A022E4263
  • https://tech.rtb.mts.ru/?dsp_uid=c5b72a0b-7c88-4eb3-af36-f03f98f3f1df&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3...
  • https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
0
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:11 GMT
last-modified
Mon, 13 Dec 2021 13:41:10 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Mon, 13 Dec 2021 13:41:10 GMT

Redirect headers

Date
Mon, 13 Dec 2021 13:41:11 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
match
www.acint.net/ Frame 482A
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
  • https://www.acint.net/match?dp=126&euid=823564a7-8e36-4117-5a88-2180aae8fb06
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=126&euid=823564a7-8e36-4117-5a88-2180aae8fb06
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://www.acint.net/match?dp=126&euid=823564a7-8e36-4117-5a88-2180aae8fb06
date
Mon, 13 Dec 2021 13:41:10 GMT
server
nginx
content-length
115
serverid
TODO
content-type
text/html; charset=utf-8
match
www.acint.net/ Frame 482A
Redirect Chain
  • https://s.uuidksinc.net/match/396/?remote_uid=0100007F764DB7614D018D3A022E4263
  • https://www.acint.net/match?dp=127&euid=oVVCbUm1ueBe9fElFLDb
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=127&euid=oVVCbUm1ueBe9fElFLDb
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://www.acint.net/match?dp=127&euid=oVVCbUm1ueBe9fElFLDb
date
Mon, 13 Dec 2021 13:41:10 GMT
server
nginx/1.19.0
content-length
0
usersync
ssp.bidvol.com/ Frame 482A 		0
0
userbind
match.new-programmatic.com/ Frame 482A 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=sape&id=0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 13 Dec 2021 13:41:10 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
0100007F764DB7614D018D3A022E4263
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 482A 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
xbcqC3yITrOvNvA_mPPx3w
an.yandex.ru/setud/mts_banner/ Frame 482A
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F764DB7614D018D3A022E4263
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F764DB7614D018D3A022E4263&bounce=1
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=8LJDwPZLkd%2Bvxnmxr%2B1EfA
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=8LJDwPZLkd%2Bvxnmxr%2B1EfA
  • https://tech.rtb.mts.ru/?dsp_uid=c5b72a0b-7c88-4eb3-af36-f03f98f3f1df&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FxbcqC3yITrOvNvA_mPPx3w%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
  • https://an.yandex.ru/setud/mts_banner/xbcqC3yITrOvNvA_mPPx3w?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D8LJDwPZLkd%252Bvxnmxr%252B1EfA&sign=1801877668
43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/xbcqC3yITrOvNvA_mPPx3w?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D8LJDwPZLkd%252Bvxnmxr%252B1EfA&sign=1801877668
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:11 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:41:11 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Dec 2021 13:41:11 GMT

Redirect headers

Date
Mon, 13 Dec 2021 13:41:11 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/xbcqC3yITrOvNvA_mPPx3w?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D8LJDwPZLkd%252Bvxnmxr%252B1EfA&sign=1801877668
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
sync.bumlam.com/ Frame 482A
Redirect Chain
  • https://sync.bumlam.com/?src=sap1&uid=0100007F764DB7614D018D3A022E4263
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj2mt2NBlIFrbKc-w9iIDAxMDAwMDdGNzY0REI3NjE0RDAxOEQzQTAyMkU0MjYz
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQABj2mt2NBmIgMDEwMDAwN0Y3NjREQjc2MTREMDE4RDNBMDIyRTQyNjOiARBVFPHqXBoR7IbgACWQwGR8
  • https://sync.bumlam.com/?src=sap1&s_data=CAIQARj2mt2NBmIgMDEwMDAwN0Y3NjREQjc2MTREMDE4RDNBMDIyRTQyNjOiARBVFPHqXBoR7IbgACWQwGR8
0
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=sap1&s_data=CAIQARj2mt2NBmIgMDEwMDAwN0Y3NjREQjc2MTREMDE4RDNBMDIyRTQyNjOiARBVFPHqXBoR7IbgACWQwGR8
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Server
31.172.81.160 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Server
nginx
ETag
5514f1ea-5c1a-11ec-86e0-002590c0647c
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=sap1&s_data=CAIQARj2mt2NBmIgMDEwMDAwN0Y3NjREQjc2MTREMDE4RDNBMDIyRTQyNjOiARBVFPHqXBoR7IbgACWQwGR8
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
0100007F764DB7614D018D3A022E4263
an.yandex.ru/mapuid/sapeis/ Frame 482A 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/sapeis/0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:41:10 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Dec 2021 13:41:10 GMT
frame.html
s3.advarkads.com/modules/match/ Frame DB50 		187 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F764DB7614D018D3A022E4263
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
content-type
text/html
cache-control
max-age=60
last-modified
Wed, 13 Oct 2021 12:55:49 GMT
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6bcf9bc49f57694b-FRA
content-encoding
gzip
71281900
mc.yandex.com/watch/ 		331 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/71281900?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&site-info=%7B%22site_id%22%3A117202%2C%22srtb_domain%22%3A%22theins.ru%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A672%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A0%3Als%3A1280273917076%3Ahid%3A874650403%3Az%3A0%3Ai%3A202112131341010%3Aet%3A1639402871%3Ac%3A1%3Arn%3A23814139%3Arqn%3A1%3Au%3A1639402869637825254%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639402868344%3Ads%3A23%2C30%2C524%2C4%2C0%2C0%2C%2C82%2C0%2C1258%2C1258%2C6%2C700%3Adsn%3A23%2C30%2C525%2C3%2C0%2C0%2C%2C81%2C0%2C1259%2C1259%2C6%2C700%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639402871%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr(14)aw(1)lt(15800)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
67a1afa8799764a13091520bd5c8debe7073b9ffb73d29fcf87bc20eff50d14b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 13-Dec-2021 13:41:10 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:10 GMT
700037
an.yandex.ru/meta/ 		54 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/700037?target-ref=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&pcode-test-ids=458424%2C0%2C95%3B462893%2C0%2C96%3B452124%2C0%2C65%3B462728%2C0%2C33%3B472750%2C0%2C41%3B471058%2C0%2C91%3B457305%2C0%2C46%3B463993%2C0%2C58%3B471178%2C0%2C60%3B472135%2C0%2C15%3B458000%2C0%2C80%3B472137%2C0%2C36%3B437233%2C0%2C-1&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22472631%22%2C%22testId%22%3A%22472859%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22DISABLE_ETAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468484%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22470857%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22458424%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22462728%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472750%22%7D%5D%2C%22COMBO_SSR_ON_POGODA%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22471058%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22LEADERBOARD_HORIZONTAL_SD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463993%22%7D%5D%2C%22WIDGET_UNIFY_CONFIRMATION%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22471178%22%7D%5D%2C%22POSTER_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472135%22%7D%5D%2C%22ENABLE_SSR_ADFOX_WIDGET%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22458000%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2250770%22%2C%22testId%22%3A%22472137%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=CNGYFZ19IdIIeft7Nd35Fz0v2KQtg5jD3ZaVxBMY9ssYjwUwDxZ%2FygCu0dENuaptZDo%2BpxHVNnn%2Fzg20pSdHuPwIUSM%3D&duid=MTYzOTQwMjg2OTYzNzgyNTI1NA%3D%3D&imp-id=2&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=326606493057026&ad-session-id=8135101639402870305&target-id=75886759&tga-with-creatives=1&top-ancestor=https%3A%2F%2Ftheins.ru&top-ancestor-undetermined=0&pcode-version=50770&pcodever=50770&flash-ver=0&available-width=736&available-height=414&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A736%2C%22h%22%3A414%2C%22width%22%3A736%2C%22height%22%3A414%2C%22visible%22%3A0%2C%22left%22%3A385%2C%22top%22%3A2283%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=560&grab=dNCh0KjQkCDQuCDQldChINC80L7Qs9GD0YIg0L7Qs9GA0LDQvdC40YfQuNGC0Ywg0LLQvtC30LzQvtC20L3QvtGB0YLQuCDQoNC-0YHRgdC40Lgg0L_QviDQvtCx0LzQtdC90YMg0LLQsNC70Y7RgiDQsiDRgdC70YPRh9Cw0LUg0L3QsNC_0LDQtNC10L3QuNGPINC90LAg0KPQutGA0LDQuNC90YMg4oCUIEJsb29tYmVyZwox0KHQqNCQINC4INCV0KEg0LzQvtCz0YPRgiDQvtCz0YDQsNC90LjRh9C40YLRjCDQstC-0LfQvNC-0LbQvdC-0YHRgtC4INCg0L7RgdGB0LjQuCDQv9C-INC-0LHQvNC10L3RgyDQstCw0LvRjtGCINCyINGB0LvRg9GH0LDQtSDQvdCw0L_QsNC00LXQvdC40Y8g0L3QsCDQo9C60YDQsNC40L3RgyDigJQgQmxvb21iZXJnIAoy0J3QsNC8INC-0YfQtdC90Ywg0L3Rg9C20L3QsCDQstCw0YjQsCDQv9C-0LzQvtGJ0YwgCg%3D%3D&uniformat=true&callback=Ya%5B4151233308850%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
59c8ab0c78b8fc87538720596062af092afd31899d883058c15b3a88bf980211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:41:10 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1639402870590125-355871706536510449300365-production-app-host-vla-pcode-56
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Dec 2021 13:41:10 GMT
1
mc.yandex.com/watch/71281900/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/71281900/1?page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A0%3Als%3A1280273917076%3Ahid%3A874650403%3Az%3A0%3Ai%3A202112131341010%3Aet%3A1639402871%3Ac%3A1%3Arn%3A250406224%3Arqn%3A2%3Au%3A1639402869637825254%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639402868344%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639402871&t=gdpr(14)aw(1)lt(15800)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 13-Dec-2021 13:41:10 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:10 GMT
bridge3.491.0_en.html
imasdk.googleapis.com/js/core/ Frame D9D9 		596 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198240
date
Sat, 11 Dec 2021 21:08:33 GMT
expires
Sun, 11 Dec 2022 21:08:33 GMT
last-modified
Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
145957
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 22FD 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 13 Dec 2021 13:41:10 GMT
