theins.ru Open in urlscan Pro
2606:4700:10::6816:2e68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://theins.ru/news/246918
Submission: On December 07 via api (December 7th 2021, 12:09:54 pm UTC) from US — Scanned from DE

Summary HTTP 216 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 71 IPs in 13 countries across 57 domains to perform 216 HTTP transactions. The main IP is 2606:4700:10::6816:2e68, located in United States and belongs to CLOUDFLARENET, US. The main domain is theins.ru.
TLS certificate: Issued by R3 on November 8th 2021. Valid for: 3 months.

This is the only time theins.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:10:... 2606:4700:10::6816:2e68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
5	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
1	88.99.234.26 88.99.234.26	24940 (HETZNER-AS) (HETZNER-AS)
19	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3 17	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
4	2606:4700:10:... 2606:4700:10::ac43:15ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.111.211.20 23.111.211.20	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (YNDX) (YNDX)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
4 13	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
1	138.201.65.68 138.201.65.68	24940 (HETZNER-AS) (HETZNER-AS)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 3	193.232.150.45 193.232.150.45	48061 (UMA-TECH-AS) (UMA-TECH-AS)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
1	116.202.51.146 116.202.51.146	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1 2	144.76.118.200 144.76.118.200	24940 (HETZNER-AS) (HETZNER-AS)
1	195.209.111.15 195.209.111.15	52007 (ADRIVER-AS) (ADRIVER-AS)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	23.111.115.172 23.111.115.172	7979 (SERVERS-COM) (SERVERS-COM)
4	23.111.115.244 23.111.115.244	7979 (SERVERS-COM) (SERVERS-COM)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	23.111.119.12 23.111.119.12	7979 (SERVERS-COM) (SERVERS-COM)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	80.64.106.152 80.64.106.152	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
6	195.209.108.48 195.209.108.48	52007 (ADRIVER-AS) (ADRIVER-AS)
3	23.111.115.236 23.111.115.236	7979 (SERVERS-COM) (SERVERS-COM)
5	176.99.5.169 176.99.5.169	49352 (LOGOL-AS) (LOGOL-AS)
3	135.125.160.77 135.125.160.77	16276 (OVH) (OVH)
1 4	188.34.131.134 188.34.131.134	24940 (HETZNER-AS) (HETZNER-AS)
1 2	185.15.175.159 185.15.175.159	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:6b8::1be 2a02:6b8::1be	208722 (YNDX) (YNDX)
2	151.236.71.19 151.236.71.19	204720 (CDNETWORKS) (CDNETWORKS)
4	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 3	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
9	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
7 7	18.195.177.130 18.195.177.130	16509 (AMAZON-02) (AMAZON-02)
1 1	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
2 2	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5 5	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
4 10	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	52.212.131.178 52.212.131.178	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1 2	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
216	71

14 2606:4700:10::6816:2e68 (United States)

ASN13335 (CLOUDFLARENET, US)

theins.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.theins.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.234.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: digitalcaramel.com

ads.digitalcaramel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:15ad (United States)

ASN13335 (CLOUDFLARENET, US)

api.theins.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.211.20 (Russian Federation)

ASN7979 (SERVERS-COM, US)

ru.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 96.46.186.57 (United States) 4 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.65.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.65.201.138.clients.your-server.de

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.232.150.45 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp18.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.108.1.48 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.51.146 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1397155.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

hb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.118.200 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.200.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.15 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.111.115.172 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cdn.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.115.244 (Russian Federation)

ASN7979 (SERVERS-COM, US)

logs.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.119.12 (Russian Federation)

ASN7979 (SERVERS-COM, US)

pl.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 80.64.106.152 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr7.rutarget.ru

clientside-video-bidder.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 195.209.108.48 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.115.236 (Russian Federation)

ASN7979 (SERVERS-COM, US)

rtb-msk-2.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 176.99.5.169 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d41257.acod.regrucolo.ru

vtg1.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu

n.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.34.131.134 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.159 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.195.177.130 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-177-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.158 (Muehlheim am Main, Germany) 5 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.172 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.74.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.159 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.13 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.131.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-131-178.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.134.78 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com	292 KB
22	doubleclick.net 4 redirects googleads.g.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	168 KB
18	theins.ru theins.ru api.theins.ru	1 MB
17	viadata.store ru.viadata.store cdn.viadata.store logs.viadata.store pl.viadata.store rtb-msk-2.viadata.store	829 KB
15	yandex.com 2 redirects mc.yandex.com	4 KB
15	betweendigital.com 4 redirects ads.betweendigital.com cache.betweendigital.com	30 KB
12	yandex.ru 1 redirects yandex.ru mc.yandex.ru matchid.adfox.yandex.ru an.yandex.ru	377 KB
9	2mdn.net s0.2mdn.net	307 KB
7	bidswitch.net 7 redirects x.bidswitch.net	4 KB
7	adriver.ru pb.adriver.ru ad.adriver.ru	34 KB
6	google.com adservice.google.com www.google.com	2 KB
5	krxd.net cdn.krxd.net beacon.krxd.net consumer.krxd.net	88 KB
5	rubiconproject.com 2 redirects pixel.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
5	bumlam.com 5 redirects sync.bumlam.com	3 KB
5	rktch.com vtg1.rktch.com	8 KB
5	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	7 KB
5	yastatic.net 1 redirects yastatic.net	157 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	adfox.ru ads.adfox.ru	380 B
4	com.ru 1 redirects adx.com.ru	1 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	tns-counter.ru 1 redirects www.tns-counter.ru	1 KB
3	dyntrk.com n.dyntrk.com	645 B
3	rutarget.ru clientside-video-bidder.rutarget.ru	2 KB
3	bidvol.com ssp.bidvol.com	1 KB
3	criteo.net static.criteo.net	39 KB
3	adhigh.net 2 redirects px.adhigh.net	1 KB
2	mgid.com 1 redirects cm.mgid.com	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	googleapis.com imasdk.googleapis.com	317 KB
2	googletagservices.com www.googletagservices.com	63 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru	1 KB
2	google.de adservice.google.de www.google.de	1 KB
2	buzzoola.com 1 redirects exchange.buzzoola.com	847 B
2	google-analytics.com www.google-analytics.com	20 KB
1	opera.com t.adx.opera.com	410 B
1	onetag-sys.com onetag-sys.com	823 B
1	createjs.com code.createjs.com	63 KB
1	openx.net rtb.openx.net	350 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	quantserve.com cms.quantserve.com	464 B
1	sniperlog.ru sync3.sniperlog.ru	516 B
1	admixer.net 1 redirects inv-nets.admixer.net	582 B
1	adform.net cm.adform.net	106 B
1	googleadservices.com partner.googleadservices.com	643 B
1	adtelligent.com hb.adtelligent.com	270 B
1	sape.ru ssp-rtb.sape.ru	448 B
1	creativecdn.com adfox-c2s-ams.creativecdn.com	203 B
1	otm-r.com yhb.p.otm-r.com	248 B
1	mail.ru ad.mail.ru	332 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	digitalcaramel.com ads.digitalcaramel.com	866 B
216	57

	Domain	Requested by
19	pagead2.googlesyndication.com	theins.ru pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net srcdoc e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	mc.yandex.com	2 redirects theins.ru mc.yandex.ru
13	ads.betweendigital.com	4 redirects yastatic.net theins.ru cache.betweendigital.com ads.betweendigital.com
12	theins.ru	theins.ru
10	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
9	s0.2mdn.net	imasdk.googleapis.com theins.ru s0.2mdn.net e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
7	x.bidswitch.net	7 redirects
6	ad.adriver.ru	theins.ru
6	api.theins.ru	theins.ru
5	sync.bumlam.com	5 redirects
5	vtg1.rktch.com	theins.ru
5	cdn.viadata.store	theins.ru cdn.viadata.store
5	yandex.ru	theins.ru yandex.ru
5	yastatic.net	1 redirects yandex.ru
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	an.yandex.ru	theins.ru yandex.ru
4	ads.adfox.ru
4	adx.com.ru	1 redirects theins.ru
4	www.google.com	theins.ru tpc.googlesyndication.com e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
4	logs.viadata.store	theins.ru
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com theins.ru
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.tns-counter.ru	1 redirects
3	pubads.g.doubleclick.net	theins.ru imasdk.googleapis.com
3	n.dyntrk.com	theins.ru
3	rtb-msk-2.viadata.store	theins.ru
3	clientside-video-bidder.rutarget.ru	theins.ru
3	pl.viadata.store	theins.ru
3	ssp.bidvol.com	yastatic.net theins.ru
3	static.criteo.net	yastatic.net theins.ru
3	px.adhigh.net	2 redirects theins.ru
2	cm.mgid.com	1 redirects
2	eus.rubiconproject.com	cache.betweendigital.com eus.rubiconproject.com
2	beacon.krxd.net	e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com cdn.krxd.net
2	googleads4.g.doubleclick.net	theins.ru
2	cdn.krxd.net	s0.2mdn.net cdn.krxd.net
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	x01.aidata.io	2 redirects
2	sync3.adsniper.ru	2 redirects
2	ap.lijit.com	2 redirects
2	e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	imasdk.googleapis.com	theins.ru imasdk.googleapis.com
2	cache.betweendigital.com	theins.ru ads.betweendigital.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.googletagservices.com	yandex.ru e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
2	sync.search.spotxchange.com	1 redirects
2	dmg.digitaltarget.ru	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
2	bidder.criteo.com	static.criteo.net
2	exchange.buzzoola.com	1 redirects theins.ru
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ru.viadata.store	theins.ru
2	mc.yandex.ru	1 redirects theins.ru
1	t.adx.opera.com
1	onetag-sys.com	cache.betweendigital.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	consumer.krxd.net	cdn.krxd.net
1	secure-assets.rubiconproject.com	1 redirects
1	code.createjs.com	s0.2mdn.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
1	sync3.sniperlog.ru
1	inv-nets.admixer.net	1 redirects
1	cm.adform.net
1	mug.criteo.com
1	www.google.de	theins.ru
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pb.adriver.ru	yastatic.net
1	hb.adtelligent.com	yastatic.net
1	ssp-rtb.sape.ru	yastatic.net
1	adfox-c2s-ams.creativecdn.com	yastatic.net
1	yhb.p.otm-r.com	yastatic.net
1	ad.mail.ru	yastatic.net
1	matchid.adfox.yandex.ru	yastatic.net
1	www.googletagmanager.com	theins.ru
1	ads.digitalcaramel.com	theins.ru
216	83

This site contains links to these domains. Also see Links.

Domain
donate.theins.ru
www.facebook.com
twitter.com
vk.com
odnoklassniki.ru
telegram.me
www.bloomberg.com
www.nytimes.com
www.rbc.ru
www.bild.de
t.me
viads.com
www.instagram.com
ok.ru
ru.depositphotos.com
charmerstudio.com
www.google.ru
www.mozilla.org
www.apple.com

Subject Issuer	Validity	Valid
*.theins.ru R3	`2021-11-08` - `2022-02-06`	3 months	crt.sh
caramel.am R3	`2021-10-31` - `2022-01-29`	3 months	crt.sh
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.viadata.store Sectigo RSA Domain Validation Secure Server CA	`2021-11-26` - `2022-11-28`	a year	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-08-26` - `2022-02-18`	6 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.p.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2022-02-06`	2 years	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
ssp.bidvol.com R3	`2021-11-29` - `2022-02-27`	3 months	crt.sh
*.sape.ru R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
hb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.rutarget.ru Thawte RSA CA 2018	`2021-05-17` - `2022-06-17`	a year	crt.sh
vtg1.rktch.com R3	`2021-11-16` - `2022-02-14`	3 months	crt.sh
*.dyntrk.com R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.adfox.ru Yandex CA	`2021-07-27` - `2022-01-06`	5 months	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh
*.adx.com.ru Sectigo RSA Domain Validation Secure Server CA	`2021-05-04` - `2022-05-04`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://theins.ru/news/246918
Frame ID: 95320CF6A260C031FD94A1BD8B6C882E
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Frame ID: BAB76F410478FB61A38C6A8B58E1E564
Requests: 1 HTTP requests in this frame

Frame: https://cdn.viadata.store/js/player/211201.js
Frame ID: 368DBD4D03AE4C2DCCACF277525AFE56
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=3025194257&lmt=1638878984&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638878984050&bpp=2&bdt=397&idt=143&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2555586674447&frm=20&pv=2&ga_vid=798049225.1638878984&ga_sid=1638878984&ga_hid=606658373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063867&oid=2&pvsid=1473418670312608&pem=175&tmod=1043535086&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157
Frame ID: 03297DB9E72A1F8CA6CE66FD1C3DECA0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=theins.ru
Frame ID: 70307AB137AFB17015C5FE3D7CBC0C1F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1D6AFDB4B73EF4C5EAF579749CF66393
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06047682CFEC56528A927343B61A08FF
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 32ABF391D9300A3A6C79C5A9FDA9BAD5
Requests: 6 HTTP requests in this frame

Frame: https://cache.betweendigital.com/vpaid_client2.js
Frame ID: 278D9786CAAADEE2FFEA5A90A10BBD45
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 63362B138C64896763BB7CA70A442EE1
Requests: 3 HTTP requests in this frame

Frame: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2CB87F31732065D8A46710576D357FA7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D6340200187B57138D87985861CDBF94
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 21643A67D705C926324D756D23D1038B
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1
Frame ID: 5063B6F5355510015A80ADF0A024B9FA
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html
Frame ID: 58619E9CB19DACEAEDD0DAD11AFF8293
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EACFA566FEC492765D6C586DCF1571C8
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=1151b3fc-f13c-5355-b291-40dcd33e0fd5&CACHEBUSTER=18455
Frame ID: EA318D97C0413184E8004AB05FECF41E
Requests: 7 HTTP requests in this frame

Frame: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 326E392775A30BE27D22ADACE3200A0F
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtrrpkQEwAQ&v=APEucNWo53NgtWRIdMl80n39ShqckhMv_X4IC88cC4ZOYT6CdVSm_pVeHa7XO1QW58eKu5_NSfDUv3_NfbOTN36F0u-g7lhnV3fy2f7czxIZ4-BQd9kBUXA4079aLffoSpLKzhNUJPKzWbFyu1eGGLN3NLDzERm4qxF9FFt4pCxL-nXhVhcWoUQ
Frame ID: 1A57628539753E078C056900F86E2A5C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 733D09DDA130CB12EEC94986D3BD22AF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E615CC13DC2749E5D7FE9313EF750BD7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/218645269490265/index.html
Frame ID: F614CA9AA9CFBC1362A416960880E3E7
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 4AF82ECE56C0A131D1D3411ED324915F
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: E514AF6D8667D63BC525461151113217
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

США и ЕС могут ограничить возможности России по обмену валют в случае нападения на Украину — BloombergViads Video Advertising

Page Statistics

216
Requests

86 %
HTTPS

36 %
IPv6

57
Domains

83
Subdomains

71
IPs

13
Countries

3888 kB
Transfer

9294 kB
Size

75
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://donate.theins.ru/
Title: Поддержите нас

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Ftheins.ru%2Fnews%2F246918

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918

Search URL Search Domain Scan URL

URL: https://odnoklassniki.ru/dk?st.cmd=addShare&st.s=https%3A%2F%2Ftheins.ru%2Fnews%2F246918

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Ft.me%2Fiv%3Furl%3Dhttps%3A%2F%2Ftheins.ru%2Fnews%2F246918%26rhash%3D4c41b9d8085adb

Search URL Search Domain Scan URL

URL: https://www.bloomberg.com/news/articles/2021-12-06/biden-weighs-russian-banking-sanctions-if-putin-invades-ukraine
Title: пишет

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2021/11/19/us/politics/russia-ukraine-biden-administration.html
Title: писали

Search URL Search Domain Scan URL

URL: https://www.rbc.ru/politics/12/11/2021/618e3ed29a79476cc76ee229
Title: назвали

Search URL Search Domain Scan URL

URL: https://www.bild.de/politik/ausland/politik-ausland/bild-exklusiv-russlands-kriegsplaene-so-koennte-putin-die-ukraine-vernichten-78425518.bild.html
Title: опубликовала

Search URL Search Domain Scan URL

URL: https://t.me/MariaVladimirovnaZakharova/1419
Title: прокомментировала

Search URL Search Domain Scan URL

URL: http://donate.theins.ru/
Title: Нам очень нужна ваша помощьподпишитесь на регулярные пожертвования

Search URL Search Domain Scan URL

URL: https://viads.com/
Title: Viads Video Advertising

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheInsiderRussia/

Search URL Search Domain Scan URL

URL: https://twitter.com/the_ins_ru

Search URL Search Domain Scan URL

URL: https://vk.com/theinsiders

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the_insider_rus/?hl=ru

Search URL Search Domain Scan URL

URL: https://t.me/theinsider

Search URL Search Domain Scan URL

URL: https://ok.ru/theinsider

Search URL Search Domain Scan URL

URL: https://ru.depositphotos.com/
Title: Deposit Photos

Search URL Search Domain Scan URL

URL: https://charmerstudio.com/
Title: Charmer

Search URL Search Domain Scan URL

URL: https://www.google.ru/chrome/browser/desktop/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/ru/firefox/new/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://www.apple.com/safari
Title: Safari

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
https://yandex.ru/ads/system/header-bidding.js

Request Chain 36

https://px.adhigh.net/rtb/yandex_hb HTTP 307
https://px.adhigh.net/rtb/yandex_hb?bounced=1

Request Chain 41

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 43

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9480.t-0U3BiJY0x7yD-UHNt9Q4lmBY6oqrPXzO6S5OSQ0XCj54ujf2EO54pgHCjfWL2V.Zi1JkwqNR-QDPQy9TFDIG55cK_o%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9480.l_vJel9CKTf42QHHFBzc9pZkKmyKA2SPUJcYpO_iCCLdZ03n6HsgStNLj2tHq_oUqP9P0gXjrm2rW0kkDoc6IA%2C%2C.6QB_TuiS-FHJCHdkbkOs5fjBVl0%2C

Request Chain 54

https://mc.yandex.com/watch/45954939?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A478%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A1%3Adp%3A0%3Als%3A1611537769251%3Ahid%3A390170396%3Az%3A0%3Ai%3A20211207120944%3Aet%3A1638878984%3Ac%3A1%3Arn%3A808563251%3Arqn%3A1%3Au%3A1638878984639333379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638878983286%3Ads%3A9%2C23%2C332%2C7%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C687%3Adsn%3A9%2C23%2C332%2C7%2C0%2C0%2C%2C97%2C0%2C%2C%2C%2C687%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638878984%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/45954939/1?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A478%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A1%3Adp%3A0%3Als%3A1611537769251%3Ahid%3A390170396%3Az%3A0%3Ai%3A20211207120944%3Aet%3A1638878984%3Ac%3A1%3Arn%3A808563251%3Arqn%3A1%3Au%3A1638878984639333379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638878983286%3Ads%3A9%2C23%2C332%2C7%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C687%3Adsn%3A9%2C23%2C332%2C7%2C0%2C0%2C%2C97%2C0%2C%2C%2C%2C687%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638878984%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 80

https://gum.criteo.com/sid/json?origin=publishertag&domain=theins.ru&sn=ChromeSyncframe&so=0&topUrl=theins.ru&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=iOhN4HxKdGRDeFo2YTh2Z2Z5cWx5MGs0cXo4Z3BYWkxteWY0S0kxZUI2SHRaVGJvcnJST0NRb1c1bWMxWVMxakFuTkVjNkpaeFo3OHRtL3ZVWlZWSCtDRFJqVXB5RUUzbDFaZnh2bkY4aW1CQkxrRE84enFJaE9Ldk9PbFRTRmc4SVZPeGthb1h1WUZ2SnRyZFlLblZQc1hwWWxXbGl4endZeUdyc0NWL3VBaVVPWW15QmhLTHNqWU5aa01hem5WaVhrdEVjeVpRYmRlenhVZ2NHbUZHdk9rL1BKdDRMRHlwQy9yTnc1dW9HUXJaUDBBcHQ1VkRjYzMxVkJ3cmpsL1ROdWlVN2pKSUUrVUU0c3ZNYjdqZGY5b1kyUT09fA&cppv=2

Request Chain 90

https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&cbb=8878984637 HTTP 302
https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rolltype=content-roll&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&vpaid=false

Request Chain 91

https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=f39360e1-f052-49c2-ab52-bf1be8579a20&i=1638878984 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=f39360e1-f052-49c2-ab52-bf1be8579a20&i=1638878984

Request Chain 93

https://sync.search.spotxchange.com/partner?adv_id=273596&uid=f39360e1-f052-49c2-ab52-bf1be8579a20 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=273596&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&__user_check__=1&sync_id=90a7e91b-5756-11ec-843d-1ab52fe70506

Request Chain 119

https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930 HTTP 302
https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1

Request Chain 120

https://ads.betweendigital.com/adv?s=4048930&vcs=3ef42844-5f5b-674d-911a-dd3628cf4694&maxd=90&mind=1&w=0&h=0&clientAuction=5&jst=vvc&tld=dGhlaW5zLnJ1&dh=v1_0001000000001&pos=atf&rsize=736x414&jsp=utbo%3D-00%3A00 HTTP 302
https://ads.betweendigital.com/adv?s=4048930&vcs=3ef42844-5f5b-674d-911a-dd3628cf4694&maxd=90&mind=1&w=0&h=0&clientAuction=5&jst=vvc&tld=dGhlaW5zLnJ1&dh=v1_0001000000001&pos=atf&rsize=736x414&jsp=utbo%3D-00%3A00&crf=1

Request Chain 121

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-vid-2/97707413 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-vid-2/97707413

Request Chain 134

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%3D05a037b5-d435-46e3-8b75-173660d2adf7%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=122f2b7b07fb48cab28f6de1e3c47236&ssp=between&bsw_param=05a037b5-d435-46e3-8b75-173660d2adf7&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a037b5-d435-46e3-8b75-173660d2adf7

Request Chain 135

https://px.adhigh.net/p/cm/btw HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uLcHI3JTq6g3.AikABlF9lMy3rA

Request Chain 136

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=e73f83fb5aae5bbf721b3f1c

Request Chain 137

https://sync.bumlam.com/?src=bw1&uid=1151b3fc-f13c-5355-b291-40dcd33e0fd5 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiJnr2NBlIFvp7KygpiJDExNTFiM2ZjLWYxM2MtNTM1NS1iMjkxLTQwZGNkMzNlMGZkNQ** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiJnr2NBlIFvp7KygpiJDExNTFiM2ZjLWYxM2MtNTM1NS1iMjkxLTQwZGNkMzNlMGZkNaIBEJFGh_pXVhHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiJnr2NBmIkMTE1MWIzZmMtZjEzYy01MzU1LWIyOTEtNDBkY2QzM2UwZmQ1ogEQkUaH-ldWEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiJnr2NBmIkMTE1MWIzZmMtZjEzYy01MzU1LWIyOTEtNDBkY2QzM2UwZmQ1ogEQkUaH-ldWEeym6QAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=914687fa-5756-11ec-a6e9-002590c82437

Request Chain 141

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=d61b9af6-fd25-5355-a500-5761c4af1868&ssp=between&expires=30&user_group=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a037b5-d435-46e3-8b75-173660d2adf7

Request Chain 151

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=914687fa-5756-11ec-a6e9-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=914687fa-5756-11ec-a6e9-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=qK%2BHk4JD3JSEulWQCUSyiA& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=qK+Hk4JD3JSEulWQCUSyiA&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=qK+Hk4JD3JSEulWQCUSyiA&extra2=aidata&google_gid=CAESEDQV4SB0Jt2yHrmKK-usQYo&google_cver=1

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8k1F7p0SwcOt-W5EHFwKg&google_cver=1

Request Chain 153

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ya9PCl-SbPmuMi8jZd7yrgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8k1F7p0SwcOt-W5EHFwKg&google_cver=1

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENZq9xqumha5JR4czI4LheU&google_cver=1

Request Chain 155

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUzODIxOTk4NTUyMDgzODYwNQ%3D%3D

Request Chain 164

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKDjpNz7vxY6XT4NdQrV7b2ldHIX_0dKNly1_YjYRXN95jmniId9_RoxhtDpCcFhMnQbBrxCUAciDNswwaI2GaJJxXKjVc&google_gid=CAESEAiC2qIzhkIQpBYSZDgV2MA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWE5UENnQUFCSGZDbWg5bw&google_push=AYg5qPKDjpNz7vxY6XT4NdQrV7b2ldHIX_0dKNly1_YjYRXN95jmniId9_RoxhtDpCcFhMnQbBrxCUAciDNswwaI2GaJJxXKjVc

Request Chain 165

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIY_snxfDAfHqXFnFP6tgsYvHzHrqFIYGuD0LSYnk9EKEs1gW9sMKs3GJ_peaAQvkYPOQply7z8_Df6RrV7ZtowLrYif48&google_gid=CAESENLwXjF6dpmqn0WzG-rylfA&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIY_snxfDAfHqXFnFP6tgsYvHzHrqFIYGuD0LSYnk9EKEs1gW9sMKs3GJ_peaAQvkYPOQply7z8_Df6RrV7ZtowLrYif48&google_gid=CAESENLwXjF6dpmqn0WzG-rylfA&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMDcxMjA5NDYwMDA4MjcyNDExNjE4OQ%3D%3D&google_push=AYg5qPIY_snxfDAfHqXFnFP6tgsYvHzHrqFIYGuD0LSYnk9EKEs1gW9sMKs3GJ_peaAQvkYPOQply7z8_Df6RrV7ZtowLrYif48

Request Chain 167

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGAhphMMUySDi3eLGQJgcU0&google_cver=1&google_push=AYg5qPJV6PZ1DIzRpdTgjRLzxP3mCvYw_y38MypGTZCYv-mJFEfAEQ-qqS-LnbgEbMeEucosciUdgRFyDypHNLj3fPBrkrKEZwI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGAhphMMUySDi3eLGQJgcU0&google_cver=1&google_push=AYg5qPJV6PZ1DIzRpdTgjRLzxP3mCvYw_y38MypGTZCYv-mJFEfAEQ-qqS-LnbgEbMeEucosciUdgRFyDypHNLj3fPBrkrKEZwI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z7W_vYr4RTu9sBVUcuHLGA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJV6PZ1DIzRpdTgjRLzxP3mCvYw_y38MypGTZCYv-mJFEfAEQ-qqS-LnbgEbMeEucosciUdgRFyDypHNLj3fPBrkrKEZwI

Request Chain 168

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAUChpTlp3V0LKaBFpSQNhc&google_cver=1&google_push=AYg5qPKPn8n1ZtBDAgV1ZIMYY3ubUx2Z7Ulu5_d_WGpXm2rxxk7ffg53tpYyM0AwwfBcrGSaU0Au90hQ3J_FFylsyHI2hNoJkKxX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dXMjhGME4tMVMtMjJL&google_push=AYg5qPKPn8n1ZtBDAgV1ZIMYY3ubUx2Z7Ulu5_d_WGpXm2rxxk7ffg53tpYyM0AwwfBcrGSaU0Au90hQ3J_FFylsyHI2hNoJkKxX

Request Chain 169

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE

Request Chain 180

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 191

https://x.bidswitch.net/sync?dsp_id=429&user_id=1151b3fc-f13c-5355-b291-40dcd33e0fd5&expires=60 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=05a037b5-d435-46e3-8b75-173660d2adf7&gdpr=&gdpr_consent=&us_privacy= HTTP 307
https://cm.mgid.com/m?c=05a037b5-d435-46e3-8b75-173660d2adf7&cdsp=433145&gdpr=&gdpr_consent=&us_privacy=&sct=1

Request Chain 194

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F1151b3fc-f13c-5355-b291-40dcd33e0fd5 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/1151b3fc-f13c-5355-b291-40dcd33e0fd5

216 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 246918 Show response
theins.ru/news/ 120 KB
22 KB 365ms
332ms Document
text/html 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c361cc03a3443a5e1430458e1ef1b224ced6a00325f89096d4ee996c3a31f7a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
x-cache-device-type: decktop
x-cache-status: EXPIRED
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9da58db9ee5b26-FRA
content-encoding: gzip

GET
H2 200 application-1e3dfd3e699368fd7dfb-app.optimize.css
theins.ru/public/assets/ 130 KB
17 KB 19ms
19ms Stylesheet
text/css 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b281f269aa142078ccfb43c9c187898247c17bac758717ad4a270b5123931c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/news/246918
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:40 GMT
server: cloudflare
age: 502815
etag: "619bbfd4-4406"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da58ffdf05b26-FRA
content-length: 17414
expires: Thu, 01 Dec 2022 16:29:28 GMT

GET
H2 200 application-1e3dfd3e699368fd7dfb-styles.optimize.css
theins.ru/public/assets/ 234 KB
27 KB 21ms
20ms Stylesheet
text/css 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-styles.optimize.css
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3576afae118b48511f152d8ce95a1e19315db7c0a0030726889822498af78d70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/news/246918
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:40 GMT
server: cloudflare
age: 502815
etag: "619bbfd4-6d4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da58ffdf25b26-FRA
content-length: 27978
expires: Thu, 01 Dec 2022 16:29:28 GMT

GET
H2 200 modernizr.js Show response
theins.ru/public/assets/ 5 KB
2 KB 16ms
16ms Script
application/javascript 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/modernizr.js
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03cb67968a56ab998398f5a5f7b515e817ec487e5ba4b417c1def63eca12ca73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/news/246918
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:02 GMT
server: cloudflare
age: 502815
etag: W/"619bbfae-1282"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6b9da5903e6b5b26-FRA
expires: Thu, 01 Dec 2022 16:29:28 GMT

GET
H2

200

header-bidding.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/header-bidding.js
https://yandex.ru/ads/system/header-bidding.js

167 KB
45 KB

121ms
120ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c7e832f91eb0a4ec7d6cc446c1ae8c7ca5e1bedf037d5a70d328d9bb40ac840b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1638878983871160-14963346868551246653-man1-2695-602-man-l7-balancer-8080-BAL-7634
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 07 Dec 2021 13:09:43 GMT

Redirect headers

date: Tue, 07 Dec 2021 12:09:43 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/header-bidding.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2 200 theins.ru.js Show response
ads.digitalcaramel.com/js/ 2 KB
866 B 48ms
11ms Script
application/javascript 88.99.234.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.digitalcaramel.com/js/theins.ru.js

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.99.234.26 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

digitalcaramel.com

Software

nginx /

Resource Hash

e4b8f7079db84f76db199ccc4597f1efa957d270eb484bac2e02d343ba848fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Oct 2021 07:35:01 GMT
server: nginx
etag: W/"615ff4a5-9e7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubdomains; preload
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 302 KB
82 KB 159ms
58ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

bb1f113dd02e0df63bb02b0f993b27f5dc8d96883d54fda74d84e1c76fbeb7da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1638878983844965-5164452312579713487-man1-2695-602-man-l7-balancer-8080-BAL-1073
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 07 Dec 2021 13:09:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 183ms
69ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53376875a177ffdd2ae2b0b19fc973b0e101ea68fe79734738274024476a517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51974
x-xss-protection: 0
server: cafe
etag: 17440277175985217834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 12:09:43 GMT

GET
H2 200 anBn.jpg
api.theins.ru/images/SBxKP86qICU_45b_s4RPgmPDrWYS7hNhyNGWjCI4Hw0/rs:auto:877:579:0:0/dpr:2/q:90/bG9jYWw6L3B1Ymxp/Yy9zdG9yYWdlL3Bv/c3QvMjQ2OTE4L2Zp/bGUtZjBiN2ZjZDJk/YWUxOGQyMzU4ZmUz/M2Q5NWFkMmExYTku/ 316 KB
317 KB 59ms
46ms Image
image/jpeg 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theins.ru/images/SBxKP86qICU_45b_s4RPgmPDrWYS7hNhyNGWjCI4Hw0/rs:auto:877:579:0:0/dpr:2/q:90/bG9jYWw6L3B1Ymxp/Yy9zdG9yYWdlL3Bv/c3QvMjQ2OTE4L2Zp/bGUtZjBiN2ZjZDJk/YWUxOGQyMzU4ZmUz/M2Q5NWFkMmExYTku/anBn.jpg
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11c17fa1d31b854a771ec4833b336c218445ccd40f5047880ad496a27b737280