integrator.js
adservice.google.com/adsid/ Frame 22FD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=theins.ru
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
frame.js
s3.advarkads.com/modules/match/ Frame DB50 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.js
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F764DB7614D018D3A022E4263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67634f2f8662df57faedc459870619f17d551a34e1f6354a2b55f99c061224b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F764DB7614D018D3A022E4263
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Dec 2021 12:52:50 GMT
server
cloudflare
age
22
etag
"07dcf5520f0d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
cf-ray
6bcf9bc5a9a9694b-FRA
content-length
7430
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1093 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 13 Dec 2021 14:35:03 GMT
bridge3.491.0_ru.html
imasdk.googleapis.com/js/core/ Frame E8C2 		597 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.491.0_ru.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd928f8f3e24497b61832ae3a786f49b642f39add5e2e0a2e3b1a38c6400d695
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198451
date
Sat, 11 Dec 2021 19:23:45 GMT
expires
Sun, 11 Dec 2022 19:23:45 GMT
last-modified
Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152245
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 9EA5 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 13 Dec 2021 13:41:10 GMT
integrator.js
adservice.google.com/adsid/ Frame 9EA5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=theins.ru
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ Frame B75D 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1069 / 401 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Dec 2021 13:41:10 GMT
event
ads.adfox.ru/260971/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/260971/event?pm=bmo&hash=ed9056f54a4e6515&duid=1639402869637825254&pxo=0HHFtp0Gx8rR1rDWA2sGBGkjOz9Ahpx_pvqVipiYO0dHx1sy7AUegs6HtLJeV3ea5B6T_LoArrl8_9oODBFvIaFGL1mObm74gcwIHC3aTS-FmASyoKfSeqFz0w-V6ltgAAU981Kk02hPMH-IiqPIT8Ain3IZ1X_XRQ-74ix5ATAnTQnuewU%3D&p5=iuewa&rand=hyuzvuj&sj=70lpwuzadRrK_pLakMevGfucyTMrGyN5utsj9UjbRu7KpTJb_qn3b9JThF3z6g%3D%3D&ad-session-id=8135101639402870305&lts=fhznceo&ytt=326554957907989&ybv=0.50770&ylv=0.50770&dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pr=tahoen&p1=cpewf&rqs=ddn4_DU3I3V2TbdhH_B3OR60GJjMrFKS&rtb-si=b&p2=gxmq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 13:41:10 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
match
api.advarkads.com/api/statistic/ Frame DB50 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F764DB7614D018D3A022E4263
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F764DB7614D018D3A022E4263
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.111.109.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.18.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.advarkads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Dec 2021 12:42:00 GMT
Server
nginx/1.18.0
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
-1
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 201A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:35:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 13 Dec 2021 14:35:03 GMT
processor.js
tag.digitaltarget.ru/ Frame 482A 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/processor.js?i=710541722908330
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:10 GMT
Last-Modified
Tue, 16 Nov 2021 09:48:09 GMT
Server
nginx
ETag
"61937e59-3cda"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15578
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame B75D 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Dec 2021 13:41:11 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://theins.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

timing-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
date
Mon, 13 Dec 2021 13:41:10 GMT
access-control-max-age
1728000
access-control-allow-headers
content-type
access-control-allow-origin
https://theins.ru
access-control-allow-credentials
true
x-xss-protection
1; mode=block
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding
gzip
strict-transport-security
max-age=31536000
event_confirmation
an.yandex.ru/ 		0
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:41:10 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Dec 2021 13:41:10 GMT
inpage.bundle.js
yastatic.net/awaps-ad-sdk-js-bundles/1.0-472631/bundles-es2017/ 		617 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-472631/bundles-es2017/inpage.bundle.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/50770/4988e24bad13ffae4c6a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
df852826d747050e308998c000946f0d1558b27dec26d4455d8fc6cc547d6338
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://theins.ru/
Origin
https://theins.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
155326
x-nginx-request-id
1792f1e24fea85a9
last-modified
Sun, 12 Dec 2021 16:13:54 GMT
server
nginx/1.17.9
etag
"930a97a48c2f69b8d59f2c335afc4f68"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2051 20:13:12 GMT
jstracer
an.yandex.ru/ 		2 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
player
logs.viadata.store/event/ Frame 9321 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs.viadata.store/event/player?sid=102696&proto=https&vi_width=736&vi_height=414&uid=61eb2bd0-249a-4095-bb84-5dfe5110aaea&event=rtb&tid=3458&event2=start
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 13:41:10 GMT
server
nginx
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT
700037
mc.yandex.com/watch/ 		312 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/700037?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A3%3Adp%3A0%3Als%3A629311590735%3Ahid%3A874650403%3Az%3A0%3Ai%3A202112131341010%3Aet%3A1639402871%3Ac%3A1%3Arn%3A597495514%3Au%3A1639402869637825254%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639402868344%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639402871%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr(14)aw(1)lt(15800)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
57929cb30a3fca27858124de8c071543e7b4c5df1c7a27a240c02fe53968f547
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 13-Dec-2021 13:41:10 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
312
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:10 GMT
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame E52B 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

server
nginx/1.17.9
date
Mon, 13 Dec 2021 13:41:10 GMT
content-type
text/html
content-length
6262
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Wed, 13 Dec 2051 20:15:08 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
accept-ranges
bytes
1
mc.yandex.com/watch/700037/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/700037/1?page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A672%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A3%3Adp%3A0%3Als%3A629311590735%3Ahid%3A874650403%3Az%3A0%3Ai%3A202112131341010%3Aet%3A1639402871%3Ac%3A1%3Arn%3A284427866%3Arqn%3A1%3Au%3A1639402869637825254%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639402868344%3Ads%3A23%2C30%2C524%2C4%2C0%2C0%2C%2C82%2C0%2C1258%2C1258%2C6%2C700%3Adsn%3A23%2C30%2C525%2C3%2C0%2C0%2C%2C81%2C0%2C1259%2C1259%2C6%2C700%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639402871&t=gdpr(14)aw(1)lt(15800)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 13-Dec-2021 13:41:10 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:10 GMT
700037
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/700037?page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A3%3Adp%3A0%3Als%3A629311590735%3Ahid%3A874650403%3Az%3A0%3Ai%3A202112131341010%3Aet%3A1639402871%3Ac%3A1%3Arn%3A925393322%3Arqn%3A2%3Au%3A1639402869637825254%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639402868344%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639402871%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr(14)aw(1)lt(15800)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:10 GMT
last-modified
Mon, 13-Dec-2021 13:41:10 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:10 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D9D9 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2Fca-video-pub-4090704406626496-tag%2Fviads.theins.ru&description_url=https%3A%2F%2Ftheins.ru%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3731484728431992&vpa=auto&vpmute=1&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&adk=4248522539&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Ftheins.ru%2F31abfaff-8e0f-49fb-bd62-643a06a3fb78&sid=C68DF8A2-ED97-4F32-A65E-18CB49E92BBE&nel=1&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&dt=1639402870941&cookie=ID%3D77271b6557d9a23b-22e6daa106cd00e5%3AT%3D1639402869%3ART%3D1639402869%3AS%3DALNI_MZS5q7_NjirpOxlMK3PwF8MLO8QwQ&scor=612099173667860&ged=ve4_td1_tt0_pd1_la1000_er2283.385.2436.685_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
www.acint.net/pxl/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/pxl/3?dp=16&id=117202.596179.162878571&sid=61b74d76-69ba-609j-1p4e-y8kbl6e8zzh3&ref=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&r=1639402871
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:10 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame E52B 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:11 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-RT-IH
0.0002
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Tue, 14 Dec 2021 13:41:11 GMT
jstracer
jstracer.yandex.ru/ 		2 B
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=472631&values=PrioritiseMediaFiles
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-472631/bundles-es2017/inpage.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
video_5dc3f4e72cb942ba54b8e51c_169_360p.webm
strm-rad14.strm.yandex.net/vh-canvas-converted/get-canvas/
Redirect Chain
  • https://strm.yandex.ru/vh-canvas-converted/get-canvas/video_5dc3f4e72cb942ba54b8e51c_169_360p.webm?sid=d49b89a2b44894b66edd920195f9d3afa5d5a37b63b5f94a88129c3a05d5ae73&vsid=3d75fb3bf86fa1effa8c15ae...