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
cf-cache-status: HIT
age: 20698
content-disposition: inline; filename="file-f0b7fcd2dae18d2358fe33d95ad2a1a9.jpg"
content-length: 323516
x-request-id: BHsBUUEZq8iHx-QggnAaBv
last-modified: Tue, 07 Dec 2021 06:24:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 07 Dec 2022 06:24:45 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da5905ead5b26-FRA
cf-bgj: h2pri

GET
H2 200 application-1e3dfd3e699368fd7dfb-app.js Show response
theins.ru/public/assets/ 1 MB
333 KB 17ms
17ms Script
application/javascript 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.js
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3ad5466bf8e93c888ca830d9b03728feeb7156e6118f878f45f36fca31f17d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/news/246918
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:40 GMT
server: cloudflare
age: 502815
etag: "619bbfd4-53148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da5904e825b26-FRA
content-length: 340296
expires: Thu, 01 Dec 2022 16:29:28 GMT

GET
H2 200 application-1e3dfd3e699368fd7dfb-styles.js Show response
theins.ru/public/assets/ 23 KB
9 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-styles.js
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 692446225814c5bc8e8f73a291afdf6626e40a2a3a533ab737e8dea55e5545d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/news/246918
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:40 GMT
server: cloudflare
age: 502815
etag: "619bbfd4-21b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da5901e3d5b26-FRA
content-length: 8633
expires: Thu, 01 Dec 2022 16:29:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 160ms
51ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-44581081-1

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fad2e6b1c147c30ac71bc627652895f64a3fcab20d350c8f67bcb9ec24fcfdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36247
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:09:43 GMT

GET
DATA 200
OK truncated
/ 141 B
141 B Image
image/svg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg

GET
H2 200 RFDewiCondensed-Bold.woff2
theins.ru/public/assets/fonts/ 41 KB
41 KB 26ms
25ms Font
application/octet-stream 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/fonts/RFDewiCondensed-Bold.woff2
Requested by: Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 559e15e9c1f2aed0308858ccdd55dd9de22dcd2a3a4802de64ab56c5a00bef97

Request headers

Referer: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Origin: https://theins.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:40 GMT
server: cloudflare
age: 502815
etag: "619bbfd4-a559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da5905e9d5b26-FRA
content-length: 42329
expires: Thu, 01 Dec 2022 16:29:28 GMT

GET
H2 200 RFDewiExpanded-Black.woff2
theins.ru/public/assets/fonts/ 42 KB
42 KB 27ms
26ms Font
application/octet-stream 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/fonts/RFDewiExpanded-Black.woff2
Requested by: Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834af6158f003b1d449f2398617ac58ecca6a0d8c0cd653442c49185432fc06e

Request headers

Referer: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Origin: https://theins.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:40 GMT
server: cloudflare
age: 502815
etag: "619bbfd4-a649"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da5905ea05b26-FRA
content-length: 42569
expires: Thu, 01 Dec 2022 16:29:28 GMT

GET
H2 200 RFDewi-Regular.woff2
theins.ru/public/assets/fonts/ 28 KB
28 KB 26ms
25ms Font
application/octet-stream 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/fonts/RFDewi-Regular.woff2
Requested by: Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20dcd1712a09e708373636f76fb4afc4a7b3a66277ecafbb036d6cb4acac941b

Request headers

Referer: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Origin: https://theins.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:40 GMT
server: cloudflare
age: 502815
etag: "619bbfd4-6e0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da5905ea25b26-FRA
content-length: 28172
expires: Thu, 01 Dec 2022 16:29:28 GMT

GET
H2 200 RFDewiCondensed-Ultrabold.woff2
theins.ru/public/assets/fonts/ 27 KB
27 KB 26ms
26ms Font
application/octet-stream 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/fonts/RFDewiCondensed-Ultrabold.woff2
Requested by: Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1d777d1448f841f8d6c3dc55073f244022acf5a60d246863cff979748ccf142

Request headers

Referer: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Origin: https://theins.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:40 GMT
server: cloudflare
age: 502815
etag: "619bbfd4-6ab8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da5905ea45b26-FRA
content-length: 27320
expires: Thu, 01 Dec 2022 16:29:28 GMT

GET
H2 200 RFDewiCondensed-Semibold.woff2
theins.ru/public/assets/fonts/ 27 KB
27 KB 26ms
26ms Font
application/octet-stream 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/fonts/RFDewiCondensed-Semibold.woff2
Requested by: Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9efec227fa2dd3f0e1cc60a36dc9b1c27d2a0baf2b03c29efb20e0025ed76d0f

Request headers

Referer: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.optimize.css
Origin: https://theins.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:40 GMT
server: cloudflare
age: 502815
etag: "619bbfd4-6b3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da5905ea55b26-FRA
content-length: 27452
expires: Thu, 01 Dec 2022 16:29:28 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 192 KB
66 KB 198ms
73ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

63cce1521fcd97e195120a05274cd014773a4cb4ef37d4faa70c2bb8ecb9d999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 11:34:28 GMT
etag: "61af1c94-10572"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 66930
expires: Tue, 07 Dec 2021 13:09:43 GMT

GET
H2 200 application-1e3dfd3e699368fd7dfb-article.js Show response
theins.ru/public/assets/ 40 KB
9 KB 16ms
16ms Script
application/javascript 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-article.js
Requested by: Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce400adf4048173aaf986da2569e97fd793eac19b1863f94132ade681abf0a29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/news/246918
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 16:05:40 GMT
server: cloudflare
age: 502815
etag: "619bbfd4-21fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da590ffd05b26-FRA
content-length: 8702
expires: Thu, 01 Dec 2022 16:29:28 GMT

OPTIONS
H2 204 viewed
api.theins.ru/ Frame 0
0 75ms
52ms Preflight
text/plain 2606:4700:10::ac43:15ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.theins.ru/viewed?id=246918&type=Post%3A%3ANews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: user-language
Origin: https://theins.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://theins.ru
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE, HEAD
access-control-allow-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range, post-referer, session-id, resource, user-language
access-control-max-age: 1728000
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9da591df4d4ec1-FRA

GET /
api.theins.ru/proxy/fb/ 0
0

GET
H2 200 vk Show response
api.theins.ru/proxy/ 21 B
637 B 239ms
216ms XHR
text/html 2606:4700:10::ac43:15ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.theins.ru/proxy/vk?act=count&index=1&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918

Requested by

Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:15ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / KPHP/7.4.109542

Resource Hash

5c883fd81aa6616988d11949a780dfa476f39ba7aca55f1cfeaec60b5d19cbe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-powered-by: KPHP/7.4.109542
x-frontend: front512006
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE, HEAD
content-type: text/html; charset=windows-1251
access-control-allow-origin: https://theins.ru
access-control-expose-headers: X-Frontend, Content-Length,Content-Range
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 6b9da591df4b4ec1-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control, Content-Type,Range, post-referer, session-id, resource

GET
H2 200 dk Show response
api.theins.ru/proxy/ok/ 25 B
2 KB 207ms
184ms XHR
application/javascript 2606:4700:10::ac43:15ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.theins.ru/proxy/ok/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Ftheins.ru%2Fnews%2F246918

Requested by

Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:15ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com; worker-src blob: 'self'; connect-src wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;includeSubdomains;preload
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE, HEAD
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: https://theins.ru
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store
access-control-allow-credentials: true, true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
cf-ray: 6b9da591df4c4ec1-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control, Content-Type,Range, post-referer, session-id, resource
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 viewed Show response
api.theins.ru/ 0
189 B 19ms
19ms XHR
application/octet-stream 2606:4700:10::ac43:15ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.theins.ru/viewed?id=246918&type=Post%3A%3ANews
Requested by: Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
User-Language: ru

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE, HEAD
content-type: application/octet-stream
access-control-allow-origin: https://theins.ru
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6b9da5922ff14ec1-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control, Content-Type,Range, post-referer, session-id, resource
content-length: 0

GET
H2 200 load.js Show response
ru.viadata.store/tag/ 8 KB
5 KB 143ms
46ms Script
application/javascript 23.111.211.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.viadata.store/tag/load.js?sid=102696&tag_id=via_102696
Requested by: Host: theins.ru
URL: https://theins.ru/public/assets/application-1e3dfd3e699368fd7dfb-article.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 9f37ea77c3303ede846b02f7d22ade6c0284e4e73ad8d8c5b53608de003a1066

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server: nginx/1.19.5
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 anBn.jpg
api.theins.ru/images/xlWqHxGK1IPOr0ILgYKDs7F4t9gnW62ax95ybGyy4pw/rs:auto:877:579:0:0/dpr:1/q:90/bG9jYWw6L3B1Ymxp/Yy9zdG9yYWdlL3Bv/c3QvMjQ2OTE4L2Zp/bGUtZjBiN2ZjZDJk/YWUxOGQyMzU4ZmUz/M2Q5NWFkMmExYTku/ 123 KB
124 KB 28ms
27ms Image
image/jpeg 2606:4700:10::6816:2e68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.theins.ru/images/xlWqHxGK1IPOr0ILgYKDs7F4t9gnW62ax95ybGyy4pw/rs:auto:877:579:0:0/dpr:1/q:90/bG9jYWw6L3B1Ymxp/Yy9zdG9yYWdlL3Bv/c3QvMjQ2OTE4L2Zp/bGUtZjBiN2ZjZDJk/YWUxOGQyMzU4ZmUz/M2Q5NWFkMmExYTku/anBn.jpg
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac676d115d20505b7728ea958e6b20b980243fb7ba8cfa92f6aab4f5ce4edb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:43 GMT
cf-cache-status: HIT
age: 22369
content-disposition: inline; filename="file-f0b7fcd2dae18d2358fe33d95ad2a1a9.jpg"
content-length: 126321
x-request-id: msmARiIUKuCP_U_29vQjMk
last-modified: Tue, 07 Dec 2021 05:56:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 07 Dec 2022 05:56:54 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9da591c92c5b26-FRA
cf-bgj: h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-44581081-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2081
date: Tue, 07 Dec 2021 11:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 13:35:03 GMT

GET
H2 200 83c5fadf1f21f4749bc2.js Show response
yastatic.net/partner-code-bundles/50302/ 13 KB
5 KB 96ms
34ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/50302/83c5fadf1f21f4749bc2.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

99bf0c9526e4ca09f66abfd88e13cbacdff3f602cec540de29b66c22c1b1dbc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://theins.ru/
Origin: https://theins.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4453
last-modified: Mon, 06 Dec 2021 15:14:52 GMT
server: nginx/1.17.9
etag: "54c123fb697568b5c05974045838aab7"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2051 18:43:29 GMT

GET
H2 200 e398d6edfbc6193e6f74.js Show response
yastatic.net/partner-code-bundles/50302/ 80 KB
17 KB 124ms
62ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/50302/e398d6edfbc6193e6f74.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5a15dcfbcda13abdb3dfd470cf969141bbea86d05932e8f49b1e7a9249bc416f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://theins.ru/
Origin: https://theins.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17064
last-modified: Mon, 06 Dec 2021 15:14:52 GMT
server: nginx/1.17.9
etag: "3922df22d4a234a2be02076996e99ee7"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2051 18:44:44 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 169ms
108ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://theins.ru/
Origin: https://theins.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2051 18:43:35 GMT

GET
H2 200 da77a39fa9e0bb34c942.js Show response
yastatic.net/partner-code-bundles/50302/ 611 KB
125 KB 132ms
78ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/50302/da77a39fa9e0bb34c942.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

aee7fc5f785653c0d549f29d69632d36edcfec69e0460b6cb0d0747febae5ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://theins.ru/
Origin: https://theins.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 127202
last-modified: Mon, 06 Dec 2021 15:14:52 GMT
server: nginx/1.17.9
etag: "b9acae5b313c3bb9fecd99652dc6426d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2051 18:44:44 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 87 B
366 B 187ms
47ms XHR
application/json 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

37dc0a11c65ecce74cd009be8503cc290c168fb94795b3b32d52a097c194b313

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://theins.ru
date: Tue, 07 Dec 2021 12:09:44 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 87
x-content-type-options: nosniff
content-type: application/json

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
332 B 153ms
55ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 07 Dec 2021 12:09:44 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://theins.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
221 B 287ms
98ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theins.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
248 B 48ms
11ms XHR
text/plain 138.201.65.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.65.201.138.clients.your-server.de
Software: nginx/1.17.4 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theins.ru
date: Tue, 07 Dec 2021 12:09:44 GMT
access-control-allow-credentials: true
server: nginx/1.17.4
content-length: 11
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
203 B 53ms
15ms XHR
application/json 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://theins.ru
date: Tue, 07 Dec 2021 12:09:44 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H2

200

yandex_hb Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/yandex_hb
https://px.adhigh.net/rtb/yandex_hb?bounced=1

11 B
313 B

39ms
39ms

XHR
application/json

193.232.150.45
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Server: 193.232.150.45 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp18.sender.ltmse.com
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
server: nginx
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://theins.ru
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 11
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
server: nginx
access-control-allow-origin: https://theins.ru
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 48ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:13 GMT
server: nginx
etag: W/"618cb9a1-1d4ec"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Dec 2021 12:09:44 GMT

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 11 B
469 B 121ms
53ms XHR
application/json 65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
server: nginx/1.14.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theins.ru
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 11
x-request-id: d430c6c1-9576-46f0-aac4-ec811451af07
expires: 0

POST
H/1.1 200
OK adfoxhb Show response
ssp-rtb.sape.ru/ 11 B
448 B 87ms
63ms XHR
application/json 116.202.51.146
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/adfoxhb
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.51.146 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1397155.sapientru.net
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 07 Dec 2021 12:09:44 GMT
Server: openresty
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://theins.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 11

POST
H/1.1 200
OK auction Show response
hb.adtelligent.com/v3/ 11 B
270 B 515ms
303ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adtelligent.com/v3/auction
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://theins.ru
Date: Tue, 07 Dec 2021 12:09:43 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 11
Content-Type: application/json; charset=UTF-8

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
313 B

29ms
29ms

XHR
text/plain

144.76.118.200
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Server: 144.76.118.200 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.200.118.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://theins.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Tue, 07 Dec 2021 12:09:44 GMT
server: nginx
access-control-allow-origin: https://theins.ru
etag: W/"1b766997341b23441984b4c7814fe415f6ff0830c9766afe7d430892b2e95471"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
297 B 275ms
118ms XHR
text/plain 195.209.111.15
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.15 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://theins.ru
Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:44 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9480.t-0U3BiJY0x7yD-UHNt9Q4lmBY6oqrPXzO6S5OSQ0XCj54ujf2EO54pgHCjfWL2V.Zi1JkwqNR-QDPQy9TFDIG55cK_o%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9480.l_vJel9CKTf42QHHFBzc9pZkKmyKA2SPUJcYpO_iCCLdZ03n6HsgStNLj2tHq_oUqP9P0gXjrm2rW0kkDoc6IA%2C%2C.6QB_TuiS-FHJCHdkbkOs5fjBVl0%2C

75 B
75 B

32ms
32ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9480.l_vJel9CKTf42QHHFBzc9pZkKmyKA2SPUJcYpO_iCCLdZ03n6HsgStNLj2tHq_oUqP9P0gXjrm2rW0kkDoc6IA%2C%2C.6QB_TuiS-FHJCHdkbkOs5fjBVl0%2C

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9480.l_vJel9CKTf42QHHFBzc9pZkKmyKA2SPUJcYpO_iCCLdZ03n6HsgStNLj2tHq_oUqP9P0gXjrm2rW0kkDoc6IA%2C%2C.6QB_TuiS-FHJCHdkbkOs5fjBVl0%2C
date: Tue, 07 Dec 2021 12:09:44 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 35ms
34ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
last-modified: Tue, 07 Dec 2021 11:34:28 GMT
etag: "61af1c94-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Dec 2021 13:09:44 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 273 KB
99 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=theins.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e4076fbe85ca310bb97bc23bc4686bd4c46be96f8b3532effb0d02d0acbdce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100885
x-xss-protection: 0
server: cafe
etag: 13506509126896142361
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Dec 2021 12:09:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/ Frame BAB7 11 KB
5 KB 125ms
38ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 06 Dec 2021 21:23:19 GMT
expires: Mon, 20 Dec 2021 21:23:19 GMT
content-type: text/html; charset=UTF-8
etag: 6406113418471942685
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4879
x-xss-protection: 0
age: 53185
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
182 B 50ms
18ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=86530185765
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://theins.ru
date: Tue, 07 Dec 2021 12:09:43 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 hls.js Show response
cdn.viadata.store/static/js/ 235 KB
71 KB 145ms
52ms Script
application/javascript 23.111.115.172
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/static/js/hls.js
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
last-modified: Tue, 12 Jan 2021 14:39:05 GMT
server: nginx
etag: W/"5ffdb489-3ab3e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-continent: EU
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 code.js Show response
ru.viadata.store/tag/ 30 KB
15 KB 45ms
45ms Script
application/javascript 23.111.211.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ru.viadata.store/tag/code.js
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.211.20 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
cache-control: public
content-type: application/javascript; charset=utf-8
server: nginx/1.19.5
content-encoding: br
vary: Accept-Encoding
expires: Wed, 08 Dec 2021 12:09:44 GMT

GET
H2 200 site
logs.viadata.store/req/ 43 B
297 B 181ms
43ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/req/site?sid=102696&cid=0&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&event=playerLoaded&cb=1638878984097

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 12:09:44 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
182 B 14ms
14ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://theins.ru
date: Tue, 07 Dec 2021 12:09:43 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 17ms
16ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 02 Dec 2022 12:09:44 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 14ms
14ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 02 Dec 2022 12:09:44 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/45954939/
Redirect Chain

https://mc.yandex.com/watch/45954939?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A478%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.com/watch/45954939/1?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A478%3Afu%3A0%3Aen%3Aut...

350 B
432 B

37ms
37ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/45954939/1?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A478%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A1%3Adp%3A0%3Als%3A1611537769251%3Ahid%3A390170396%3Az%3A0%3Ai%3A20211207120944%3Aet%3A1638878984%3Ac%3A1%3Arn%3A808563251%3Arqn%3A1%3Au%3A1638878984639333379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638878983286%3Ads%3A9%2C23%2C332%2C7%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C687%3Adsn%3A9%2C23%2C332%2C7%2C0%2C0%2C%2C97%2C0%2C%2C%2C%2C687%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638878984%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

65d7726c522dde05a5cb467fbc568cf76c31ad1ae1a90d50f061fe04c08d0f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 07-Dec-2021 12:09:44 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:44 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
last-modified: Tue, 07-Dec-2021 12:09:44 GMT
location: /watch/45954939/1?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A478%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A1%3Adp%3A0%3Als%3A1611537769251%3Ahid%3A390170396%3Az%3A0%3Ai%3A20211207120944%3Aet%3A1638878984%3Ac%3A1%3Arn%3A808563251%3Arqn%3A1%3Au%3A1638878984639333379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638878983286%3Ads%3A9%2C23%2C332%2C7%2C0%2C0%2C%2C101%2C0%2C%2C%2C%2C687%3Adsn%3A9%2C23%2C332%2C7%2C0%2C0%2C%2C97%2C0%2C%2C%2C%2C687%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638878984%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:44 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 93ms
46ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=606658373&t=pageview&_s=1&dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&ul=en-us&de=UTF-8&dt=%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=404005430&gjid=1100373243&cid=798049225.1638878984&tid=UA-44581081-1&_gid=695578429.1638878984&_r=1&gtm=2ouc10&z=1351357853

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theins.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 211201.js Show response
cdn.viadata.store/js/player/ Frame 368D 180 KB
75 KB 151ms
143ms Script
application/javascript 23.111.115.172
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/js/player/211201.js
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 09f5a546d338271977ebb834261b2f45b0aabcb9e0a19a16beb0c7ba4b01412f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 16:20:02 GMT
server: nginx
etag: W/"61aa43b2-2d167"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-continent: EU
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
643 B 174ms
49ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=theins.ru&callback=_gfp_s_&client=ca-pub-4894759983606832

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4894759983606832&plah=theins.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d522081cd8a06c9234230d006ca584c4830cdd279c8efac249e062b1394b1560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 140ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=theins.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 138ms
48ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theins.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&tn=HEADER&cls=_1K0cJ&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0329 0
19 B 141ms
94ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=3025194257&lmt=1638878984&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638878984050&bpp=2&bdt=397&idt=143&shv=r20211201&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2555586674447&frm=20&pv=2&ga_vid=798049225.1638878984&ga_sid=1638878984&ga_hid=606658373&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063859%2C31063867&oid=2&pvsid=1473418670312608&pem=175&tmod=1043535086&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=157

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Dec 2021 12:09:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 07 Dec 2021 12:09:44 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44581081-1&cid=798049225.1638878984&jid=404005430&gjid=1100373243&_gid=695578429.1638878984&_u=YEBAAUAAAAAAAC~&z=594559222

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Dec 2021 12:09:44 GMT
content-type: text/plain
access-control-allow-origin: https://theins.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 152ms
64ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44581081-1&cid=798049225.1638878984&jid=404005430&_u=YEBAAUAAAAAAAC~&z=1155085644

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 147ms
59ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44581081-1&cid=798049225.1638878984&jid=404005430&_u=YEBAAUAAAAAAAC~&z=1155085644

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12_news_eng.m3u8 Show response
cdn.viadata.store/media/ 1 KB
2 KB 136ms
51ms XHR
application/vnd.apple.mpegurl 23.111.115.172
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/media/12_news_eng.m3u8
Requested by: Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 45f0f17894ab482b67a6d7f5fa80bd19fb44da017e93a2df668311c9409c0970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
last-modified: Fri, 26 Feb 2021 14:49:33 GMT
server: nginx
etag: "60390a7d-513"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-allow-credentials: true
x-continent: EU
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1299

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 371 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
pl.viadata.store/export/102696/ Frame 368D 7 KB
2 KB 158ms
55ms XHR
application/json 23.111.119.12
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl.viadata.store/export/102696/?secured=1&language=en&page_url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pub_sid=102696&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=theins.ru&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=984423&VIA_WIDTH=736&VIA_HEIGHT=414&imp=false&rc=1&cb=1638878984466
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 924e0001b638d4b7a9ca60596f6f828a76fa92add457b49c1075faaa1ce35cd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: br
server: nginx/1.19.5
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theins.ru
access-control-allow-credentials: true
access-control-allow-headers: sentry-trace

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7030 11 KB
5 KB 48ms
16ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=theins.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2052
date: Tue, 07 Dec 2021 12:09:43 GMT
content-length: 4685

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 95ms
50ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3907b7b0b0768954a940e36103cc4ba52ad97ae422feb65b2aeeb4568e928c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8509
x-xss-protection: 0

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/260971/getBulk/ 15 KB
16 KB 338ms
337ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/260971/getBulk/v2?dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&date=2021-12-07T12%3A09%3A44.529%2B00%3A00&pd=7&pdh=1200&pdw=1600&pr1=2376893594&pr=874324826&prr=&pv=12&pw=2&extid_loader=MTYzODg3ODk4NDYzOTMzMzM3OQ%3D%3D&extid_tag_loader=theins.ru&ylv=0.50302&ybv=0.50302&ytt=69269237008405&is-turbo=0&skip-token=&ad-session-id=566871638878984540&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A500%2C%22width%22%3A300%2C%22height%22%3A500%2C%22visible%22%3A0%2C%22left%22%3A20%2C%22top%22%3A968%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=50302&availableWidth=300&availableHeight=500&yaru=true&p1=cpewf&p2=gxmq&slotNumber=1&bids=W3siY2FtcGFpZ25faWQiOjk1Mjk2MSwicmVzcG9uc2VfdGltZSI6MTc3LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzY4NTI5In0seyJjYW1wYWlnbl9pZCI6OTU3ODkzLCJyZXNwb25zZV90aW1lIjozMTUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyOTUxOTYxIn0seyJjYW1wYWlnbl9pZCI6MTUzNjEzMSwicmVzcG9uc2VfdGltZSI6NjAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyMTEyNyJ9LHsiY2FtcGFpZ25faWQiOjEwMTkxMDUsInJlc3BvbnNlX3RpbWUiOjY3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiU01YRjJpMlA5aHhsdnNVbGJZdTEifSx7ImNhbXBhaWduX2lkIjoxMDQ4ODk5LCJyZXNwb25zZV90aW1lIjoxNzgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2Nl8zMDB4NjAwX2FsZmFkYXJ0In0seyJjYW1wYWlnbl9pZCI6MTAxNjU1NywicmVzcG9uc2VfdGltZSI6MTI5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTQ3MzI1NSJ9LHsiY2FtcGFpZ25faWQiOjE0NDU3MjUsInJlc3BvbnNlX3RpbWUiOjEyNSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0OTk3In0seyJjYW1wYWlnbl9pZCI6MTY3MjY5NywicmVzcG9uc2VfdGltZSI6OTMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2NzExMzgifSx7ImNhbXBhaWduX2lkIjoxNjY5MjI0LCJyZXNwb25zZV90aW1lIjo1MTksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2NzE4NDgifSx7ImNhbXBhaWduX2lkIjo5NTcxMjksInJlc3BvbnNlX3RpbWUiOjkzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTIyNDI2OSJ9LHsiY2FtcGFpZ25faWQiOjkzMDA4OCwicmVzcG9uc2VfdGltZSI6Mjc5LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNTc6dGhlaW5zXzMwMHg2MDAifV0%3D&utf8=%E2%9C%93&duid=MTYzODg3ODk4NDYzOTMzMzM3OQ%3D%3D&pcode-test-ids=464259%2C0%2C26%3B465546%2C0%2C89%3B462894%2C0%2C54%3B452125%2C0%2C21%3B457259%2C0%2C45%3B462727%2C0%2C75%3B461569%2C0%2C54%3B462997%2C0%2C61%3B462337%2C0%2C97%3B463996%2C0%2C19%3B468566%2C0%2C72%3B464405%2C0%2C9%3B457999%2C0%2C9%3B451371%2C0%2C29%3B456345%2C0%2C95%3B467680%2C0%2C18%3B464139%2C0%2C-1%3B464262%2C0%2C-1%3B437233%2C0%2C-1%3B465609%2C0%2C-1%3B460914%2C0%2C23&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22467288%22%2C%22testId%22%3A%22469270%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22RETURN_RR_ACTIVE_TEST_IDS%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22465091%22%7D%5D%2C%22DISABLE_ETAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468484%22%7D%5D%2C%22ENABLE_ELEMENT_FROM_POINT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22464259%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22465546%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22EXP%22%2C%22testId%22%3A%22462894%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457259%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461569%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461569%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461569%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461569%22%7D%5D%2C%22TWO_SIDE_SOLID_BG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462997%22%7D%5D%2C%22SMART_BANNER_VERSION%22%3A%5B%7B%22value%22%3A%22smart-banner-adaptive_v1%22%2C%22testId%22%3A%22462337%22%7D%5D%2C%22HORIZONTAL_SD_NO_BUTTON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463996%22%7D%5D%2C%22LEADERBOARD_HORIZONTAL_SD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463996%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468566%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468566%22%7D%5D%2C%22ADAPTIVE_SQUARE_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22464405%22%7D%5D%2C%22ADAPTIVE_ROUND_BUTTON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22464405%22%7D%5D%2C%22POSTER_DISABLE_BUTTON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22464405%22%7D%5D%2C%22ENABLE_SSR_ADFOX_WIDGET%22%3A%5B%7B%22value%22%3A%22ctrl%22%2C%22testId%22%3A%22457999%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22KEBAB_CLICKABLE_AREA%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22456345%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2250267%22%2C%22testId%22%3A%22467680%22%7D%5D%2C%22SMART_QUEUE%22%3A%5B%7B%22value%22%3A%22queue_full%22%2C%22testId%22%3A%22464139%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22464262%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%2C%22REMOVE_DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22465609%22%7D%5D%7D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=6wkgMUOnMCGmDdPae6nASyOn17tsL8RiAkJuSRLydEXhtH5Ts81tkKTPb5NgbsDTyrfIulnb%2F0OcZA6Q%2FTZr%2BJzxYJA%3D&grab-orig-len=560&grab=dNCh0KjQkCDQuCDQldChINC80L7Qs9GD0YIg0L7Qs9GA0LDQvdC40YfQuNGC0Ywg0LLQvtC30LzQvtC20L3QvtGB0YLQuCDQoNC-0YHRgdC40Lgg0L_QviDQvtCx0LzQtdC90YMg0LLQsNC70Y7RgiDQsiDRgdC70YPRh9Cw0LUg0L3QsNC_0LDQtNC10L3QuNGPINC90LAg0KPQutGA0LDQuNC90YMg4oCUIEJsb29tYmVyZwox0KHQqNCQINC4INCV0KEg0LzQvtCz0YPRgiDQvtCz0YDQsNC90LjRh9C40YLRjCDQstC-0LfQvNC-0LbQvdC-0YHRgtC4INCg0L7RgdGB0LjQuCDQv9C-INC-0LHQvNC10L3RgyDQstCw0LvRjtGCINCyINGB0LvRg9GH0LDQtSDQvdCw0L_QsNC00LXQvdC40Y8g0L3QsCDQo9C60YDQsNC40L3RgyDigJQgQmxvb21iZXJnIAoy0J3QsNC8INC-0YfQtdC90Ywg0L3Rg9C20L3QsCDQstCw0YjQsCDQv9C-0LzQvtGJ0YwgCg%3D%3D&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f331142ac634bbe369caf0f7e926e305fb3ef1b1685e84678a316d337b427eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1638878984569103-13236862364498374274-man1-2695-602-man-l7-balancer-8080-BAL-81
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Tue, 07 Dec 2021 12:09:44 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 07 Dec 2021 12:09:44 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/45954939/ 43 B
73 B 34ms
34ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/45954939/1?page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A1%3Adp%3A1%3Als%3A1611537769251%3Ahid%3A390170396%3Az%3A0%3Ai%3A20211207120944%3Aet%3A1638878985%3Ac%3A1%3Arn%3A962418009%3Arqn%3A2%3Au%3A1638878984639333379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1638878983286%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1193%2C1193%2C5%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1193%2C1193%2C5%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638878985&t=gdpr(14)aw(1)lt(10700)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
last-modified: Tue, 07-Dec-2021 12:09:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:44 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7030
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=theins.ru&sn=ChromeSyncframe&so=0&topUrl=theins.ru&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=iOhN4HxKdGRDeFo2YTh2Z2Z5cWx5MGs0cXo4Z3BYWkxteWY0S0kxZUI2SHRaVGJvcnJST0NRb1c1bWMxWVMxakFuTkVjNkpaeFo3OHRtL3ZVWlZWSCtDRFJqVXB5RUUzbDFaZnh2bkY4aW1CQkxrRE84enFJaE9Ldk9PbF...