  • https://strm-rad14.strm.yandex.net/vh-canvas-converted/get-canvas/video_5dc3f4e72cb942ba54b8e51c_169_360p.webm?sid=d49b89a2b44894b66edd920195f9d3afa5d5a37b63b5f94a88129c3a05d5ae73&vsid=3d75fb3bf86f...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://strm-rad14.strm.yandex.net/vh-canvas-converted/get-canvas/video_5dc3f4e72cb942ba54b8e51c_169_360p.webm?sid=d49b89a2b44894b66edd920195f9d3afa5d5a37b63b5f94a88129c3a05d5ae73&vsid=3d75fb3bf86fa1effa8c15ae466ef78821382081d530xVASx0NaNx1639402870&noredir=1&lid=181
Protocol
H2
Server
2a02:6b8:0:70d::74 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
420bb29473e5cc4989398fb9aba02cfa1ddfeefdfdab2b90895be9a44b4aff9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:11 GMT
x-estimated-bandwidth
1823096
x-yc-s3-bucket-tags
{}
x-strm-log-split
6
x-amz-version-id
null
Content-Range
bytes 0-1127162/1127163
x_h
strm-rad14.strm.yandex.net
x-amz-meta-resolution
640x360
x-connection-id
615668840
Content-Length
1127163
x-request-id
247e19eccbaf0c07
x-estimated-rtt
25564
x-strm-request-id
247e19eccbaf0c07
last-modified
Thu, 07 Nov 2019 10:47:30 GMT
server
nginx/1.18.0
etag
"843550fc3eabd886eb07f69f8d813ae6"
nel
{"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
report-to
{"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
content-type
video/webm
x-yc-s3-cloud-id
access-control-expose-headers
Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID
cache-control
max-age=300
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID
expires
Mon, 13 Dec 2021 13:46:11 GMT

Redirect headers

date
Mon, 13 Dec 2021 13:41:11 GMT
nel
{"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
x_h
strm-rad05.strm.yandex.net
x-strm-log-split
2
content-length
0
x-request-id
5d6674e791cc37c4
x-strm-request-id
5d6674e791cc37c4
server
nginx/1.18.0
report-to
{"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
location
https://strm-rad14.strm.yandex.net/vh-canvas-converted/get-canvas/video_5dc3f4e72cb942ba54b8e51c_169_360p.webm?sid=d49b89a2b44894b66edd920195f9d3afa5d5a37b63b5f94a88129c3a05d5ae73&vsid=3d75fb3bf86fa1effa8c15ae466ef78821382081d530xVASx0NaNx1639402870&noredir=1&lid=181
access-control-expose-headers
Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID
cache-control
no-cache
access-control-allow-credentials
true
x-plg
host=strm-plgo-production-37.vla.yp-c.yandex.net; version=8912931
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID
expires
Thu, 01 Jan 1970 00:00:01 GMT
i
dmg.digitaltarget.ru/1/1093/i/ Frame 482A 		49 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/1093/i/i?i=53309109992778.396484108789773&a=77&e=0100007F764DB7614D018D3A022E4263&pref=https%3A%2F%2Ftheins.ru%2F&c=ss:77.up:0100007F764DB7614D018D3A022E4263.sync:up.xdua:duPQ7FfOo9387eVDTFjwbX9r.xps:xpsJSjJ5Th6wP1WSmmMvlTUpS.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
10
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true
i
dmg.digitaltarget.ru/1/1093/i/ Frame 482A 		49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/1093/i/i?i=53309109992778.118585671862215&a=77&e=0100007F764DB7614D018D3A022E4263&pref=https%3A%2F%2Ftheins.ru%2F&c=ss:77.up:0100007F764DB7614D018D3A022E4263.sync:up.xdua:duPQ7FfOo9387eVDTFjwbX9r.xps:xpsJSjJ5Th6wP1WSmmMvlTUpS.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=131&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Mon, 13 Dec 2021 13:41:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
4
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true
integrator.js
adservice.google.de/adsid/ Frame B75D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=theins.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B75D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=theins.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B75D 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3948290564513199&correlator=202395792958615&output=ldjh&impl=fifs&eid=31061815%2C31063914%2C44756717&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=21789626543%2Ctheins.ru_desk_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=keys%3D40&cookie=ID%3D77271b6557d9a23b-22e6daa106cd00e5%3AT%3D1639402869%3ART%3D1639402869%3AS%3DALNI_MZS5q7_NjirpOxlMK3PwF8MLO8QwQ&cdm=theins.ru&bc=31&abxe=1&lmt=1639402871&dt=1639402871255&dlt=1639402870706&idt=533&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=20&adys=968&adks=4175249508&ucis=jle4q8b8wylr&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&top=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1146171265.1639402869&ga_sid=1639402871&ga_hid=1442263085&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
f1b6417ea5fe5837d7d32278a69c8109a253854cfc3a3648f4341554392c7b42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8302
x-xss-protection
0
google-lineitem-id
5793533433
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138327491230
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://theins.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B75D 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439fbbd85bf55d63eb2bcb9680048d0310d88f9f0a0cea0cfcae13b95cf25603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8501
x-xss-protection
0
container.html
0afd0127cab5ef367cb1adc81eafdad5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7812 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0afd0127cab5ef367cb1adc81eafdad5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 13 Dec 2021 13:41:11 GMT
expires
Tue, 13 Dec 2022 13:41:11 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B75D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Mon, 13 Dec 2021 13:41:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 653B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Mon, 13 Dec 2021 10:36:17 GMT
expires
Tue, 13 Dec 2022 10:36:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11094
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 44F8 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1ada2054362405c4cc34996a74753a005d5e1d7d93f5cbfd85c59326e2ff6081
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BwDpknzzvSQUuNkHyh3OZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 13 Dec 2021 13:41:11 GMT
date
Mon, 13 Dec 2021 13:41:11 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-BwDpknzzvSQUuNkHyh3OZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 44F8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3948290564513199&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
pagead2.googlesyndication.com/bg/ Frame 653B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 14:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
81690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13622
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Dec 2022 14:59:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B75D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3948290564513199&bg=!enmleT3NAAZKWFskSlg7ACkAdvg8Wq2m2GHZgKc38bhYmeJclnT0wRndFc3oEw0Iv84MTMh8jr6EPAIAAABbUgAAAAhoAQcKAB94279uOXZR4tDFsKVVamYK_H4NqX-YHjazP9xMDBFwmQLJsXSZsl1ZGo-vPIZUaQchKRTdC0yUnHirtZHSxC0AuS2lsRNJhUByMDlSRIZ_TwfnpUiCWEVBs7Mwjm_vS4xBQZrg6_WInS9lx4nSVO983LKrdpDXwliGK_bliAR1YqBiWLB-se6mBzV_qSxm4OG4neTsvKat_GoZTzB1y1gL03yx8Zun29O2vRX25NKp8v-7pTr91DBIft8qiaQhLaYdovAV2EFntgShkhgpJRqvJTNiFAEsJsZW5D72LG_JAB09pMoLx_qZ5ahtATBQZrVHM_HNHqCHg922-tzI3SSBIAQCvAshRby0Wnb4Zq6L-UHnldH6PWTkTwutTxwljuR7jGGBTCHQiaAqT3zJ1yanpgIHHpL5mh3yVUevhK_AMdZ-qJX51aGbxWa0n3L7AxnwR--ILoEBVpDVrtYwfHnkQmQdC-qLXwl-D9hN4ymcO5iFaCO5StPjlT6teIKInq15ICJo2_iM2SdsEyCRnx1uJHzF5CEDKnQZYoq8sRe_YZTXx_4g4q8Fn4U-iRI0ijM_stbA4WEWuS6nmKdOCaI4RZN2nmxf1KbCZVoenPe7cR_DrccTXUC5Pqv10nHa8RJ0jV2z41AoK1ylsqi22SJwfTOCWEChq0KGPop6oZ7mErNZ0_nVPAW9CAKUXC3RvIZn0lZxgTPmYw7UuTM-D67gIaF4Qcf1u_lm89Okf77qswrmhunyTYVmfYjKqQNzxWIuCs0U3x6HSmipvAcanPHlHoODc41eqnuOibuiPyXPecMap8ZW_WrTL5s4te-l--CX3Md6xQM2um_jmWerXi3ojWFt70X0A70HuzkhkqJgej7Mdm1zcPVSVuo-V8gOr9HYSet7k2yYq6yhlKh2TeTONWhGtIYZ1PYnQe6DCXmusitMh4iAOhuUA32hf4Bd-zoYo5qZqf0b0h7v-EOK0icr-MpEi08KyK2I_-I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
45954939
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/45954939?wmode=0&wv-part=1&wv-hit=874650403&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rn=1003888483&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1639402872%3Aw%3A1600x1200%3Av%3A720%3Az%3A0%3Ai%3A20211213134111%3Au%3A1639402869637825254%3Avf%3Aykcyjkqfph1z85b6in%3Awe%3A1%3Ast%3A1639402872&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:11 GMT
last-modified
Mon, 13-Dec-2021 13:41:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:11 GMT
45954939
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/45954939?wmode=0&wv-part=1&wv-hit=874650403&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rn=976590294&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1639402872%3Aw%3A1600x1200%3Av%3A720%3Az%3A0%3Ai%3A20211213134111%3Au%3A1639402869637825254%3Avf%3Aykcyjkqfph1z85b6in%3Awe%3A1%3Ast%3A1639402872&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Mon, 13-Dec-2021 13:41:12 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 93D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_ZaxR-B9Qg0Pb-z_Vk9I7AS91dG6oqVGlQ-rvjhtu6hCcw0--soPqiJtu_xtCKw-xLTETrecpnC2PKqNT0UrXOnZxI7sfyqskistgKXtN9qzxHTIQUZGHCPj1MOI8HO-lAY0b3juZTHDG6fzV77LtVPDxP5tJfbV3XJPO-FpO-ux8_l1VxQvmwnrIJKAui2gXn7G-rZuf2zhGs6ZUCQN2vtAA6LV4siYc0CaqlIRRaIbX6iGqsliT9dfWrpwQtqy3QPN4StouZcsCkHZfrNEE-9UfNHsKaeyXjfwyVGjLKqi4pt9PwEpTVRKoozPQTZS5&sig=Cg0ArKJSzKB3MMG7rqssEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Dec 2021 13:41:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adfox-adx-stub.js
yastatic.net/pcode/adfox/ Frame 93D9 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode/adfox/adfox-adx-stub.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
15032
last-modified
Wed, 17 Mar 2021 06:04:30 GMT
server
nginx/1.17.9
etag
"21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 Dec 2021 14:40:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 93D9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 13 Dec 2021 13:41:12 GMT
event
ads.adfox.ru/260971/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/260971/event?pm=bmv&hash=31fe3631dc4f74f2&duid=1639402869637825254&pxo=0HHFtp0Gx8rR1rDWA2sGBGkjOz9Ahpx_pvqVipiYO0dHx1sy7AUegs6HtLJeV3ea5B6T_LoArrl8_9oODBFvIaFGL1mObm74gcwIHC3aTS-FmASyoKfSeqFz0w-V6ltgAAU981Kk02hPMH-IiqPIT8Ain3IZ1X_XRQ-74ix5ATAnTQnuewU%3D&p5=iuewa&rand=erspazv&sj=70lpwuzadRrK_pLakMevGfucyTMrGyN5utsj9UjbRu7KpTJb_qn3b9JThF3z6g%3D%3D&ad-session-id=8135101639402870305&lts=fhznceo&ytt=326554957907989&ybv=0.50770&ylv=0.50770&dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pr=tahoen&p1=cpewf&rqs=ddn4_DU3I3V2TbdhH_B3OR60GJjMrFKS&rtb-si=b&p2=gxmq&resp-time=1284&creative-id=138327491230&google-width=300&google-height=600
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 13:41:12 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
truncated
/ Frame 93D9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e12db6181ad56293272417120b2206b6175be6b8c93a7d4250a3f85ce0e2673d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 93D9 		0
0
v2
an.yandex.ru/adfox/260971/getBulk/ 		69 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/260971/getBulk/v2?availableHeight=500&availableWidth=300&bids=W3siY2FtcGFpZ25faWQiOjk1Mjk2MSwicmVzcG9uc2VfdGltZSI6MjAxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzY4NTI5In0seyJjYW1wYWlnbl9pZCI6OTU3ODkzLCJyZXNwb25zZV90aW1lIjoxNDMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyOTUxOTYxIn0seyJjYW1wYWlnbl9pZCI6MTUzNjEzMSwicmVzcG9uc2VfdGltZSI6NTAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyMTEyNyJ9LHsiY2FtcGFpZ25faWQiOjEwMTkxMDUsInJlc3BvbnNlX3RpbWUiOjU0LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiU01YRjJpMlA5aHhsdnNVbGJZdTEifSx7ImNhbXBhaWduX2lkIjoxMDQ4ODk5LCJyZXNwb25zZV90aW1lIjoyMTEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2Nl8zMDB4NjAwX2FsZmFkYXJ0In0seyJjYW1wYWlnbl9pZCI6MTAxNjU1NywicmVzcG9uc2VfdGltZSI6MTQxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ3MzI1NSJ9LHsiY2FtcGFpZ25faWQiOjE0NDU3MjUsInJlc3BvbnNlX3RpbWUiOjEwMDgsImVycm9yIjp7ImNvZGUiOjN9LCJwbGFjZW1lbnRfaWQiOiIxNDk5NyJ9LHsiY2FtcGFpZ25faWQiOjE2NzI2OTcsInJlc3BvbnNlX3RpbWUiOjcyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjcxMTM4In0seyJjYW1wYWlnbl9pZCI6MTY2OTIyNCwicmVzcG9uc2VfdGltZSI6NjMzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjcxODQ4In0seyJjYW1wYWlnbl9pZCI6OTU3MTI5LCJyZXNwb25zZV90aW1lIjo4MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMjQyNjkifSx7ImNhbXBhaWduX2lkIjo5MzAwODgsInJlc3BvbnNlX3RpbWUiOjI3MywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjU3OnRoZWluc18zMDB4NjAwIn1d&date=2021-12-13T13%3A41%3A10.298%2B00%3A00&dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&duid=MTYzOTQwMjg2OTYzNzgyNTI1NA%3D%3D&enable-flat-highlight=1&extid_loader=MTYzOTQwMjg2OTYzNzgyNTI1NA%3D%3D&extid_tag_loader=theins.ru&grab=dNCh0KjQkCDQuCDQldChINC80L7Qs9GD0YIg0L7Qs9GA0LDQvdC40YfQuNGC0Ywg0LLQvtC30LzQvtC20L3QvtGB0YLQuCDQoNC-0YHRgdC40Lgg0L_QviDQvtCx0LzQtdC90YMg0LLQsNC70Y7RgiDQsiDRgdC70YPRh9Cw0LUg0L3QsNC_0LDQtNC10L3QuNGPINC90LAg0KPQutGA0LDQuNC90YMg4oCUIEJsb29tYmVyZwox0KHQqNCQINC4INCV0KEg0LzQvtCz0YPRgiDQvtCz0YDQsNC90LjRh9C40YLRjCDQstC-0LfQvNC-0LbQvdC-0YHRgtC4INCg0L7RgdGB0LjQuCDQv9C-INC-0LHQvNC10L3RgyDQstCw0LvRjtGCINCyINGB0LvRg9GH0LDQtSDQvdCw0L_QsNC00LXQvdC40Y8g0L3QsCDQo9C60YDQsNC40L3RgyDigJQgQmxvb21iZXJnIAoy0J3QsNC8INC-0YfQtdC90Ywg0L3Rg9C20L3QsCDQstCw0YjQsCDQv9C-0LzQvtGJ0YwgCg%3D%3D&grab-orig-len=560&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A300%2C%22h%22%3A500%2C%22width%22%3A300%2C%22height%22%3A500%2C%22visible%22%3A0%2C%22left%22%3A20%2C%22top%22%3A968%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&p1=cpewf&p2=gxmq&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22472631%22%2C%22testId%22%3A%22472859%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22DISABLE_ETAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468484%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22470857%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22458424%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22452124%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22462728%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472750%22%7D%5D%2C%22COMBO_SSR_ON_POGODA%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22471058%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22LEADERBOARD_HORIZONTAL_SD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463993%22%7D%5D%2C%22WIDGET_UNIFY_CONFIRMATION%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22471178%22%7D%5D%2C%22POSTER_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472135%22%7D%5D%2C%22ENABLE_SSR_ADFOX_WIDGET%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22458000%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2250770%22%2C%22testId%22%3A%22472137%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%7D&pcode-icookie=CNGYFZ19IdIIeft7Nd35Fz0v2KQtg5jD3ZaVxBMY9ssYjwUwDxZ%2FygCu0dENuaptZDo%2BpxHVNnn%2Fzg20pSdHuPwIUSM%3D&pcode-test-ids=458424%2C0%2C95%3B462893%2C0%2C96%3B452124%2C0%2C65%3B462728%2C0%2C33%3B472750%2C0%2C41%3B471058%2C0%2C91%3B457305%2C0%2C46%3B463993%2C0%2C58%3B471178%2C0%2C60%3B472135%2C0%2C15%3B458000%2C0%2C80%3B472137%2C0%2C36%3B437233%2C0%2C-1&pcode-version=50770&pd=13&pdh=1200&pdw=1600&pr=225878757&pr1=3673748213&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&prr=&pv=13&pw=1&raw-smart-content=1&route=ssr&skip-token=&slotNumber=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&ssr-request=true&tga-with-creatives=1&top-ancestor=https%3A%2F%2Ftheins.ru&top-ancestor-undetermined=0&use-server-side-rendering=1&utf8=%E2%9C%93&ybv=0.50770&ylv=0.50770&ytt=326554957907989&lvlfrom=20&rqs=ddn4_DU3I3V2TbdhH_B3OR60GJjMrFKS&rtb-si=1&dmv=2&csl=&ad-session-id=8135101639402870305&rtb-answer-hash=13072280054920853909&usgn=AZS8gR6vhhzR4TGoUL8P8YRyq5beXlU7cJLSbiEPkWJK&resp-time=1374
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
62a5e8c819098c9cebc8909e6b3b0a56d9d1ed0fbc490500839a900e1934ced3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:12 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:41:12 GMT
ssr
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1639402872105633-266454494298582886400394-production-app-host-man-pcode-169
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Dec 2021 13:41:12 GMT
event
ads.adfox.ru/260971/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/260971/event?pm=bmt&hash=82eea56fc1633b6d&duid=1639402869637825254&pxo=0HHFtp0Gx8rR1rDWA2sGBGkjOz9Ahpx_pvqVipiYO0dHx1sy7AUegs6HtLJeV3ea5B6T_LoArrl8_9oODBFvIaFGL1mObm74gcwIHC3aTS-FmASyoKfSeqFz0w-V6ltgAAU981Kk02hPMH-IiqPIT8Ain3IZ1X_XRQ-74ix5ATAnTQnuewU%3D&p5=iuewa&rand=lucfcjb&sj=70lpwuzadRrK_pLakMevGfucyTMrGyN5utsj9UjbRu7KpTJb_qn3b9JThF3z6g%3D%3D&ad-session-id=8135101639402870305&lts=fhznceo&ytt=326554957907989&ybv=0.50770&ylv=0.50770&dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pr=tahoen&p1=cpewf&rqs=ddn4_DU3I3V2TbdhH_B3OR60GJjMrFKS&rtb-si=b&p2=gxmq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Dec 2021 13:41:12 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
widget.js
an.yandex.ru/system/ 		172 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/widget.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ea8c310d57307d55a9a8360c7473e83243159b86ffae2ee9ca0449edf39a8223
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
966447064
x-yandex-req-id
1639402872277008-1175302700117379328400363-production-app-host-man-pcode-115
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 13 Dec 2021 14:41:12 GMT
widget.js
yastatic.net/partner-code-bundles/50751/bundles/ 		662 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/50751/bundles/widget.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
123d0ff4fdde3b9c8486e611ff2be1eb320f1b3adb70a642eb58314a0dfd2a18
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
124514
last-modified
Fri, 10 Dec 2021 15:15:09 GMT
server
nginx/1.17.9
etag
"fc6f8e9cd28388fbbf5d12ab2494f41e"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2051 20:16:26 GMT
jstracer
an.yandex.ru/ 		2 B
31 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer?pcode_native=50751&values=performance&adb=false&verison=50751&bundle_version=50751&widget_pf=loader
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
wy150
avatars.mds.yandex.net/get-direct/5161233/Gii6xPTJNy4ikF4BJM4Gog/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5161233/Gii6xPTJNy4ikF4BJM4Gog/wy150
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
b1fec341b89bd0904f6bfc98cfa873ae86fd6f5cc2602187fb7fc6d063edbd8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Mon, 22 Nov 2021 23:42:52 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
9340
x-request-id
5d70aa7fdc03b498
y80
avatars.mds.yandex.net/get-direct/2760966/7geSZfLU9_aqD8q28Ivyqw/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/2760966/7geSZfLU9_aqD8q28Ivyqw/y80
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
e07eb6813751e95ed031ffd00328126116ba51cc11dcc86ca6fbf05199d87f61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Tue, 15 Dec 2020 11:23:19 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1620
x-request-id
8d3544e4eac5851f
x80
avatars.mds.yandex.net/get-direct/5244388/1Rg4w37Z_EoZxy65foI5iQ/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5244388/1Rg4w37Z_EoZxy65foI5iQ/x80
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
d9d8beb875715e949c6329fd9b93ce5e90a0cdbb72b1ab39769ff0ca93c69f04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Thu, 14 Oct 2021 15:59:00 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2212
x-request-id
eb80124ba951a0aa
wx300
avatars.mds.yandex.net/get-direct/5161233/Gii6xPTJNy4ikF4BJM4Gog/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5161233/Gii6xPTJNy4ikF4BJM4Gog/wx300
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
cb7236595f776789bd33d82628602f4d8d0c02d511f1e79a2b687de729c97f6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Mon, 22 Nov 2021 23:42:51 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
11550
x-request-id
9b617e53741d6be3
y300
avatars.mds.yandex.net/get-direct/2760966/7geSZfLU9_aqD8q28Ivyqw/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/2760966/7geSZfLU9_aqD8q28Ivyqw/y300
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
6b5a84c279506d1d848c61509ed7b54eb6a0797af3b748cc205f880c2d5fd3af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Tue, 15 Dec 2020 11:23:19 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
10604
x-request-id
1dee79c2f970cffc
y300
avatars.mds.yandex.net/get-direct/5244388/1Rg4w37Z_EoZxy65foI5iQ/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5244388/1Rg4w37Z_EoZxy65foI5iQ/y300
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
21cb962724b4a29513db78d44ad9cf7f88ae91de114a6042befb1b4ec1379b0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Thu, 14 Oct 2021 15:59:00 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
14500
x-request-id
76eaa95061f5103b
jstracer
an.yandex.ru/ 		2 B
31 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/jstracer?pcode_native=50751&values=block_render&adb=false&verison=50751&bundle_version=50751&widget_pf=loader
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
wx300
avatars.mds.yandex.net/get-direct/5161233/Gii6xPTJNy4ikF4BJM4Gog/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5161233/Gii6xPTJNy4ikF4BJM4Gog/wx300
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
cb7236595f776789bd33d82628602f4d8d0c02d511f1e79a2b687de729c97f6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Mon, 22 Nov 2021 23:42:51 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
11550
x-request-id
9b617e53741d6be3
y300
avatars.mds.yandex.net/get-direct/5244388/1Rg4w37Z_EoZxy65foI5iQ/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5244388/1Rg4w37Z_EoZxy65foI5iQ/y300
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