417 B
619 B

58ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=iOhN4HxKdGRDeFo2YTh2Z2Z5cWx5MGs0cXo4Z3BYWkxteWY0S0kxZUI2SHRaVGJvcnJST0NRb1c1bWMxWVMxakFuTkVjNkpaeFo3OHRtL3ZVWlZWSCtDRFJqVXB5RUUzbDFaZnh2bkY4aW1CQkxrRE84enFJaE9Ldk9PbFRTRmc4SVZPeGthb1h1WUZ2SnRyZFlLblZQc1hwWWxXbGl4endZeUdyc0NWL3VBaVVPWW15QmhLTHNqWU5aa01hem5WaVhrdEVjeVpRYmRlenhVZ2NHbUZHdk9rL1BKdDRMRHlwQy9yTnc1dW9HUXJaUDBBcHQ1VkRjYzMxVkJ3cmpsL1ROdWlVN2pKSUUrVUU0c3ZNYjdqZGY5b1kyUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8a1fda95c418902fba3c9a6a2220a102886f0f97322916a8eef38776bf5f2333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 07 Dec 2021 12:09:44 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4905
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 07 Dec 2021 12:09:43 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=iOhN4HxKdGRDeFo2YTh2Z2Z5cWx5MGs0cXo4Z3BYWkxteWY0S0kxZUI2SHRaVGJvcnJST0NRb1c1bWMxWVMxakFuTkVjNkpaeFo3OHRtL3ZVWlZWSCtDRFJqVXB5RUUzbDFaZnh2bkY4aW1CQkxrRE84enFJaE9Ldk9PbFRTRmc4SVZPeGthb1h1WUZ2SnRyZFlLblZQc1hwWWxXbGl4endZeUdyc0NWL3VBaVVPWW15QmhLTHNqWU5aa01hem5WaVhrdEVjeVpRYmRlenhVZ2NHbUZHdk9rL1BKdDRMRHlwQy9yTnc1dW9HUXJaUDBBcHQ1VkRjYzMxVkJ3cmpsL1ROdWlVN2pKSUUrVUU0c3ZNYjdqZGY5b1kyUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1848
content-length: 541
expires: 0

GET
H2 200 12_news_eng000.ts Show response
cdn.viadata.store/media/ 242 KB
242 KB 88ms
88ms XHR
video/mp2t 23.111.115.172
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/media/12_news_eng000.ts
Requested by: Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: a75fe9acfb784bda910aec728288489aed0d6afcd101c109af4d9726e32da7a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
last-modified: Fri, 26 Feb 2021 14:46:45 GMT
server: nginx
etag: "603909d5-3c670"
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp2t
access-control-allow-origin: *
access-control-allow-credentials: true
x-continent: EU
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 247408

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 145ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:09:44 GMT

GET
BLOB 200
OK b77bf9d1-0cbe-4668-93cf-33168101fce2
https://theins.ru/ 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://theins.ru/b77bf9d1-0cbe-4668-93cf-33168101fce2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 62028
Content-Type: text/javascript

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame 368D 27 B
690 B 162ms
71ms XHR
text/xml 80.64.106.152
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&request_id=1026968878984634&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.152 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr7.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:44 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin: https://theins.ru
Rutarget-SameSite-Cookie: true
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H/1.1 200
OK rle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 368D 5 KB
6 KB 172ms
57ms XHR
text/xml 195.209.108.48
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=223429&bn=1&bt=61&pz=0&w=736&h=414&vp=3&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=8878984636&tail256=https%3A%2F%2Ftheins.ru%2F
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 60eda5c5fe2cc97aa7c143c138faaad627b595bf1465d07a2879b215e05813e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:44 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://theins.ru
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
rtb-msk-2.viadata.store/vast/ Frame 368D 71 B
418 B 152ms
52ms XHR
application/xml 23.111.115.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb-msk-2.viadata.store/vast/cs?zone=102696&w=736&h=414&site=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&vp=2&cbb=8878984636

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
age: 0
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://theins.ru
cache-control: no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type, Accept

GET
H/1.1 200
OK rle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 368D 5 KB
6 KB 197ms
62ms XHR
text/xml 195.209.108.48
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222694&bn=1&bt=61&pz=0&w=400&h=220&vp=3&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=8878984636
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 11f7e167b0b3b86b9e41c3f16a2c28db888d7320354f1278af1a80b7ec11eb25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:44 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://theins.ru
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK v0 Show response
vtg1.rktch.com/ Frame 368D 2 KB
2 KB 142ms
45ms XHR
text/xml 176.99.5.169
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&siteid=102696&cbb=8878984637
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41257.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: dbf4b3740132345240bb9d1973775fb945be7909e52181c269032c94f4cdd0c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:44 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://theins.ru
Access-Control-Max-Age: 0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, x-ad4-*

GET
H/1.1 200
OK bid.php Show response
n.dyntrk.com/ Frame 368D 21 B
215 B 45ms
8ms XHR
text/xml 135.125.160.77
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://n.dyntrk.com/bid.php?bsrc=d5ad5bs9ht&cpu=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&uint=2&ist=1&cdid=DYN-OPM-0389&plw=736&plh=414&addu=60&pubid=102696&uifa=f39360e1-f052-49c2-ab52-bf1be8579a20&ad_ct=application%2Fjavascript%2Cvideo%2Fmp4&gdpr=0&gdpr_consent=&cbb=8878984637
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.160.77 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3195934.ip-135-125-160.eu
Software: proxy /
Resource Hash: e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://theins.ru
pragma: no-cache
access-control-allow-credentials: true
server: proxy
x-rc: 25
content-length: 21
content-type: text/xml

GET
H2

204

viads-vast Show response
adx.com.ru/ Frame 368D
Redirect Chain

https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&cbb=8878984637
https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rolltype=content-roll&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&vpaid=false

0
203 B

12ms
12ms

XHR
text/plain

188.34.131.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.com.ru/viads-vast?confirm=1&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rolltype=content-roll&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&vpaid=false
Protocol: H2
Server: 188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.134.131.34.188.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://theins.ru
date: Tue, 07 Dec 2021 12:09:44 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
p3p: CP="adx.com.ru does not have a P3P policy"

Redirect headers

date: Tue, 07 Dec 2021 12:09:44 GMT
server: nginx/1.20.1
access-control-allow-origin: https://theins.ru
p3p: CP="adx.com.ru does not have a P3P policy"
location: /viads-vast?confirm=1&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rolltype=content-roll&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&vpaid=false
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
content-length: 243

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7205/i/ Frame 368D
Redirect Chain

https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=f39360e1-f052-49c2-ab52-bf1be8579a20&i=1638878984
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=f39360e1-f052-49c2-ab52-bf1be8579a20&i=1638878984

49 B
602 B

54ms
54ms

Image
image/gif

185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=f39360e1-f052-49c2-ab52-bf1be8579a20&i=1638878984

Protocol

HTTP/1.1

Server

185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 4
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Tue, 07 Dec 2021 12:09:44 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=f39360e1-f052-49c2-ab52-bf1be8579a20&i=1638878984
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2 200 cookie
cm.adform.net/ Frame 368D 43 B
106 B 85ms
23ms Image
image/gif 37.157.6.245
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D30%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 368D
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=273596&uid=f39360e1-f052-49c2-ab52-bf1be8579a20
https://sync.search.spotxchange.com/partner?adv_id=273596&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&__user_check__=1&sync_id=90a7e91b-5756-11ec-843d-1ab52fe70506

43 B
548 B

25ms
25ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=273596&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&__user_check__=1&sync_id=90a7e91b-5756-11ec-843d-1ab52fe70506
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 39
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 07 Dec 2021 12:09:44 GMT
Server: nginx
Location: /partner?adv_id=273596&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&__user_check__=1&sync_id=90a7e91b-5756-11ec-843d-1ab52fe70506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 63
Connection: keep-alive
Content-Length: 0

GET
H2 200 dsp
logs.viadata.store/event/ Frame 368D 43 B
296 B 43ms
43ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102696&event=rtb&event2=request&cb=1638878984638&tids=3459,3456,3457,3458,7593,3439,3460,3461,8427,3462,7369

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 12:09:44 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1D6A 13 KB
5 KB 84ms
37ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 07 Dec 2021 11:06:00 GMT
expires: Wed, 07 Dec 2022 11:06:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0604 783 B
535 B 100ms
50ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4f1569d418fccfd6809707f53befd2343c3f2c32c92429af2f1e61cd06e345a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s3v1nvorUQjMz0Quw/AkDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 Dec 2021 12:09:44 GMT
date: Tue, 07 Dec 2021 12:09:44 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-s3v1nvorUQjMz0Quw/AkDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pl14906 Show response
ssp.bidvol.com/vast/ Frame 368D 49 B
501 B 72ms
71ms XHR
text/xml 65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/vast/pl14906?page=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&domain=theins.ru
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:44 GMT
server: nginx/1.14.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://theins.ru
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 49
x-request-id: b5ec2193-960f-4b4a-9d3e-c6ebb3569439
expires: 0

GET
H/1.1 200
OK v0 Show response
vtg1.rktch.com/ Frame 368D 2 KB
3 KB 56ms
56ms XHR
text/xml 176.99.5.169
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&bb=87&siteid=102696&att=1&ma=6
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41257.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: 7de9af56181ba280b16b9c09f179b4921644025d372d2cd1d9d4e053f8b8158b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:44 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://theins.ru
Access-Control-Max-Age: 0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, x-ad4-*

GET
H2 200 12_news_eng001.ts Show response
cdn.viadata.store/media/ 411 KB
411 KB 43ms
43ms XHR
video/mp2t 23.111.115.172
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viadata.store/media/12_news_eng001.ts
Requested by: Host: cdn.viadata.store
URL: https://cdn.viadata.store/static/js/hls.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.115.172 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: b2501d83e7a70f991d54ba2762dc364f54f6e081055b24f688c4e90e3fbc6590

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
last-modified: Fri, 26 Feb 2021 14:46:51 GMT
server: nginx
etag: "603909db-66acc"
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp2t
access-control-allow-origin: *
access-control-allow-credentials: true
x-continent: EU
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 420556

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D6A 35 KB
13 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:16:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0604 0
0 80ms
80ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211201&jk=1473418670312608&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 368D 12 KB
3 KB 159ms
78ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Natimatica/M27_062_Natimatica_gam_1&description_url=https%3A%2F%2Fnatimatica.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1638878984804

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0319d71d8bed0d33559b4158f5beabaad9ae85678f792423d476f8c6d39786fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2140
x-xss-protection: 0
google-lineitem-id: 5842551503
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138372950695
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://theins.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK v0 Show response
vtg1.rktch.com/ Frame 368D 21 B
420 B 57ms
57ms XHR
text/xml 176.99.5.169
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&bb=65,87&siteid=102696&att=2&ma=6
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41257.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: 64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:44 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://theins.ru
Access-Control-Max-Age: 0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, x-ad4-*

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 32AB 79 KB
27 KB 142ms
45ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98853c314da19dd937694bcabe140f6549fe2bd27e641bcfbb534a9c804ff487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 854 of 1000 / last-modified: 1638832296"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27070
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 12:09:45 GMT

GET
H2 204 event
ads.adfox.ru/260971/ 0
230 B 172ms
71ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/260971/event?pm=bmo&hash=a53cbe0ade2f4a66&duid=1638878984639333379&pxo=X0mm9TDjWjelVYSJEBIubTfEsl8U_Tz3lnL4h82xGgvfFrG1SXhWFrHJ9_HbvHELdVEOGkc4-03P0kHjpOf4AZvX7IYim43oZ3jKzmLHd_CnRq_t9KYwwLUgbXjYGyMKT3eEXOPIkF-mtX12hUvTJszNAoJM9991RfmdsQKJXm12PPjk&p5=iuewa&rand=bihwvuo&sj=6PhTvi2UwTgyGf6R5iDXS4FrQqzOwUJb7SAnnfLZBvLzCL652x6lPr4ALfKG&ad-session-id=566871638878984540&lts=fhyjhfc&ytt=69269237008405&ybv=0.50302&ylv=0.50302&dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pr=cvphjxy&p1=cpewf&rqs=CDcpeipfIAkIT69hwtd4NA1w4tnJGRPz&rtb-si=b&p2=gxmq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 12:09:45 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 vpaid Show response
ads.betweendigital.com/ Frame 368D 989 B
1 KB 98ms
98ms XHR
text/xml 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/vpaid?s=4048930&maxd=90&mind=1
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: a4a785aa484329b4182ebddb1803903e4dd7c7dc8904fbe96cee26edd5918b30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://theins.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 989
content-type: text/xml

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 81ms
81ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211201&jk=1473418670312608&bg=!GBulG1_NAAaQHwIOkB87ACkAdvg8WnCihepzepIILg9V7yOd0s9mrTqJCrPplxZ9bivFG1j65OuFygIAAAB8UgAAAAhoAQcKAJhh0esBqZG3krRZ3pO0Ah9PQsCZBji2EvanCII5_MGHztiomz1HYoDBNg-rKSExRdGVV6uZev3jsJIpWUVZmdDMq_LtY6ZtoXcjbPJ_2JEvNH_X4-hmSDWmGa37o-GFdMjDG6jlhj58SZhscYMryRcorqrRHlbymAXVGaPTLyqRQINMpNHa1ZmTsg1Vr2MOAAskmH0RMV2xypkCn1syWXShj_2mPuDRr-Bp6uoEouZYljBsCva1B4cLFyWt6jdWjNuwXeo61Atsf-dG37kVSALAOGjBBHW4HSiCXmYum6exuwSiyxphqGi6dSJm-wd-A1584jG87uCysSf3BeT5iesNoQy_KT11QI_sGXcbMrKQ0kuCB8odhskzzZ5ut6dEsHydUEgu1nzRoExuqjgUhQ-2xmrTn5aOVRJfiyirtReXi888-R0m7hLrkLk8Fp6QhA4R_tzz1iUmgrQJhwuLfrX34XYYIYH5ZcBdgauZ1eO7otWiNJufre4JOcruLyvf5TYtAIXhPPPlfKrusVL-gwxZxjczyCxKTQxLDfDsfQRFcvn6WaWBGsHf6PeO0aP7YqzKNgl3CjU9GYSNo8nMWFacFOAmXL15GGyOcOlJeARC94-NArrDcW24Qo0ImlHj1j0nPn7Qgs9DjOhWc16OZ8Odyy7I447lwCjRMKu6bs8AvbOS_AGL8_LRLiwqgCDBLkGGBMXodBmRhNQl615R6nzExNw8IRv0xIt0EunaXTWm94fjvvrTxeC3Me0MM7xWppHBXfHBXm-cvUmKsYFvQylbBz0ZHbltg0189_e8LHrIWTHzoiHvEW4nEwEzvgJtgT-LbaK3DfnYlsCbGlxu6iVXjClpgUd2wJNUibKgljDCE6lsueEnxOCjaPQXPyEEHBWwgXEdjVdvtXXaAZX3651yVIdd-JbuecNj-jZXGfUPi7EovDTwX4BWSrN9KsHBVEeYoTZPcAZSP0dZIPDroH6mfEFBQtmQiejKegCNfaNbXIzYTHwnlh4_PQyV9uKMa8J_eOxmS1xo5H8ddZD_tWs8nXZ6v93_i6yThNVn7tNRfrwnpuBdKxcgpPZGMgQos8RWVo_XRHmePVVv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 32AB 347 KB
117 KB 47ms
47ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 12:09:45 GMT

GET
H2 200 vpaid_client2.js Show response
cache.betweendigital.com/ Frame 278D 74 KB
20 KB 259ms
17ms Script
application/javascript 151.236.71.19
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/vpaid_client2.js
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: f3fcd4d519126562473c51b6889e9e323daec962753c833119c209529a9a7fc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:45 GMT
cache-control: public, max-age=900, immutable
last-modified: Mon, 22 Nov 2021 10:34:08 GMT
server: nginx
content-encoding: gzip
etag: W/"619b7220-12675"
content-type: application/javascript

GET
H2 200 context.js Show response
an.yandex.ru/system/ 302 KB
81 KB 123ms
59ms Script
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ef6c0631b5562969d860d515a3ddaf6f4d189e2314ecfe38071f3296b4274437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1638878985266145-1164168089940674142700394-production-app-host-vla-pcode-39
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 07 Dec 2021 13:09:45 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6336 374 KB
124 KB 135ms
51ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126291
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:09:45 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 32AB 18 KB
10 KB 586ms
537ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2598394465633279&correlator=4049493182421755&output=ldjh&impl=fifs&eid=31060438%2C31063899&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=21789626543%2Ctheins.ru_desk_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=keys%3D8&cookie=ID%3D105ab5ed5e860c6e-2213af0546cc0044%3AT%3D1638878984%3ART%3D1638878984%3AS%3DALNI_MaYqGQu4m9-o_vhYiO1a_kT-M0IJw&cdm=theins.ru&bc=31&abxe=1&lmt=1638878985&dt=1638878985271&dlt=1638878984894&idt=365&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=20&adys=968&adks=4175249508&ucis=4p1ezepmuq17&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&top=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=798049225.1638878984&ga_sid=1638878985&ga_hid=1008871380&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

daeba59bff811af8a3ea861617a4811bb82489e260e4ac62a4df0aa67a4057d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9954
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://theins.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 32AB 11 KB
8 KB 50ms
50ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3e94d7543e46901c826a8841ea94c787b922a7449783c07c2ed973243c32ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8554
x-xss-protection: 0