21cb962724b4a29513db78d44ad9cf7f88ae91de114a6042befb1b4ec1379b0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Thu, 14 Oct 2021 15:59:00 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
14500
x-request-id
76eaa95061f5103b
y300
avatars.mds.yandex.net/get-direct/2760966/7geSZfLU9_aqD8q28Ivyqw/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/2760966/7geSZfLU9_aqD8q28Ivyqw/y300
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
6b5a84c279506d1d848c61509ed7b54eb6a0797af3b748cc205f880c2d5fd3af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Tue, 15 Dec 2020 11:23:19 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
10604
x-request-id
1dee79c2f970cffc
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame E52B 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: theins.ru
URL: https://theins.ru/news/246918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 11:19:01 GMT
server
nginx/1.17.9
etag
W/"82bdc8db563d3e71c35534315f8a9fd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Thu, 16 Dec 2021 01:39:55 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
046abb0c0a194480
watch.js
mc.yandex.ru/metrika/ Frame E52B 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
content-encoding
br
last-modified
Fri, 10 Dec 2021 11:53:03 GMT
etag
"61b3156f-bcf4"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
48372
expires
Mon, 13 Dec 2021 14:41:12 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame E52B 		403 B
844 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Ftheins.ru%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
50d95b740cf0d12410486e8aeac9e0ab70fb13df9cb76c5e9f074081975c634b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
conversion_async.js
www.googleadservices.com/pagead/ Frame E52B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 13 Dec 2021 13:41:12 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame E52B
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eE23Yc3IO8yq-gbynpHgDA...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1560460213&crd=CNPgGw&is_vtc=1&random=101858955
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1560460213&crd=CNPgGw&is_vtc=1&random=1018589...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1560460213&crd=CNPgGw&is_vtc=1&random=101858955&ipr=y
Protocol
H3
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1560460213&crd=CNPgGw&is_vtc=1&random=101858955&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame E52B
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eE23Yc3HO4uhx_APwZGEyA...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1379814314&crd=CNPgGw&is_vtc=1&random=263586708
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1379814314&crd=CNPgGw&is_vtc=1&random=2635867...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1379814314&crd=CNPgGw&is_vtc=1&random=263586708&ipr=y
Protocol
H3
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1379814314&crd=CNPgGw&is_vtc=1&random=263586708&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
mc.yandex.com/watch/ Frame E52B 		167 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ftheins.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A1594686661162%3Ahid%3A39998952%3Az%3A0%3Ai%3A20211213134112%3Aet%3A1639402873%3Ac%3A1%3Arn%3A969659275%3Arqn%3A1%3Au%3A1639402873407712840%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1639402870825%3Ads%3A0%2C0%2C31%2C1%2C0%2C0%2C%2C133%2C1%2C182%2C182%2C0%2C181%3Adsn%3A0%2C0%2C31%2C1%2C0%2C0%2C%2C148%2C1%2C182%2C182%2C0%2C181%3Aco%3A0%3Ast%3A1639402873&t=gdpr()aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
b40fc008f169502d6abce9920d11937abb7f5924f906ba0ec428c4942a511759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 13-Dec-2021 13:41:12 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:12 GMT
advert.gif
mc.yandex.com/metrika/ Frame E52B 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 13:41:12 GMT
last-modified
Fri, 10 Dec 2021 11:53:03 GMT
etag
"61b3156f-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 13 Dec 2021 14:41:12 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame E52B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1639402872998&cv=9&fst=1639402872998&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc71897bab91cd35f0ceb8c5d669ecf5391af608c2abe4c5e849c708ca33adde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1111
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame E52B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1639402873004&cv=9&fst=1639402873004&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
543c4e445dd9c9a59b9ba373e4f0a94675891a7d94c86be236e6553fd7747c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1110
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame E52B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1639402873006&cv=9&fst=1639402873006&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eed779327950acb09c689ed9be54823449e54177b370e782df80743a0bb49e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1110
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame E52B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1639402873007&cv=9&fst=1639402873007&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61f27950e1af4b40268c22b956123ea054dc9736fbb0dbb2f5fac8ee3da8028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1111
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
37412095
mc.yandex.com/watch/ Frame E52B 		350 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ftheins.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A1%3Als%3A1629878293179%3Ahid%3A39998952%3Az%3A0%3Ai%3A20211213134113%3Aet%3A1639402873%3Ac%3A1%3Arn%3A469856216%3Arqn%3A1%3Au%3A1639402873407712840%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1639402870825%3Ads%3A0%2C0%2C31%2C1%2C0%2C0%2C%2C133%2C1%2C182%2C182%2C0%2C181%3Adsn%3A0%2C0%2C31%2C1%2C0%2C0%2C%2C148%2C1%2C182%2C182%2C0%2C181%3Aco%3A0%3Arqnl%3A1%3Ast%3A1639402873%3At%3A&t=gdpr(6)aw(1)lt(6000)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
3560e41527489367ec09d1ff5534cc50063167bb01067928609aa4ebc4ae8d1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 13-Dec-2021 13:41:13 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:13 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame E52B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1639402872998&cv=9&fst=1639400400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&async=1&fmt=3&is_vtc=1&random=4187650271&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame E52B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1639402872998&cv=9&fst=1639400400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&async=1&fmt=3&is_vtc=1&random=4187650271&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame E52B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1639402873004&cv=9&fst=1639400400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&async=1&fmt=3&is_vtc=1&random=3316280391&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame E52B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1639402873004&cv=9&fst=1639400400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&async=1&fmt=3&is_vtc=1&random=3316280391&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame E52B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1639402873007&cv=9&fst=1639400400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&async=1&fmt=3&is_vtc=1&random=2396214469&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame E52B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1639402873007&cv=9&fst=1639400400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&async=1&fmt=3&is_vtc=1&random=2396214469&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame E52B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1639402873006&cv=9&fst=1639400400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&async=1&fmt=3&is_vtc=1&random=787795953&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame E52B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1639402873006&cv=9&fst=1639400400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ftheins.ru%2F&async=1&fmt=3&is_vtc=1&random=787795953&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
45954939
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/45954939?wmode=0&wv-part=2&wv-hit=874650403&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rn=462739829&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1639402874%3Aw%3A1600x1200%3Av%3A720%3Az%3A0%3Ai%3A20211213134113%3Au%3A1639402869637825254%3Avf%3Aykcyjkqfph1z85b6in%3Awe%3A1%3Ast%3A1639402874&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:13 GMT
last-modified
Mon, 13-Dec-2021 13:41:13 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:13 GMT
WKmejI_zOBi05Ge0j111V5kcJk4_M0K0km4GW8200J5sJRTXWog80WAv0iazYpfWaVt3y0BVa_II1V050Q06m0791dNP-FmrDoDrgGTco52bQrlsPe0A0OWAZG6e2kW7W0l6bps82mIg2n2tdOCKPiW007c7l3a7q_0B1fWEzShbhggCn8jNg0_caBFekksM-sQG4...
an.yandex.ru/count/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/count/WKmejI_zOBi05Ge0j111V5kcJk4_M0K0km4GW8200J5sJRTXWog80WAv0iazYpfWaVt3y0BVa_II1V050Q06m0791dNP-FmrDoDrgGTco52bQrlsPe0A0OWAZG6e2kW7W0l6bps82mIg2n2tdOCKPiW007c7l3a7q_0B1fWEzShbhggCn8jNg0_caBFekksM-sQG49MVYEwCdB2jFy25uEaCu1G1s1N1YlRieu-y_6FmW1QLa922WA1AoHRmFu4Ng1S9cHZG627u680Pi1drikFdt-RDaNMu6Vy1m1drsg_7iTxmoXJI6H9vOM9pNtDbSdPbSYzoDJavBJBe6Qm2y1dq0u8S3LDiEJfjGdDnOs9NLZVf780T_tyH04_8c850TI0V2ZP2qJ29RY74c1YUorPd1BUycibpZt9j_AXyFsHiqC3EUO717nj2fZh49W00~1=Wf4ejI_zO1O2FHG052C0tov55WEqXjY6qUsTwxe1W06Eo0A80SwguOg20P01Ygt8yjI0W802c06AhSZoLA01wgke0UghoF9Kk06QlEMk8zW1YedBdG7W0QZTlvq1w05Oe0BYolmOW0Evhudw2OW3-g2VW0AO0zl61h03vWA81OBlAv05-_f6i0MTXHAu1Ps54i05kFaqo0MAkmtG1TYR1-05MfW6-iFy9QW6m06m1u20a3Iu1xG6yGS00CAnfRuCW0e1mGfOiTH_B7pqFydu2e2r6DaBPiXGfMjRzcRe2uBlAuWCmgxUlW7e39i6c0tPnpe_e0x0X3s04CM2ZX_0e13G4A6Nhr_W4UkHZGNe4ShttPtfo8Ze39IXG5GSkc6WKDe_c1C2g1FcXPF4bOULu1RW4vs54eWKbQVWmzwoYgxT0Q0KdOKIg1Jx-aRdeR9es1JrsjkD1kWKZ0BG5VNQsuq6s1N1YlRieu-y_6Em5h83oHRG5iAkthu1s1QLduZkZ9omhJ-15vWNpU-fBRWN0i0NjHBG5z260zWNu_4_w1S1cHYW60Mm6Cs0tOq6k1W1-1ZGYfQBqVZYd4I06OaPbYsW6S01k1d___y1u1a3w1ci0l0Pz0E16l__tsHdqGqdY1h0X3sG6e0Gc1hKmrEW6hICYj7Khix-HRWQ0_KQ0G0009WRsSSwi1j8k1i3wHiX0mh2XE11GV0RyCEo1FWRpQIH1EaSW1t_VvaTg1u1q1xMvuMbXu_CWS41s1xwsXuR03Y4l9ZH4pro8ig0g3koT2Y3eqZsG-w1Zv18LjNiOmDnYIa3njIJCeG4WbVX6YFW0qAmWb2U4Le2o0BrN30UCJ1NdJCSMKhdSNs6pharimws2JW0~1?test-tag=316110012153885&rnd=6345532225104&confirmRatio=410655&confirmTime=2100000&width=300&height=564&wmode=0&banner-test-tags=eyI3MjA1NzYwNTQzMjM0NzQ2MSI6IjU3MzYwIn0%3D&pcode-active-testids=462728%2C0%2C33
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:14 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:41:14 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Dec 2021 13:41:14 GMT
WKmejI_zOBi05Ge0j111V5kcJk4_M0K0km4GW8200J5sJRTXWog80WAv0iazYpfWaVt3y0BVa_II1V050Q06m0791dNP-FmrDoDrgGTco52bQrlsPe0A0OWAZG6e2kW7W0l6bps82mIg2n2tdOCKPiW007c7l3a7q_0B1fWEzShbhggCn8jNg0_caBFekksM-sQG4...