GET
H2 200 container.html Show response
e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2CB8 6 KB
4 KB 148ms
47ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 12:09:45 GMT
expires: Wed, 07 Dec 2022 12:09:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 32AB 17 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 07 Dec 2021 12:09:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D634 13 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 07 Dec 2021 11:06:00 GMT
expires: Wed, 07 Dec 2022 11:06:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2164 783 B
534 B 51ms
51ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e4bfd9bf00eb5891b76c2a43b0900f0114a7d0cd68e72369bff74e756eb87c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AmQayKYl+NaZEbH9wdQJQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 Dec 2021 12:09:45 GMT
date: Tue, 07 Dec 2021 12:09:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AmQayKYl+NaZEbH9wdQJQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 700037 Show response
yandex.ru/ads/meta/ 3 KB
3 KB 162ms
162ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/700037?target-ref=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&pcode-test-ids=464259%2C0%2C26%3B465546%2C0%2C89%3B462894%2C0%2C54%3B452125%2C0%2C21%3B457259%2C0%2C45%3B462727%2C0%2C75%3B461569%2C0%2C54%3B462997%2C0%2C61%3B462337%2C0%2C97%3B463996%2C0%2C19%3B468566%2C0%2C72%3B464405%2C0%2C9%3B457999%2C0%2C9%3B451371%2C0%2C29%3B456345%2C0%2C95%3B467680%2C0%2C18%3B464139%2C0%2C-1%3B464262%2C0%2C-1%3B437233%2C0%2C-1%3B465609%2C0%2C-1%3B460914%2C0%2C23&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22467288%22%2C%22testId%22%3A%22469270%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22RETURN_RR_ACTIVE_TEST_IDS%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22465091%22%7D%5D%2C%22DISABLE_ETAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468484%22%7D%5D%2C%22ENABLE_ELEMENT_FROM_POINT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22464259%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22465546%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22EXP%22%2C%22testId%22%3A%22462894%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457259%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461569%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461569%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461569%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461569%22%7D%5D%2C%22TWO_SIDE_SOLID_BG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462997%22%7D%5D%2C%22SMART_BANNER_VERSION%22%3A%5B%7B%22value%22%3A%22smart-banner-adaptive_v1%22%2C%22testId%22%3A%22462337%22%7D%5D%2C%22HORIZONTAL_SD_NO_BUTTON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463996%22%7D%5D%2C%22LEADERBOARD_HORIZONTAL_SD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463996%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468566%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468566%22%7D%5D%2C%22ADAPTIVE_SQUARE_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22464405%22%7D%5D%2C%22ADAPTIVE_ROUND_BUTTON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22464405%22%7D%5D%2C%22POSTER_DISABLE_BUTTON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22464405%22%7D%5D%2C%22ENABLE_SSR_ADFOX_WIDGET%22%3A%5B%7B%22value%22%3A%22ctrl%22%2C%22testId%22%3A%22457999%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22KEBAB_CLICKABLE_AREA%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22456345%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2250267%22%2C%22testId%22%3A%22467680%22%7D%5D%2C%22SMART_QUEUE%22%3A%5B%7B%22value%22%3A%22queue_full%22%2C%22testId%22%3A%22464139%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22464262%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%2C%22REMOVE_DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22465609%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=6wkgMUOnMCGmDdPae6nASyOn17tsL8RiAkJuSRLydEXhtH5Ts81tkKTPb5NgbsDTyrfIulnb%2F0OcZA6Q%2FTZr%2BJzxYJA%3D&duid=MTYzODg3ODk4NDYzOTMzMzM3OQ%3D%3D&imp-id=2&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=69320772157442&ad-session-id=566871638878984540&target-id=20188714&tga-with-creatives=1&pcode-version=50302&pcodever=50302&flash-ver=0&available-width=736&available-height=414&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A736%2C%22h%22%3A414%2C%22width%22%3A736%2C%22height%22%3A414%2C%22visible%22%3A0%2C%22left%22%3A385%2C%22top%22%3A2283%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=560&grab=dNCh0KjQkCDQuCDQldChINC80L7Qs9GD0YIg0L7Qs9GA0LDQvdC40YfQuNGC0Ywg0LLQvtC30LzQvtC20L3QvtGB0YLQuCDQoNC-0YHRgdC40Lgg0L_QviDQvtCx0LzQtdC90YMg0LLQsNC70Y7RgiDQsiDRgdC70YPRh9Cw0LUg0L3QsNC_0LDQtNC10L3QuNGPINC90LAg0KPQutGA0LDQuNC90YMg4oCUIEJsb29tYmVyZwox0KHQqNCQINC4INCV0KEg0LzQvtCz0YPRgiDQvtCz0YDQsNC90LjRh9C40YLRjCDQstC-0LfQvNC-0LbQvdC-0YHRgtC4INCg0L7RgdGB0LjQuCDQv9C-INC-0LHQvNC10L3RgyDQstCw0LvRjtGCINCyINGB0LvRg9GH0LDQtSDQvdCw0L_QsNC00LXQvdC40Y8g0L3QsCDQo9C60YDQsNC40L3RgyDigJQgQmxvb21iZXJnIAoy0J3QsNC8INC-0YfQtdC90Ywg0L3Rg9C20L3QsCDQstCw0YjQsCDQv9C-0LzQvtGJ0YwgCg%3D%3D&uniformat=true&callback=Ya%5B8350851555804%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

804473b9434e24b6535d04f9cbcffa112039a85f756dd9340b4d21f131033115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1638878985452449-13289091912890938838-man1-2695-602-man-l7-balancer-8080-BAL-5931
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Tue, 07 Dec 2021 12:09:45 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 07 Dec 2021 12:09:45 GMT

GET
H2

200

sspmatch-iframe Show response
ads.betweendigital.com/ Frame 5063
Redirect Chain

https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930
https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1

657 B
749 B

98ms
98ms

Document
text/html

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/vpaid_client2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: aca5f4a4ff7b7fccca3e6c69efb1cf762e53d0b5a5e6259a57463d973b0de18d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 657

Redirect headers

location: /sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

adv Show response
ads.betweendigital.com/ Frame 278D
Redirect Chain

https://ads.betweendigital.com/adv?s=4048930&vcs=3ef42844-5f5b-674d-911a-dd3628cf4694&maxd=90&mind=1&w=0&h=0&clientAuction=5&jst=vvc&tld=dGhlaW5zLnJ1&dh=v1_0001000000001&pos=atf&rsize=736x414&jsp=u...
https://ads.betweendigital.com/adv?s=4048930&vcs=3ef42844-5f5b-674d-911a-dd3628cf4694&maxd=90&mind=1&w=0&h=0&clientAuction=5&jst=vvc&tld=dGhlaW5zLnJ1&dh=v1_0001000000001&pos=atf&rsize=736x414&jsp=u...

75 B
283 B

101ms
101ms

XHR
text/xml

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adv?s=4048930&vcs=3ef42844-5f5b-674d-911a-dd3628cf4694&maxd=90&mind=1&w=0&h=0&clientAuction=5&jst=vvc&tld=dGhlaW5zLnJ1&dh=v1_0001000000001&pos=atf&rsize=736x414&jsp=utbo%3D-00%3A00&crf=1
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 23213e38d64fe2c90977bebe7271f9f34bcec1c2e793664037e37a0c5b2bb8f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://theins.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: text/xml; charset=UTF-8

Redirect headers

location: /adv?s=4048930&vcs=3ef42844-5f5b-674d-911a-dd3628cf4694&maxd=90&mind=1&w=0&h=0&clientAuction=5&jst=vvc&tld=dGhlaW5zLnJ1&dh=v1_0001000000001&pos=atf&rsize=736x414&jsp=utbo%3D-00%3A00&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://theins.ru
content-length: 0

GET
H2

200

97707413
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-vid-2/ Frame 278D
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-vid-2/97707413
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-vid-2/97707413

43 B
297 B

46ms
46ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-vid-2/97707413
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.14/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.14/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
server: ms-counter-3.2.14/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-vid-2/97707413
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 bridge3.490.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5861 595 KB
193 KB 87ms
39ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 197951
date: Fri, 03 Dec 2021 15:45:53 GMT
expires: Sat, 03 Dec 2022 15:45:53 GMT
last-modified: Tue, 30 Nov 2021 18:00:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 332632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6336 44 KB
17 KB 131ms
46ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 12:09:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6336 107 B
122 B 95ms
48ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theins.ru

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EACF 37 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:45:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2164 0
0 88ms
88ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120201&jk=2598394465633279&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame D634 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:16:26 GMT

GET
H2 200 700037 Show response
mc.yandex.com/watch/ 312 B
449 B 32ms
32ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/700037?wmode=7&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A2%3Adp%3A1%3Als%3A929176126869%3Ahid%3A390170396%3Az%3A0%3Ai%3A20211207120945%3Aet%3A1638878986%3Ac%3A1%3Arn%3A635691157%3Au%3A1638878984639333379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1638878983286%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638878986%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr(14)aw(1)lt(10700)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a5a48edbedb82854e025408b8e0aa97a9ac9c7a4902669d27d4c6317474dc0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 07-Dec-2021 12:09:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 312
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:45 GMT

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
262 B 97ms
34ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 700037 Show response
yandex.ru/ads/meta/ 3 KB
3 KB 187ms
187ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/700037?target-ref=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&pcode-test-ids=464259%2C0%2C26%3B465546%2C0%2C89%3B462894%2C0%2C54%3B452125%2C0%2C21%3B457259%2C0%2C45%3B462727%2C0%2C75%3B461569%2C0%2C54%3B462997%2C0%2C61%3B462337%2C0%2C97%3B463996%2C0%2C19%3B468566%2C0%2C72%3B464405%2C0%2C9%3B457999%2C0%2C9%3B451371%2C0%2C29%3B456345%2C0%2C95%3B467680%2C0%2C18%3B464139%2C0%2C-1%3B464262%2C0%2C-1%3B437233%2C0%2C-1%3B465609%2C0%2C-1%3B460914%2C0%2C23&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22467288%22%2C%22testId%22%3A%22469270%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22RETURN_RR_ACTIVE_TEST_IDS%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22465091%22%7D%5D%2C%22DISABLE_ETAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468484%22%7D%5D%2C%22ENABLE_ELEMENT_FROM_POINT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22464259%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22465546%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22EXP%22%2C%22testId%22%3A%22462894%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457259%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22COMBO_INPAGE_HEADER_HIDDEN_TILL_START%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461569%22%7D%5D%2C%22COMBO_INPAGE_CONTINUE_PLAY%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22461569%22%7D%5D%2C%22COMBO_WIDGET_SSR_REHYDRATION_ENABLED%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22461569%22%7D%5D%2C%22ADFOX_COMBO_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461569%22%7D%5D%2C%22TWO_SIDE_SOLID_BG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462997%22%7D%5D%2C%22SMART_BANNER_VERSION%22%3A%5B%7B%22value%22%3A%22smart-banner-adaptive_v1%22%2C%22testId%22%3A%22462337%22%7D%5D%2C%22HORIZONTAL_SD_NO_BUTTON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463996%22%7D%5D%2C%22LEADERBOARD_HORIZONTAL_SD%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22463996%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468566%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468566%22%7D%5D%2C%22ADAPTIVE_SQUARE_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22464405%22%7D%5D%2C%22ADAPTIVE_ROUND_BUTTON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22464405%22%7D%5D%2C%22POSTER_DISABLE_BUTTON%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22464405%22%7D%5D%2C%22ENABLE_SSR_ADFOX_WIDGET%22%3A%5B%7B%22value%22%3A%22ctrl%22%2C%22testId%22%3A%22457999%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22KEBAB_CLICKABLE_AREA%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22456345%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2250267%22%2C%22testId%22%3A%22467680%22%7D%5D%2C%22SMART_QUEUE%22%3A%5B%7B%22value%22%3A%22queue_full%22%2C%22testId%22%3A%22464139%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22464262%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%2C%22REMOVE_DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22465609%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=6wkgMUOnMCGmDdPae6nASyOn17tsL8RiAkJuSRLydEXhtH5Ts81tkKTPb5NgbsDTyrfIulnb%2F0OcZA6Q%2FTZr%2BJzxYJA%3D&duid=MTYzODg3ODk4NDYzOTMzMzM3OQ%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=69320772157442&ad-session-id=566871638878984540&target-id=99946077&tga-with-creatives=1&pcode-version=50302&pcodever=50302&flash-ver=0&available-width=736&available-height=414&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A736%2C%22h%22%3A414%2C%22width%22%3A736%2C%22height%22%3A414%2C%22visible%22%3A0%2C%22left%22%3A385%2C%22top%22%3A2283%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&grab-orig-len=560&grab=dNCh0KjQkCDQuCDQldChINC80L7Qs9GD0YIg0L7Qs9GA0LDQvdC40YfQuNGC0Ywg0LLQvtC30LzQvtC20L3QvtGB0YLQuCDQoNC-0YHRgdC40Lgg0L_QviDQvtCx0LzQtdC90YMg0LLQsNC70Y7RgiDQsiDRgdC70YPRh9Cw0LUg0L3QsNC_0LDQtNC10L3QuNGPINC90LAg0KPQutGA0LDQuNC90YMg4oCUIEJsb29tYmVyZwox0KHQqNCQINC4INCV0KEg0LzQvtCz0YPRgiDQvtCz0YDQsNC90LjRh9C40YLRjCDQstC-0LfQvNC-0LbQvdC-0YHRgtC4INCg0L7RgdGB0LjQuCDQv9C-INC-0LHQvNC10L3RgyDQstCw0LvRjtGCINCyINGB0LvRg9GH0LDQtSDQvdCw0L_QsNC00LXQvdC40Y8g0L3QsCDQo9C60YDQsNC40L3RgyDigJQgQmxvb21iZXJnIAoy0J3QsNC8INC-0YfQtdC90Ywg0L3Rg9C20L3QsCDQstCw0YjQsCDQv9C-0LzQvtGJ0YwgCg%3D%3D&uniformat=true&callback=Ya%5B2555554441827%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

82fe21d6994a6536926c852c7b0b0fdac534e4902333d7472507b462acf03a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1638878985635875-4638496647002215942-man1-2695-602-man-l7-balancer-8080-BAL-7912
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Tue, 07 Dec 2021 12:09:45 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 07 Dec 2021 12:09:45 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/700037/ 43 B
85 B 40ms
40ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/700037/1?page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A478%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A2%3Adp%3A1%3Als%3A929176126869%3Ahid%3A390170396%3Az%3A0%3Ai%3A20211207120945%3Aet%3A1638878986%3Ac%3A1%3Arn%3A400882246%3Arqn%3A1%3Au%3A1638878984639333379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1638878983286%3Ads%3A9%2C23%2C332%2C7%2C0%2C0%2C%2C101%2C0%2C1193%2C1193%2C5%2C687%3Adsn%3A9%2C23%2C332%2C7%2C0%2C0%2C%2C97%2C0%2C1193%2C1193%2C5%2C687%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638878986&t=gdpr(14)aw(1)lt(10700)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
last-modified: Tue, 07-Dec-2021 12:09:45 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:45 GMT

GET
H2 200 700037 Show response
mc.yandex.com/watch/ 43 B
73 B 43ms
43ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/700037?page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A2%3Adp%3A1%3Als%3A929176126869%3Ahid%3A390170396%3Az%3A0%3Ai%3A20211207120945%3Aet%3A1638878986%3Ac%3A1%3Arn%3A652183288%3Arqn%3A2%3Au%3A1638878984639333379%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1638878983286%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638878986%3At%3A%D0%A1%D0%A8%D0%90%20%D0%B8%20%D0%95%D0%A1%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%BE%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%87%D0%B8%D1%82%D1%8C%20%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%BF%D0%BE%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D1%83%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%20%D0%B2%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B5%20%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%83%20%E2%80%94%20Bloomberg&t=gdpr(14)aw(1)lt(10700)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
last-modified: Tue, 07-Dec-2021 12:09:45 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:45 GMT