an.yandex.ru/count/ 		43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/count/WKmejI_zOBi05Ge0j111V5kcJk4_M0K0km4GW8200J5sJRTXWog80WAv0iazYpfWaVt3y0BVa_II1V050Q06m0791dNP-FmrDoDrgGTco52bQrlsPe0A0OWAZG6e2kW7W0l6bps82mIg2n2tdOCKPiW007c7l3a7q_0B1fWEzShbhggCn8jNg0_caBFekksM-sQG49MVYEwCdB2jFy25uEaCu1G1s1N1YlRieu-y_6FmW1QLa922WA1AoHRmFu4Ng1S9cHZG627u680Pi1drikFdt-RDaNMu6Vy1m1drsg_7iTxmoXJI6H9vOM9pNtDbSdPbSYzoDJavBJBe6Qm2y1dq0u8S3LDiEJfjGdDnOs9NLZVf780T_tyH04_8c850TI0V2ZP2qJ29RY74c1YUorPd1BUycibpZt9j_AXyFsHiqC3EUO717nj2fZh49W00~1=WfWejI_zO2C2THG0v28r_CXE8mEqYxcspTcxmB81W07kdkw9j9tdtbM80PJ_dADea06yeCUOpO20W0AO0RoWnvXDe076dQW1nft7c4su0UQFnBGXs06ciwAO0U01sBpa2UW1z06W0iAghHI00xZttu43Y0FVYgwl2w031B03-Wc81PgE2v05rvCCi0MhcGIu1QkP1C05fCuYo0MU-WlG1PgU0U05FgW6m06m1u20a3Iu1u05yGS00CAXrPOYctQO5dZPFydP2sR8KALhM_Pcw0kQZWkR1fWDsSSwi3wW3i24FO0GqzUv7C2m4E0Hwv6D1UWHolVTdUd8YEWCbA50AbC0c2Mmlp-O4mAe4-Q5ayILXvNW5k0Jgva4Y1ILf-33thAAhjq1e1IhcGIe5DUJ3B0Kzgo8OBWKWBkm8S0KWB6HPCWK1D0KcV297TWK_e67YWRe58m2q1N-WOUA1jWLmOhsxAEFlFnZi1Qo0yaMq1Qcezw-0TWMbP-8xeoSiAq_WHUO5wUfYGMu5mB05xKIq1VGXWFO5yZhE-WN0faOe1W8i1ZDWDsD1hWO1lWOq8gMYz7uufn4W1c96POje1d00RWP____0U0P2EWPh0Bm6VG3WHh__t_vvFG04uWQm8Gza1g0W820W828G9WQrCDJzHe10000c1lPnpgm6qYu6mFf6vwiMEKrIrL1y1kUiTe7-1k0kgG5wHo07Vz_cHtW7R7A1QWU0T0UrkBAwiQ8d-bws1xxsXw87____m4U03er1Wx99sQqD8ySYp9Wweui7ShWA9BzaFiQ7ud01ZBsKhP-gJTY25a3hq8WHa0D1AOW98QoZfPwGej4ZzXm80lMSy5ynC009IChlF39fMKfdV5-ZP6prCmxs2RW~1?test-tag=316110012153885&rnd=6345532225104&confirmRatio=410655&confirmTime=2100000&width=300&height=564&wmode=0&banner-test-tags=eyI3MjA1NzYwNDM5ODQ0MjUyNiI6IjU3MzYxIn0%3D&pcode-active-testids=462728%2C0%2C33
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:14 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:41:14 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Dec 2021 13:41:14 GMT
WKmejI_zOBi05Ge0j111V5kcJk4_M0K0km4GW8200J5sJRTXWog80WAv0iazYpfWaVt3y0BVa_II1V050Q06m0791dNP-FmrDoDrgGTco52bQrlsPe0A0OWAZG6e2kW7W0l6bps82mIg2n2tdOCKPiW007c7l3a7q_0B1fWEzShbhggCn8jNg0_caBFekksM-sQG4...
an.yandex.ru/count/ 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/count/WKmejI_zOBi05Ge0j111V5kcJk4_M0K0km4GW8200J5sJRTXWog80WAv0iazYpfWaVt3y0BVa_II1V050Q06m0791dNP-FmrDoDrgGTco52bQrlsPe0A0OWAZG6e2kW7W0l6bps82mIg2n2tdOCKPiW007c7l3a7q_0B1fWEzShbhggCn8jNg0_caBFekksM-sQG49MVYEwCdB2jFy25uEaCu1G1s1N1YlRieu-y_6FmW1QLa922WA1AoHRmFu4Ng1S9cHZG627u680Pi1drikFdt-RDaNMu6Vy1m1drsg_7iTxmoXJI6H9vOM9pNtDbSdPbSYzoDJavBJBe6Qm2y1dq0u8S3LDiEJfjGdDnOs9NLZVf780T_tyH04_8c850TI0V2ZP2qJ29RY74c1YUorPd1BUycibpZt9j_AXyFsHiqC3EUO717nj2fZh49W00~1=WgGejI_zO2O2rHG0z2CAppKN9WEqYxcspTcxmB81W07cpkG4Y066vw2sVv01b9Q9kjE0W802c06KbecwKw01z9Ie0VIKYRfJk07Qi_s58zW1oeAbdW7W0UxNbfG1w07w0lW1wBZUlW6O0hBqWXcW0h3qWXcO0y24FQ031h030ga5Y0MnxnEG1Rdh5B05h9a7k0MicGV01URl1SW5reC2q0MXZmBW1NUO1lIriAmAg0R00R07W82GDBW7W0MG3V470032cBh1380A0S4AgYylEeMQyp_9sGjco52bQrlsPkWBiUyJY0pecmQO3Td7Ed0ze0x0X3s04AN_kX-Q41i8G1d84C2Ga8BW4UkHZGNe4ShttPtfo8Ze39IXG42AgBxSvSa_c1C2g1FcXPF4bOULu1RW4woP1uWKbQVWmzwoYgxT0Q0Kh9a7g1IvwnIm5ARHpGcu5C2VgmF850JG5B7-ZMhO5Aor-ui6w1IC0j0LhBNxYmRO5S6AzkoZZxpyOx0MiWF95l0_q1RekDw-0TWMbP-8xeoSiAq_WHUO5-g4aYku5mB05xKIq1VGXWFO5wlrEkWN0PaOe1WKi1ZDWDsD1hWO1FWOq8gMYz7uufn4W1c96POje1d00RWP____0U0P0-WPh0Bm6VG3WHh__m_OK1oII8WQm8Gzc1hKmrEu6WFr6W40002O6zd7Eh0RIBWR0-aRiiV9hPz-Ea7m6y_fiWBu6ygW9-aSW1t_VvaTu1tBmWMe7W7G7i2Foh6-sUMI-W7O7llQ7eWV____0Hq0FpK63iaVPdGaZnoGCk3jZYmTok0ealqGaRhUYD06CZRJR87BIQKc6PK1C2Ysxz_L3Ro8rQ1X2C9dLFCg3aPeiI0Br7F1UCGW7HSR1FfAu82jcKkmJS01~1?test-tag=316110012153885&rnd=6345532225104&confirmRatio=410655&confirmTime=2100000&width=300&height=564&wmode=0&banner-test-tags=eyI3MjA1NzYwNTIzODg5MTkxNCI6IjU3MzYyIn0%3D&pcode-active-testids=462728%2C0%2C33
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://theins.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:14 GMT
content-encoding
gzip
last-modified
Mon, 13 Dec 2021 13:41:14 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 13 Dec 2021 13:41:14 GMT
45954939
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/45954939?wmode=0&wv-part=3&wv-hit=874650403&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rn=211853667&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1639402876%3Aw%3A1600x1200%3Av%3A720%3Az%3A0%3Ai%3A20211213134115%3Au%3A1639402869637825254%3Avf%3Aykcyjkqfph1z85b6in%3Awe%3A1%3Ast%3A1639402876&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://theins.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Dec 2021 13:41:15 GMT
last-modified
Mon, 13-Dec-2021 13:41:15 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://theins.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Dec-2021 13:41:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.theins.ru
URL
https://api.theins.ru/proxy/fb/?id=https%3A%2F%2Ftheins.ru%2Fnews%2F246918
Domain
ssp.bidvol.com
URL
https://ssp.bidvol.com/rtb/pl999
Domain
ssp.bidvol.com
URL
https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsul2CGYe0IsBtEC9TMXyhnwzUPQ-s69qvg2p9MSYEZsdvETzMJ2UGeBfwLMDV8oYd2NM_wDJVsGr4XjFxDnSyglCDodpaqv2nyN1YWNzZ7sH78A36L7&sig=Cg0ArKJSzEV_LfAbF_QfEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211202&bin=7&avms=ns&bs=0,0&mc=0&app=0&itpl=19&adk=4175249508&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=2&r=u&rst=1639402871984&wmsd=1

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| adfoxBiddersMap object| adUnits number| userTimeout object| YaHeaderBiddingSettings object| yaContextCb function| gtag object| dataLayer function| ym object| Modernizr object| google_tag_manager object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| headerYPosition object| gaplugins object| gaGlobal object| gaData object| pcodeJsonp50770hKPSx8iCCE object| Ya number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| __activeTestIds object| __pcodeAllActiveTestIds object| ya function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| Criteo object| yaCounter45954939 boolean| yandex_context_perf_logging object| __uspClient object| __cmpClient object| googletag object| criteo_pubtag object| criteo_pubtag_116 object| Criteo_116 function| avPlayer function| viadsClosePlayer object| $sf object| yaSafeFrameAsyncCallbacks function| Hls object| GoogleGcLKhOms object| storageAni string| viPlayerStatus object| yaCounter71281900 object| layoutConfig object| closure_lm_521712 object| closure_lm_952413 object| yaCounter700037 function| WBViewAbility object| pcodeJsonp50751HKJZ0dBReR object| yaads

99 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
.theins.ru/ Name: _ga
Value: GA1.2.1146171265.1639402869
.theins.ru/ Name: _gid
Value: GA1.2.1282047491.1639402869
.theins.ru/ Name: _gat_gtag_UA_44581081_1
Value: 1
.theins.ru/ Name: _ym_uid
Value: 1639402869637825254
.theins.ru/ Name: _ym_d
Value: 1639402869
.exchange.buzzoola.com/ Name: uuid
Value: 823564a7-8e36-4117-5a88-2180aae8fb06
.otm-r.com/ Name: mpid
Value: NjFiNzRkNzUwZGUxMzkzYg==
.viadata.store/ Name: viads_uid
Value: 61eb2bd0-249a-4095-bb84-5dfe5110aaea
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 314490782fake
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWG3TXVlAwAUfZZVAs3A1v5/I0N1jYbI3ApEzO5GropW
.theins.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2553591932fake
.adhigh.net/ Name: gi_u
Value: 81EqrEiYKe2.AikABlF9tAaSrw
.yandex.ru/ Name: yandexuid
Value: 8440650831639402869
.yandex.com/ Name: yandexuid
Value: 2371762871639402869
.yandex.com/ Name: yuidss
Value: 2371762871639402869
mc.yandex.com/ Name: yabs-sid
Value: 1552049871639402869
.yandex.com/ Name: i
Value: +jKz0GC5n9tRiGaPLnjcdD6+Yd6rx0j3vNxmZBVUUp23qEoSt25bG9Kry3erMegV4CfaOy6ts7Rb5v6WtF+VjlP1esA=
.yandex.com/ Name: ymex
Value: 1670938869.yrts.1639402869#1670938869.yrtsi.1639402869
.theins.ru/ Name: _ym_visorc
Value: w
.criteo.com/ Name: uid
Value: 28c24ad8-8e1a-492f-aee2-0800187ceca6
.theins.ru/ Name: cto_bundle
Value: Nslg8l8lMkJ6VzBVSjdFNzNmJTJCUHpFV3VaR1o2WWZRVXlTcWJWVCUyQlJQTCUyQlRLJTJGbFZoSDJCWkZXTFglMkJSMmMlMkJianB0T3h6UTZOWHpXcllyVmtwd3VlZERUbHd6SG5PZ0FzVmdQMUt4NTM4SjFtVkEzJTJGMWVFMjhxNzVXdTNKVHFibjdnQmdnc1pjZVkzS1d1MDEycEFkSVVhb2c4NnlRJTNEJTNE
.viadata.store/ Name: viads_sc
Value: %7B%220%22%3A1639402869%2C%2230%22%3A1639402869%2C%2227%22%3A1639402869%7D
adx.com.ru/ Name: yabbi-user
Value: 61b74d75f0e01576092097cb
.spotxchange.com/ Name: audience
Value: 549a7e55-5c1a-11ec-99b0-1093d7b30206
.rutarget.ru/ Name: userId
Value: f9Z-c27U0wDz
.rktch.com/ Name: b_uid
Value: bc3e7bbb3f6ca5db3e1c20e8ec13b7eb4b1b
.dmg.digitaltarget.ru/ Name: viuserid
Value: ExwW4PV5-FAIchO78s5f
.adriver.ru/ Name: cid
Value: AI_Kh6YluRxiUUlv96wpvEw
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWG3TXY6jQFNY0IuAqSZaUpCj5NjPZpjmLxiQWcwU/jM
.acint.net/ Name: cSyncDp7v2
Value: 1639402870
.acint.net/ Name: cSyncDp14v3
Value: 1639402870
.acint.net/ Name: cSyncDp17
Value: 1639402870
.acint.net/ Name: cSyncDp32
Value: 1639402870
.acint.net/ Name: cSyncDp45v3
Value: 1639402870
.acint.net/ Name: cSyncDp53
Value: 1639402870
.acint.net/ Name: cSyncDp54v2
Value: 1639402870
.acint.net/ Name: cSyncDp62
Value: 1639402870
.acint.net/ Name: cSyncDp67v2
Value: 1639402870
.acint.net/ Name: cSyncDp68
Value: 1639402870
.acint.net/ Name: cSyncDp77
Value: 1639402870
.acint.net/ Name: cSyncDp84
Value: 1639402870
.acint.net/ Name: cSyncDp85
Value: 1639402870
.acint.net/ Name: cSyncDp88
Value: 1639402870
.acint.net/ Name: cSyncDp95v2
Value: 1639402870
.acint.net/ Name: cSyncDp101
Value: 1639402870
.acint.net/ Name: cSyncDp104v2
Value: 1639402870
.acint.net/ Name: cSyncDp107
Value: 1639402870
.acint.net/ Name: cSyncDp110
Value: 1639402870
.acint.net/ Name: cSyncDp111v2
Value: 1639402870
.acint.net/ Name: cSyncDp112v2
Value: 1639402870
.acint.net/ Name: cSyncDp125v2
Value: 1639402870
.acint.net/ Name: cSyncDp126
Value: 1639402870
.acint.net/ Name: cSyncDp127
Value: 1639402870
.acint.net/ Name: cSyncDp129
Value: 1639402870
.acint.net/ Name: cSyncDp136
Value: 1639402870
.acint.net/ Name: cSyncDp138
Value: 1639402870
.acint.net/ Name: cSyncDp144
Value: 1639402870
.acint.net/ Name: cSyncDp146
Value: 1639402870
.acint.net/ Name: cSyncDp149
Value: 1639402870
.acint.net/ Name: cSyncDp151
Value: 1639402870
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: ss
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUklaDeCofc3vdkH_RUzucif1_Idea8f_vCPz4a4t6PggzyvwD_BTPhgZNgKM2w
.adhigh.net/ Name: sape_sync
Value: I9f
.betweendigital.com/ Name: tuuid
Value: a48a3d90-6943-515b-9774-7888f6c335fe
.utraff.com/ Name: preutid
Value: 1
.mail.ru/ Name: VID
Value: 2levuc15zqY600000Y14H4I6:::0-0-0-6d1a636:CAASEGZ4iN0bvw7OFEUa4p7pXVMaYABwjfRJtpfc_-5KhAYDpclWK3YJtagUA_WzGVfgerCv8U0pi05NCxHwQw8cnBBK7JBK5HoaNx53DhP-T3jYMqi2FDDfeA4pmgKGXDh48QILJh0Gvprwi8AREVfw4GqHLg
.yandex.ru/ Name: yuidss
Value: 8440650831639402869
.1dmp.io/ Name: uid
Value: 54ed0f90-5c1a-11ec-a15e-901b0e8d6a9d
.betweendigital.com/ Name: ut
Value: YbdNdgAIaFhoqkys919_Im4fImQdoudLryPpOw==
.republer.com/ Name: ruid
Value: d6f23000-318b-4c76-b7e4-8d678b41b267
.weborama.fr/ Name: AFFICHE_W
Value: CyEC2tZBOoIL11
.uuidksinc.net/ Name: jcsuuid
Value: oVVCbUm1ueBe9fElFLDb
.an.yandex.ru/ Name: yabs-vdrf
Value: A0
.relap.io/ Name: unique
Value: DlBNlDh1
.relap.io/ Name: fsts
Value: 1639402870
.relap.io/ Name: lsts
Value: 1639402870
.relap.io/ Name: suid
Value: b18724550632b2ed7dc65b917f198bd947159192--5cc124c22287ebd582d7e9f5930b331b26ea2d371a5a8bb881abd6a60f80cfac
.relap.io/ Name: hllc
Value: 1
.relap.io/ Name: rlpsprcs
Value: eyJ0cyI6MTYzOTQwMjg3MCwidWlkIjoiMDEwMDAwN0Y3NjREQjc2MTREMDE4RDNBMDIyRTQyNjMifQ--39165ec2061daf0d888f1490db4454c000e43b24da2d6e7db1f5f2e6642a748b
.adsniper.ru/ Name: uuid3
Value: IiQ1NTE0ZjFlYS01YzFhLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.mts.ru/ Name: dspid
Value: c5b72a0b-7c88-4eb3-af36-f03f98f3f1df
.ops.beeline.ru/ Name: BeeAID
Value: 5ab4423f-b86e-480c-8533-ae7d31d05d34
.bumlam.com/ Name: suuid3
Value: IiQ1NTE0ZjFlYS01YzFhLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.advarkads.com/ Name: u
Value: EALNQrRTDUihYJY02YJLQA
.gnezdo.ru/ Name: uid
Value: XV9maWG3TXahliPc14hfAg==
.aidata.io/ Name: __upin
Value: 8LJDwPZLkd+vxnmxr+1EfA
.aidata.io/ Name: __upints
Value: 1639402870
x01.aidata.io/ Name: mts
Value: 1
.mts.ru/ Name: mts_id
Value: 54ef5e5f-a714-48a0-844c-29d4cf3e186d
.mts.ru/ Name: mts_id_last_sync
Value: 1639402871
.theins.ru/ Name: __gads
Value: ID=77271b6557d9a23b:T=1639402869:S=ALNI_MZ7xYtGp2jVAQIahMeLpVznbMIiGw
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: COXsVhCwVhgB
.yandex.ru/ Name: i
Value: aJ0/DDFnXj6eUWw9DXID0UPYmVGyyyL8N7uMuYyinhwycpxXkf6JkdxfNped0+mlQJcLgP5rW53Xmmi/esM5BqLdLO4=

3 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9486.FRdloFodvnZ57Fr7-kwvn42GyTu2ZojK2VIA-HXPVGRUP3cmB_IBhhhzRoV5dw0nqZLAGLVWk0Tn2CAy6ow8pg%2C%2C.5ouzO5l-Vv4YW49z44qgqa1vOJ0%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://adx.com.ru/sape-sync?uid=0100007F764DB7614D018D3A022E4263
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://an.yandex.ru/setud/mts_banner/xbcqC3yITrOvNvA_mPPx3w?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D8LJDwPZLkd%252Bvxnmxr%252B1EfA&sign=1801877668
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f764db7614d018d3a022e4263-sp.ops.beeline.ru
0afd0127cab5ef367cb1adc81eafdad5.safeframe.googlesyndication.com
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adfox-c2s-ams.creativecdn.com
adlmerge.com
ads.adfox.ru
ads.adlook.me
ads.betweendigital.com
ads.digitalcaramel.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.advarkads.com
api.theins.ru
avatars.mds.yandex.net
bidder.criteo.com
cdn-rtb.sape.ru
cdn.viadata.store
clientside-video-bidder.rutarget.ru
cm.adform.net
cm.g.doubleclick.net
dm-eu.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
googleads.g.doubleclick.net
gum.criteo.com
hb.adtelligent.com
imasdk.googleapis.com
jstracer.yandex.ru
logs.viadata.store
match.new-programmatic.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
n.dyntrk.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.adriver.ru
pl.viadata.store
pubads.g.doubleclick.net
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
rtb-msk-2.viadata.store
ru.viadata.store
s.uuidksinc.net
s0.2mdn.net
s3.advarkads.com
sape-sync.rutarget.ru
securepubads.g.doubleclick.net
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bidvol.com
stat.adlabs.ru
static.criteo.net
stats.g.doubleclick.net
strm-rad14.strm.yandex.net
strm.yandex.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.search.spotxchange.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
theins.ru
tpc.googlesyndication.com
ut.rktch.com
vtg1.rktch.com
www.acint.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
x01.aidata.io
yandex.ru
yastatic.net
yhb.p.otm-r.com
ysa-static.passport.yandex.ru
api.theins.ru
pagead2.googlesyndication.com
ssp.bidvol.com
109.248.237.37
135.125.160.160
138.201.34.239
142.250.185.162
142.250.185.226
142.250.185.66
159.69.64.121