GET
H3 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 368D 42 B
64 B 57ms
56ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=BHKFXCE-vYeTcOr6V7_UPvaaLkArV3v-NRgAAABABINHt2j44AVin1a69gwRgleKQgqAHsgEJdGhlaW5zLnJ1ugELNjQweDQ4MF94bWzIAQXaARJodHRwczovL3RoZWlucy5ydS-pAjcS1fwr_kw-wAIC4AIA6gIuLzMxMjExODc3Ny9OYXRpbWF0aWNhL00yN18wNjJfTmF0aW1hdGljYV9nYW1fMfgCgtIekAOMBpgDhAeoAwHQBJBO4AQB0gUGEM-F-eEVkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHC9IICQiA4YAQEAEYHdgIAoAKBZgLAYAMAdAVAYAXAQ&sigh=w8VjdzAHok4&label=videoplayfailed901

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 5063
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%...
https://x.bidswitch.net/sync?dsp_id=354&user_id=122f2b7b07fb48cab28f6de1e3c47236&ssp=between&bsw_param=05a037b5-d435-46e3-8b75-173660d2adf7&gdpr=&consent=&gdpr_pd=&expires=7
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a037b5-d435-46e3-8b75-173660d2adf7

68 B
607 B

95ms
94ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a037b5-d435-46e3-8b75-173660d2adf7
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=05a037b5-d435-46e3-8b75-173660d2adf7
Date: Tue, 07 Dec 2021 12:09:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 5063
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uLcHI3JTq6g3.AikABlF9lMy3rA

68 B
607 B

95ms
95ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uLcHI3JTq6g3.AikABlF9lMy3rA
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uLcHI3JTq6g3.AikABlF9lMy3rA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 5063
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=e73f83fb5aae5bbf721b3f1c

68 B
607 B

94ms
94ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=e73f83fb5aae5bbf721b3f1c
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 07 Dec 2021 12:09:45 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=e73f83fb5aae5bbf721b3f1c
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

match
ads.betweendigital.com/ Frame 5063
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=1151b3fc-f13c-5355-b291-40dcd33e0fd5
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiJnr2NBlIFvp7KygpiJDExNTFiM2ZjLWYxM2MtNTM1NS1iMjkxLTQwZGNkMzNlMGZkNQ**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiJnr2NBlIFvp7KygpiJDExNTFiM2ZjLWYxM2MtNTM1NS1iMjkxLTQwZGNkMzNlMGZkNaIBEJFGh_pXVhHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiJnr2NBmIkMTE1MWIzZmMtZjEzYy01MzU1LWIyOTEtNDBkY2QzM2UwZmQ1ogEQkUaH-ldWEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiJnr2NBmIkMTE1MWIzZmMtZjEzYy01MzU1LWIyOTEtNDBkY2QzM2UwZmQ1ogEQkUaH-ldWEeym6QAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=914687fa-5756-11ec-a6e9-002590c82437

68 B
607 B

99ms
99ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=914687fa-5756-11ec-a6e9-002590c82437
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 07 Dec 2021 12:09:45 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=914687fa-5756-11ec-a6e9-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame EA31 4 KB
1 KB 21ms
21ms Document
text/html 151.236.71.19
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=1151b3fc-f13c-5355-b291-40dcd33e0fd5&CACHEBUSTER=18455
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 12:09:45 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5861 156 B
142 B 303ms
303ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2Fca-video-pub-4090704406626496-tag%2Fviads.theins.ru&description_url=https%3A%2F%2Ftheins.ru%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1232781274820480&vpa=auto&vpmute=1&sdkv=h.3.490.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&adk=4248522539&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Ftheins.ru%2F63597392-27ea-4fb1-b2d2-196910f622cc&sid=9AFCAFE0-5A5D-44F1-B015-CDDD00543B48&nel=1&eid=40819805%2C44737475%2C44750603&top=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&dt=1638878985737&cookie=ID%3D105ab5ed5e860c6e-2213af0546cc0044%3AT%3D1638878984%3ART%3D1638878984%3AS%3DALNI_MaYqGQu4m9-o_vhYiO1a_kT-M0IJw&scor=2926147270295181&ged=ve4_td1_tt0_pd1_la1000_er2283.385.2436.685_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.490.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32AB 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120201&jk=2598394465633279&bg=!SkmlSQ3NAAaQHwIOkB87ACkAdvg8WoIznIjcwjGsgGYc0K6rUWurkyB17ehZzzPs_GGdqGp3v9_i7wIAAABsUgAAAEBoAQeZArSQDk7bosm4wjCUwRPIicRQZytBvniBvulATe329J4nE40A82mVJFdAekXuvKON97rs9wjBLugE0uze5c7NMtkk7t0FoNAxtDAnZTqWGKz02bXlSsjrHAFt1F8fSP0WwgQ32d2bl6QMlcuUd-7gAJH9ZqKzqqOO4mi3C5z9aAUkFhT6THfqhvvsbBIQ-H6t7dfiHPUeZkiCh1WHjowPA93NI0DeFZZopXKcXXh1hPFhCc_1kq2LhJOMUKciK-gXeEC74g-5Z5otUTQ_6imQwnYrkdIlwi0wsxuQXeYr7NvoJmRz-VVG8W_E-DcFRCOuEzO5_JJSOq9qOU9C1WWvv8n45-61CoTdIczl5WJ_QbAFS5YVd06HkwOKtfPQEqS1D5S9vaQGSLjbliT6zLc2C3dT5yFEbv4nnLciowWbhhhoRVIxJ8g12O1pXLRxknIfdxylbXY0dxdyKM-BZhfd2T23E4ZaeUHmZK_RGXhxm7eUwUDSVy1xtjS3U_0YaatStVJt2JB_uZN-gHyDAFwyEJZ6vLfRgkq2eABR-nsGht1_OnlJb4n2obubPV8um9LWxQ5OZuumbGzo0CzRaRu2n_U5JjszqDnuP9O3-dZIhag3LDIPTk3RlVWhDw6NygpdQ_YKwZjVDxJ1MsgmfkdNNOeAkHqJKIvv7g0jzn_pUrRV9gbaXOmWgLg-vWpcB3g9JnpD_i8qaEPdO9R-Ooqt4m3v8xN0VFfCZm2qgrrjItQjHtgEf0wb1qUUAmhAOMl8FqBHB-7lX3xstdGpXS-lQhAX4IgLktUg-eCci7PZqNY_NTUJbPJGaCIcqMX2kOabY6t1NprKEQ8l0T2eJhF7LSyi5Jm2BdiAKcqtgEC4e6HXhu1vUtaHpk865aPJAfAUZfpTJCpJskJPQUJcpCQIN7Zt4aXQUA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame EA31
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=d61b9af6-fd25-5355-a500-5761c4af1868&ssp=between&expires=30&user_group=1
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a037b5-d435-46e3-8b75-173660d2adf7

68 B
607 B

97ms
97ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=05a037b5-d435-46e3-8b75-173660d2adf7
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?randsalt=1521835591&s=4048930&crf=1
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=05a037b5-d435-46e3-8b75-173660d2adf7
Date: Tue, 07 Dec 2021 12:09:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 container.html Show response
e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 326E 6 KB
3 KB 89ms
41ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 12:09:45 GMT
expires: Wed, 07 Dec 2022 12:09:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/260971/ 0
18 B 70ms
70ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/260971/event?pm=bmu&hash=cfb59fd882dd1cca&duid=1638878984639333379&pxo=X0mm9TDjWjelVYSJEBIubTfEsl8U_Tz3lnL4h82xGgvfFrG1SXhWFrHJ9_HbvHELdVEOGkc4-03P0kHjpOf4AZvX7IYim43oZ3jKzmLHd_CnRq_t9KYwwLUgbXjYGyMKT3eEXOPIkF-mtX12hUvTJszNAoJM9991RfmdsQKJXm12PPjk&p5=iuewa&rand=cwailtc&sj=6PhTvi2UwTgyGf6R5iDXS4FrQqzOwUJb7SAnnfLZBvLzCL652x6lPr4ALfKG&ad-session-id=566871638878984540&lts=fhyjhfc&ytt=69269237008405&ybv=0.50302&ylv=0.50302&dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pr=cvphjxy&p1=cpewf&rqs=CDcpeipfIAkIT69hwtd4NA1w4tnJGRPz&rtb-si=b&p2=gxmq&resp-time=986

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 12:09:45 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1A57 624 B
297 B 51ms
50ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtrrpkQEwAQ&v=APEucNWo53NgtWRIdMl80n39ShqckhMv_X4IC88cC4ZOYT6CdVSm_pVeHa7XO1QW58eKu5_NSfDUv3_NfbOTN36F0u-g7lhnV3fy2f7czxIZ4-BQd9kBUXA4079aLffoSpLKzhNUJPKzWbFyu1eGGLN3NLDzERm4qxF9FFt4pCxL-nXhVhcWoUQ

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 07 Dec 2021 12:09:45 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 326E 72 KB
30 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZwLpNpqUCQzwGvS3wkS71JkCNOd_raJTw9TYKO8WAgqIMIbYTzPojFZbu8Xo-dYjQ1KKywLRoctNYH-ZQE4z_1QMiTfpX2EJU20kWibcPI5gogbdVcR-Bl18VtZI9Q9ZNLKp-1Ujxk6CV-C5fnpkHy71RIA&dbm_d=AKAmf-BmGZCgxV0jyy2LWEW1qZ-d1tpVYqxJBqboYUQKP9sRPO-cb8O2wRYfnZrYtmzFQ1-uRj8VMqwtDZHSk0_HqjxjY_xTBX8hpxIDobwpgsXLmN3TgLgmA25VC8J3UQzLQJU7tv0FSTqASpOQlw1wAYbGsCb38aKDA0RSked3n1lLW3mPjHLutCygYMwGMmKiud4pZzboqi2_yWJ8gvXKIwo8vmabnq0eyEeK_zNdfuk8gQCElNCSmtC9hAWpPu5XqyxdqD_wThVJR7S7lBU1EE6Qyif3r95M6WhU9f-s3REPz3nA9UcbtxkicI7ZRRwydU6ncR3GazFYGNAw_3grhYV0rlAPgpJvpzTpQ-CxmhPE8JxBLA-1FwJFY3WHranRHUk74Ots5k-q4J5Wu-v6rwatsmK4YSgUWfYtHXelJYNqK7PojeUjFVPi0wrTwq2CTg1BlRZ-YPhXMGfzLhsgz89eQtIN53mXwzaMHg4CxiS6XD8K6qc4KkAze903w5g6s5awZSR73t2hqpzowUmmNUBtGrVhnNTsoZBqJ8u6Gs54YJzAJtVLXoikyVFlbKDCi6Yq5ubKWVs0zoQ0AW9eow5XDFfrvrqM4kbB7NKENP4A3DvjTyaNuA-3ceY15u9IjSqFranePFmL7cqCK9kJrAMbhq6rYtmE7_ON9MmaGqv9zNx8U_huDbuBV7O596hwFudvL_5KjCb_Kdn_00Lg4i9hIYZISTsWoHWw4sVOcqztJqDvFJRhSJwdteWcHkIo7tu2bCi5mQhxPSIalVFeqtWaXX1pq5ZcfFQSgZ7cmhpGWHRWA6ggP5fqYj-zjvX140BIJfsHoX319MD6Iz0V4rLABKS5lv8lKiCLdMh_aloRkvK0hB9cmCBwCGAw_DAV7pDyxbsG_9Dovr6NmVaQ-NUiu-gWM-jx1q6tnGt2-e8EVAkesHlLGSGdKiHds-PtsymBz4cdxZqwCANqLv7UURx6VBlxh7yxgfqYA2t5ypraHeRj_5T_m0ewHf8ZZyyknF-XgFZUhmbcwCuQ73Imkt6nA-z5rFe7jDn7jXex8gtTHoufLSschbfwRRnUEYVmPrFvwxERebvk_VUoNIQADsf8wxycPdULfUCk5vWB6i_bB_VN9dsGadbXbZhX1sMn1My_jz_C1t-Wf5SdumHunCkdSSlatiqCvi2WuHUtca5XhRwYb0m8TbU3IVlw70TKSpaiYNdKQ7OpjBfj9GA3JKnRv3fWtOAUecad6sDxFkCBXECNcXh4myZ1upvb9qJXLzcMIDfbfROnSiCabftIHbg4bmc0_RpaDJs7orvHDf-RwqmCtAvk1e7D3OW8lHlvaC5GuG5evLqM0rs9smkHUk2nprCcDYiRRwGb9OexTcvF5Use-RK_5s1qwCVPhSc3OUBOyv6J93jnBgkeu4LV9aaZfqIvDYYqIg8t8MUaGUFBM5yRatmqC89F1ttOlh0ZzSRvtviU44SyMG150ncMXly7Dq3o5a-IP9Z5yu_HQqpQV7TxC7P04CftfjlVJfg3XJTycMhCy-XU7NdxZ_hOOCZmGtC5fI3Y-8aUTdaRGeftq8qwflQOml1Kgzdo6_liZSFQ8ppu-flweNUT7EZYcUL7a8ZB_-a238OFvl2OMSRaKkVd-KMaCYIxwpZsj4RfhJoJe6tNTtWOvmz4U20TqI9z6WaBUg1eqEPk-ijBafNAwEgwmDLQBmGpiD6252wPVipLwa-7C4RKmih4Sj3ACY8KzuArVYOwbjyIsnUq7dXY8QMzoqLzNmhSsa8GYdYK9Ttv96IknqmYajmJZCFkvslbPSKhSQz7IhLkyxncpxat4AfIZu3Dpp0bih08EmH4vbfa5HVxOyaKYBuD9niXSSS_4LDXhMFZpY7AoFnBzYnhdezsPUcBJTiZpd9LV_pM8_CI3GJ-4Uid-k2DvqGT82sd1eF9hzHFMjF5Jvwog1e_NJ94thbiY3u2HLesNuVUw__TOq5SKN-Pcv-3HwIZhvyETquDhOo2z_L7hBg7Lv7zfFsZ1SkxJmSCYnH_3WOXXOyq6NM6yaJ__FUUu9ZWL6TPZBPavxwi8fN5pEnC3fuxLeXyR_4Gu9aJ0GmopYDyknTfvJR76prjEDNuFp4zrWQXFbTyvS7yqDhGostmYTRn0Y3Ch-r61D4ZDK79egXCtZd3Qp-OsjoptHGOZ8MIIFy6DEC_wk5OfGd_r82BmfkR0szLypUiVMCJrPBZve9l9t_B6Uud9jKw7E9fD5uenf5mYclNylD1qHOVsmz-lPCh0R4MM28Hr-EAaMX-TLRSxC3tJePMhCHwqZYEj-PkdoMxZfFG6LmxnXkFse6CRSVDR7LeGi8dArHF8CPTROUMbVW3YQHBfoGJNvozKdNpLAlwJObC1btmjZmO2-0VfI2Vx5kkZ8BpU50ucjY1_ZaNfNerOT6Urk2YdLoJ47gffazb01p9F_y6xobLnjPFj7j9G5d_Q4M1QKDtx34wJfcovjGCfFhWAfSAjXogf6aIo74d6gEeMQOKBIPCaX_vw0TKdA_bNbJfrkKCZDJSK3WNjX18w06-RYJrMUurC1bgj6CxAZ258fkHb34-2ctubZFb30joXLj8t265Da_1v_kDo-JdQ9mEsoYBNkjqTuqVedh_2nbD-G0D0HYMYi4w5Sw7Sz-rdXwji7CKhEzvNJQ3FIc66tBUxqORCocWrSF04zKiYGxDnMGP13pnZBTKrZTLxqFtTr7m0-jDTlTT3Po0nWgBkrVgNALIO9HMzTSN3VxkD_CBoOgBCw1pnhY-uJti68NZb3i6kONK_2LiyM86V8J9uC4pmLdbrqpFh0RHJGHokwmXoypZm2uTsN964iweI8hc4T6zkhbpHSG4xFY5Y9Bi3Tqe6rf8vlFp3YcYK_utD9GmN-mpkuV2olMVdewhO1MQ-g7V4et6LUra1ZPxlOMPL0a4UbaKg1pg1MWraNOV16ddTOBG9gxHgwkuzpIY0eTDlQ1mG3pMyxf6ocZVPEY-OYGK1ozUpvlr2nbEdA2-N-mXJpaKsyJbwxdscJS7tfOo8Sl6DvP1TPq69I6tYoH21QxlelANZzurVuwtLoWO9lfxy7RiSCtu8cjLjVksd8OOlfqu44lOo-mtsaJII9zCBEr-P5BR8a8eHpGQp1WFzRu8SFo6VRP71VDerXkrZ3wBZgr7iU6m5_u2u1WobTOwYJIGPKIkJOYQJ0J0rCgGxtAM5lkWuN3lUIjk_5X5htOOnUY9n8hdoYPMWeD_CJX8R-HkgsXYrTFbQbI3Iy2DEvXb2yiQkHzoS93S9h7O8y238PqYBAcU0Zi5CR8g1QaeqNAa1Z0uWTHZ-C20O6odu4C-xaywBO1AE9XgPWOvfw3ucjA&cid=CAASEuRoALIjf_pGWXqIKZLdL2GVHw&rfl=2%2Chttps%253A%252F%252Ftheins.ru%242%2Chttps%253A%252F%252Ftheins.ru%252F%240