176.99.5.169
178.250.2.131
178.250.2.146
185.15.175.133
185.15.175.134
185.184.8.65
185.94.180.126
188.34.131.134
188.42.29.166
193.232.150.150
194.190.117.94
195.201.106.117
195.201.152.110
195.201.243.72
195.209.108.37
195.209.111.22
213.87.44.187
217.65.2.150
217.66.147.168
23.111.109.220
23.111.115.236
23.111.115.244
23.111.115.92
23.111.119.12
23.111.211.20
2606:4700:10::6816:2e68
2606:4700:10::6816:2f68
2606:4700:10::ac43:dab
2606:4700:3039::6815:c09a
2a00:1148:db00::17
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:400c:c0c::9b
2a02:2638::1c
2a02:2638::3
2a02:6b8:0:70d::74
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::2:94
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a0c:5c81:5142::2
31.172.81.158
31.172.81.160
31.220.27.134
35.190.16.14
37.157.2.239
37.18.103.16
37.9.245.57
5.200.44.35
80.64.106.148
80.64.106.150
81.222.128.213
88.99.149.88
88.99.234.26
89.108.119.43
89.108.97.2
93.95.102.105
95.163.37.253
95.181.171.233
95.211.66.35
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
03cb67968a56ab998398f5a5f7b515e817ec487e5ba4b417c1def63eca12ca73
04b281f269aa142078ccfb43c9c187898247c17bac758717ad4a270b5123931c
09f5a546d338271977ebb834261b2f45b0aabcb9e0a19a16beb0c7ba4b01412f
0c44579c6237f5586eb6c9560b5b35fa85a285e4466a7f6cd8dffe4166d12c7d
1093ecea1fc0f7269983039b120acf32ad51128c0ef42c324a83b6abf9230d7b
11c17fa1d31b854a771ec4833b336c218445ccd40f5047880ad496a27b737280
123d0ff4fdde3b9c8486e611ff2be1eb320f1b3adb70a642eb58314a0dfd2a18
18afe37eb02a7e3c09c8ce84604fd27d7abf985d893bcbc9558e08e9ffd95931
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1ada2054362405c4cc34996a74753a005d5e1d7d93f5cbfd85c59326e2ff6081
1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9
20dcd1712a09e708373636f76fb4afc4a7b3a66277ecafbb036d6cb4acac941b
21cb962724b4a29513db78d44ad9cf7f88ae91de114a6042befb1b4ec1379b0f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3560e41527489367ec09d1ff5534cc50063167bb01067928609aa4ebc4ae8d1e
3576afae118b48511f152d8ce95a1e19315db7c0a0030726889822498af78d70
38fef94bf6d0a92413fba2cf4a2a44970f00288368ccc6fc12e6697db7211f28
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
420bb29473e5cc4989398fb9aba02cfa1ddfeefdfdab2b90895be9a44b4aff9e
439fbbd85bf55d63eb2bcb9680048d0310d88f9f0a0cea0cfcae13b95cf25603
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447e8602677aa38f43408b40eb2ac1760a933a1f95fafdf6b135059a45b36784
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
45f0f17894ab482b67a6d7f5fa80bd19fb44da017e93a2df668311c9409c0970
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
50d95b740cf0d12410486e8aeac9e0ab70fb13df9cb76c5e9f074081975c634b
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
543c4e445dd9c9a59b9ba373e4f0a94675891a7d94c86be236e6553fd7747c70
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549ff98e83a436627a862580510161579daea5f386e1a055254209dddd3248c2
559e15e9c1f2aed0308858ccdd55dd9de22dcd2a3a4802de64ab56c5a00bef97
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57929cb30a3fca27858124de8c071543e7b4c5df1c7a27a240c02fe53968f547
59c8ab0c78b8fc87538720596062af092afd31899d883058c15b3a88bf980211
5c883fd81aa6616988d11949a780dfa476f39ba7aca55f1cfeaec60b5d19cbe4
5e2655264dcd3b15d9b0ffd33481b17f6d5badf3761e7d39f4c9566ae68fb5b6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f27950e1af4b40268c22b956123ea054dc9736fbb0dbb2f5fac8ee3da8028f
626a2f39b146f0d94686eb4d526d451628b31f649b631e0e09ba580f4a86f6f8
626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d
62a5e8c819098c9cebc8909e6b3b0a56d9d1ed0fbc490500839a900e1934ced3
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6
662c4a1e5d72c3545cb995682ad22cc1e4e618d70dd0279678447ee035594708
67634f2f8662df57faedc459870619f17d551a34e1f6354a2b55f99c061224b5
67a1afa8799764a13091520bd5c8debe7073b9ffb73d29fcf87bc20eff50d14b
692446225814c5bc8e8f73a291afdf6626e40a2a3a533ab737e8dea55e5545d1
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67
6b5a84c279506d1d848c61509ed7b54eb6a0797af3b748cc205f880c2d5fd3af
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81
7682f66d944955ab09f2eb3d3f8ac6330a66ce18d40015629b09746152c993ae
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834af6158f003b1d449f2398617ac58ecca6a0d8c0cd653442c49185432fc06e
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
885992e2d5a282d27f068b095e1bf76044d382a36e362c825ed316e8064b31cd
8bc835b41dbf1a892a18fdeca5bc46c37d0e30b00ea6e80e291954a07c013136
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ea90a6ce1a888acbbea5feb59a6a0ec48a410eb75e242f0b1c75b178360e60b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9efec227fa2dd3f0e1cc60a36dc9b1c27d2a0baf2b03c29efb20e0025ed76d0f
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a047e870f84062867d54a98b556c2399db11dfb242cbf7cf9e580d1399096628
a16e5102908cbb3fa1300e289c071e33edc1cfa3443ef2293c81a1e36f428d7b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75fe9acfb784bda910aec728288489aed0d6afcd101c109af4d9726e32da7a6
a7f370c85196b2bf2844b805d2052684d654747d6d1a4e7b107b6b955647c923
aef9e04403a355d2edd03be9f841e18667e975445d055536e623f5cd6fdb5055
b08a7f2cc41d0a826952afa86255a7e951b7239f1c574c8cd12790138e6c4188
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fec341b89bd0904f6bfc98cfa873ae86fd6f5cc2602187fb7fc6d063edbd8f
b2501d83e7a70f991d54ba2762dc364f54f6e081055b24f688c4e90e3fbc6590
b40fc008f169502d6abce9920d11937abb7f5924f906ba0ec428c4942a511759
b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6
bac676d115d20505b7728ea958e6b20b980243fb7ba8cfa92f6aab4f5ce4edb4
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cb7236595f776789bd33d82628602f4d8d0c02d511f1e79a2b687de729c97f6c
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ce400adf4048173aaf986da2569e97fd793eac19b1863f94132ade681abf0a29
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1d777d1448f841f8d6c3dc55073f244022acf5a60d246863cff979748ccf142
d3aa13506c9d3258a4025719fb1f717b2335a1ceb987b992e83ad92f9130475d
d5136d53de834f6d5cba9a89dcc57f18b6f8ff3ba7b790cb3ff3441667686e62
d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9d8beb875715e949c6329fd9b93ce5e90a0cdbb72b1ab39769ff0ca93c69f04
dad7730e8295c62ac978c7c81e1965e8d248ad008d0c96d92bde4c02887218dd
dd928f8f3e24497b61832ae3a786f49b642f39add5e2e0a2e3b1a38c6400d695
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
debb229daffbe34e17c32f8d56a72dfa9ba4debfcfcb330e733bf56d88da117c
df852826d747050e308998c000946f0d1558b27dec26d4455d8fc6cc547d6338
e07eb6813751e95ed031ffd00328126116ba51cc11dcc86ca6fbf05199d87f61
e12db6181ad56293272417120b2206b6175be6b8c93a7d4250a3f85ce0e2673d
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8f7079db84f76db199ccc4597f1efa957d270eb484bac2e02d343ba848fa4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
ea8c310d57307d55a9a8360c7473e83243159b86ffae2ee9ca0449edf39a8223
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eed779327950acb09c689ed9be54823449e54177b370e782df80743a0bb49e6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1b6417ea5fe5837d7d32278a69c8109a253854cfc3a3648f4341554392c7b42
f3a07c94de7e82d979ff85c625e15241a5201688bfdecea1ef09354f49369914
f3ad5466bf8e93c888ca830d9b03728feeb7156e6118f878f45f36fca31f17d4
f6255acdd46a48d0ed625a2da7a9fc0b44501a16345621d22e395797dec5c6e2
f632f6462b8569ba427daf06e00a64c6306c122a24dbaae7d8e1d101618d0266
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fc71897bab91cd35f0ceb8c5d669ecf5391af608c2abe4c5e849c708ca33adde