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f15862683d750a598e7e20e75cd9e39c12ad10c7aed79d12658c2e70b6a712c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30737
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 326E 42 B
63 B 79ms
78ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APHsQ2JYdAUk8PxDjurYvRz4tMEsQ3iIFklvZobLLbwtORXGEN-e5eB9BH4idKG7kTyYrtbk8EdlR9RuA5maFYhxScd5iRJDOtmjPSxmQc0Qv6W_8

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 326E 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 11:37:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 326E 119 KB
36 KB 101ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:09:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 326E 15 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6446
x-xss-protection: 0
server: cafe
etag: 5472324691301332805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 11:38:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 326E 0
0 47ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMYg8JqhK3CHn_6-uJ7pymsrS6sevdAn3OWwXf3k7J_lGrd7DcoJgetfDDjepOfYE9c5g1wPmkzyy3SG1iZ-OEdAV8IA
Requested by: Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame EA31
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=914687fa-5756-11ec-a6e9-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=914687fa-5756-11ec-a6e9-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=qK%2BHk4JD3JSEulWQCUSyiA&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=qK+Hk4JD3JSEulWQCUSyiA&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=qK+Hk4JD3JSEulWQCUSyiA&extra2=aidata&google_gid=CAESEDQV4SB0Jt2yHrmKK-usQYo&google_cver=1

43 B
516 B

40ms
6ms

Image
image/gif

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=qK+Hk4JD3JSEulWQCUSyiA&extra2=aidata&google_gid=CAESEDQV4SB0Jt2yHrmKK-usQYo&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:46 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=qK+Hk4JD3JSEulWQCUSyiA&extra2=aidata&google_gid=CAESEDQV4SB0Jt2yHrmKK-usQYo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A57
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8k1F7p0SwcOt-W5EHFwKg&google_cver=1

43 B
894 B

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8k1F7p0SwcOt-W5EHFwKg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtrrpkQEwAQ&v=APEucNWo53NgtWRIdMl80n39ShqckhMv_X4IC88cC4ZOYT6CdVSm_pVeHa7XO1QW58eKu5_NSfDUv3_NfbOTN36F0u-g7lhnV3fy2f7czxIZ4-BQd9kBUXA4079aLffoSpLKzhNUJPKzWbFyu1eGGLN3NLDzERm4qxF9FFt4pCxL-nXhVhcWoUQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 12:09:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8k1F7p0SwcOt-W5EHFwKg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A57
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ya9PCl-SbPmuMi8jZd7yrgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8k1F7p0SwcOt-W5EHFwKg&google_cver=1

43 B
894 B

32ms
19ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8k1F7p0SwcOt-W5EHFwKg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtrrpkQEwAQ&v=APEucNWo53NgtWRIdMl80n39ShqckhMv_X4IC88cC4ZOYT6CdVSm_pVeHa7XO1QW58eKu5_NSfDUv3_NfbOTN36F0u-g7lhnV3fy2f7czxIZ4-BQd9kBUXA4079aLffoSpLKzhNUJPKzWbFyu1eGGLN3NLDzERm4qxF9FFt4pCxL-nXhVhcWoUQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Dec 2021 12:09:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM8k1F7p0SwcOt-W5EHFwKg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1A57
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENZq9xqumha5JR4czI4LheU&google_cver=1

43 B
1008 B

40ms
13ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENZq9xqumha5JR4czI4LheU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYtrrpkQEwAQ&v=APEucNWo53NgtWRIdMl80n39ShqckhMv_X4IC88cC4ZOYT6CdVSm_pVeHa7XO1QW58eKu5_NSfDUv3_NfbOTN36F0u-g7lhnV3fy2f7czxIZ4-BQd9kBUXA4079aLffoSpLKzhNUJPKzWbFyu1eGGLN3NLDzERm4qxF9FFt4pCxL-nXhVhcWoUQ

Protocol

HTTP/1.1

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:46 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 91c92e57-e7ce-4fba-9d4c-c8f6e39cb04c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENZq9xqumha5JR4czI4LheU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A57
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUzODIxOTk4NTUyMDgzODYwNQ%3D%3D

170 B
188 B

47ms
47ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUzODIxOTk4NTUyMDgzODYwNQ%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:46 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0cc8fa65-f2be-4453-8456-adc1ddcc9082
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUzODIxOTk4NTUyMDgzODYwNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 326E 106 KB
37 KB 82ms
36ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
Origin: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 13:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 13:10:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame 326E 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZwLpNpqUCQzwGvS3wkS71JkCNOd_raJTw9TYKO8WAgqIMIbYTzPojFZbu8Xo-dYjQ1KKywLRoctNYH-ZQE4z_1QMiTfpX2EJU20kWibcPI5gogbdVcR-Bl18VtZI9Q9ZNLKp-1Ujxk6CV-C5fnpkHy71RIA&dbm_d=AKAmf-BmGZCgxV0jyy2LWEW1qZ-d1tpVYqxJBqboYUQKP9sRPO-cb8O2wRYfnZrYtmzFQ1-uRj8VMqwtDZHSk0_HqjxjY_xTBX8hpxIDobwpgsXLmN3TgLgmA25VC8J3UQzLQJU7tv0FSTqASpOQlw1wAYbGsCb38aKDA0RSked3n1lLW3mPjHLutCygYMwGMmKiud4pZzboqi2_yWJ8gvXKIwo8vmabnq0eyEeK_zNdfuk8gQCElNCSmtC9hAWpPu5XqyxdqD_wThVJR7S7lBU1EE6Qyif3r95M6WhU9f-s3REPz3nA9UcbtxkicI7ZRRwydU6ncR3GazFYGNAw_3grhYV0rlAPgpJvpzTpQ-CxmhPE8JxBLA-1FwJFY3WHranRHUk74Ots5k-q4J5Wu-v6rwatsmK4YSgUWfYtHXelJYNqK7PojeUjFVPi0wrTwq2CTg1BlRZ-YPhXMGfzLhsgz89eQtIN53mXwzaMHg4CxiS6XD8K6qc4KkAze903w5g6s5awZSR73t2hqpzowUmmNUBtGrVhnNTsoZBqJ8u6Gs54YJzAJtVLXoikyVFlbKDCi6Yq5ubKWVs0zoQ0AW9eow5XDFfrvrqM4kbB7NKENP4A3DvjTyaNuA-3ceY15u9IjSqFranePFmL7cqCK9kJrAMbhq6rYtmE7_ON9MmaGqv9zNx8U_huDbuBV7O596hwFudvL_5KjCb_Kdn_00Lg4i9hIYZISTsWoHWw4sVOcqztJqDvFJRhSJwdteWcHkIo7tu2bCi5mQhxPSIalVFeqtWaXX1pq5ZcfFQSgZ7cmhpGWHRWA6ggP5fqYj-zjvX140BIJfsHoX319MD6Iz0V4rLABKS5lv8lKiCLdMh_aloRkvK0hB9cmCBwCGAw_DAV7pDyxbsG_9Dovr6NmVaQ-NUiu-gWM-jx1q6tnGt2-e8EVAkesHlLGSGdKiHds-PtsymBz4cdxZqwCANqLv7UURx6VBlxh7yxgfqYA2t5ypraHeRj_5T_m0ewHf8ZZyyknF-XgFZUhmbcwCuQ73Imkt6nA-z5rFe7jDn7jXex8gtTHoufLSschbfwRRnUEYVmPrFvwxERebvk_VUoNIQADsf8wxycPdULfUCk5vWB6i_bB_VN9dsGadbXbZhX1sMn1My_jz_C1t-Wf5SdumHunCkdSSlatiqCvi2WuHUtca5XhRwYb0m8TbU3IVlw70TKSpaiYNdKQ7OpjBfj9GA3JKnRv3fWtOAUecad6sDxFkCBXECNcXh4myZ1upvb9qJXLzcMIDfbfROnSiCabftIHbg4bmc0_RpaDJs7orvHDf-RwqmCtAvk1e7D3OW8lHlvaC5GuG5evLqM0rs9smkHUk2nprCcDYiRRwGb9OexTcvF5Use-RK_5s1qwCVPhSc3OUBOyv6J93jnBgkeu4LV9aaZfqIvDYYqIg8t8MUaGUFBM5yRatmqC89F1ttOlh0ZzSRvtviU44SyMG150ncMXly7Dq3o5a-IP9Z5yu_HQqpQV7TxC7P04CftfjlVJfg3XJTycMhCy-XU7NdxZ_hOOCZmGtC5fI3Y-8aUTdaRGeftq8qwflQOml1Kgzdo6_liZSFQ8ppu-flweNUT7EZYcUL7a8ZB_-a238OFvl2OMSRaKkVd-KMaCYIxwpZsj4RfhJoJe6tNTtWOvmz4U20TqI9z6WaBUg1eqEPk-ijBafNAwEgwmDLQBmGpiD6252wPVipLwa-7C4RKmih4Sj3ACY8KzuArVYOwbjyIsnUq7dXY8QMzoqLzNmhSsa8GYdYK9Ttv96IknqmYajmJZCFkvslbPSKhSQz7IhLkyxncpxat4AfIZu3Dpp0bih08EmH4vbfa5HVxOyaKYBuD9niXSSS_4LDXhMFZpY7AoFnBzYnhdezsPUcBJTiZpd9LV_pM8_CI3GJ-4Uid-k2DvqGT82sd1eF9hzHFMjF5Jvwog1e_NJ94thbiY3u2HLesNuVUw__TOq5SKN-Pcv-3HwIZhvyETquDhOo2z_L7hBg7Lv7zfFsZ1SkxJmSCYnH_3WOXXOyq6NM6yaJ__FUUu9ZWL6TPZBPavxwi8fN5pEnC3fuxLeXyR_4Gu9aJ0GmopYDyknTfvJR76prjEDNuFp4zrWQXFbTyvS7yqDhGostmYTRn0Y3Ch-r61D4ZDK79egXCtZd3Qp-OsjoptHGOZ8MIIFy6DEC_wk5OfGd_r82BmfkR0szLypUiVMCJrPBZve9l9t_B6Uud9jKw7E9fD5uenf5mYclNylD1qHOVsmz-lPCh0R4MM28Hr-EAaMX-TLRSxC3tJePMhCHwqZYEj-PkdoMxZfFG6LmxnXkFse6CRSVDR7LeGi8dArHF8CPTROUMbVW3YQHBfoGJNvozKdNpLAlwJObC1btmjZmO2-0VfI2Vx5kkZ8BpU50ucjY1_ZaNfNerOT6Urk2YdLoJ47gffazb01p9F_y6xobLnjPFj7j9G5d_Q4M1QKDtx34wJfcovjGCfFhWAfSAjXogf6aIo74d6gEeMQOKBIPCaX_vw0TKdA_bNbJfrkKCZDJSK3WNjX18w06-RYJrMUurC1bgj6CxAZ258fkHb34-2ctubZFb30joXLj8t265Da_1v_kDo-JdQ9mEsoYBNkjqTuqVedh_2nbD-G0D0HYMYi4w5Sw7Sz-rdXwji7CKhEzvNJQ3FIc66tBUxqORCocWrSF04zKiYGxDnMGP13pnZBTKrZTLxqFtTr7m0-jDTlTT3Po0nWgBkrVgNALIO9HMzTSN3VxkD_CBoOgBCw1pnhY-uJti68NZb3i6kONK_2LiyM86V8J9uC4pmLdbrqpFh0RHJGHokwmXoypZm2uTsN964iweI8hc4T6zkhbpHSG4xFY5Y9Bi3Tqe6rf8vlFp3YcYK_utD9GmN-mpkuV2olMVdewhO1MQ-g7V4et6LUra1ZPxlOMPL0a4UbaKg1pg1MWraNOV16ddTOBG9gxHgwkuzpIY0eTDlQ1mG3pMyxf6ocZVPEY-OYGK1ozUpvlr2nbEdA2-N-mXJpaKsyJbwxdscJS7tfOo8Sl6DvP1TPq69I6tYoH21QxlelANZzurVuwtLoWO9lfxy7RiSCtu8cjLjVksd8OOlfqu44lOo-mtsaJII9zCBEr-P5BR8a8eHpGQp1WFzRu8SFo6VRP71VDerXkrZ3wBZgr7iU6m5_u2u1WobTOwYJIGPKIkJOYQJ0J0rCgGxtAM5lkWuN3lUIjk_5X5htOOnUY9n8hdoYPMWeD_CJX8R-HkgsXYrTFbQbI3Iy2DEvXb2yiQkHzoS93S9h7O8y238PqYBAcU0Zi5CR8g1QaeqNAa1Z0uWTHZ-C20O6odu4C-xaywBO1AE9XgPWOvfw3ucjA&cid=CAASEuRoALIjf_pGWXqIKZLdL2GVHw&rfl=2%2Chttps%253A%252F%252Ftheins.ru%242%2Chttps%253A%252F%252Ftheins.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:09:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 326E 24 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2d2472f310f3a4c880947f473b8de3e58662291206e24a5426ee2bd64684ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9494
x-xss-protection: 0
server: cafe
etag: 6798282995721486617
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Dec 2021 12:08:38 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 326E 41 KB
15 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 16:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 06 Dec 2022 16:15:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 733D 1 KB
749 B 39ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 06 Dec 2021 13:26:12 GMT
expires: Tue, 07 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 81814
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 326E 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e16593de2304848db8dfe5a87b2ba1f45dc86587bf847b755b11830b67737db8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E615 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 06 Dec 2021 16:15:15 GMT
expires: Tue, 06 Dec 2022 16:15:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 71671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 733D 35 B
464 B 43ms
9ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH6eT_UyH325BOA7OrxASIQ&google_cver=1&google_push=AYg5qPKW5_hSIXz8HXh4L-Br1_eWFJ03bkUt0HX-dtTn0CfkgN63aVLhZuRUKSNqPM9tCxK2ERfbVGIEWkzsQI0DGVBJ2Oci1YrS

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 733D
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKDjpNz7vxY6XT4NdQrV7b2ldHIX_0dKNly1_Y...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWE5UENnQUFCSGZDbWg5bw&google_push=AYg5qPKDjpNz7vxY6XT4NdQrV7b2ldHIX_0dKNly1_YjYRXN95jmniId9_RoxhtDpCcFhMnQbBrxCUAciDNswwaI2GaJJxXKjVc

170 B
188 B

48ms
48ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWE5UENnQUFCSGZDbWg5bw&google_push=AYg5qPKDjpNz7vxY6XT4NdQrV7b2ldHIX_0dKNly1_YjYRXN95jmniId9_RoxhtDpCcFhMnQbBrxCUAciDNswwaI2GaJJxXKjVc

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWE5UENnQUFCSGZDbWg5bw&google_push=AYg5qPKDjpNz7vxY6XT4NdQrV7b2ldHIX_0dKNly1_YjYRXN95jmniId9_RoxhtDpCcFhMnQbBrxCUAciDNswwaI2GaJJxXKjVc
Date: Tue, 07 Dec 2021 12:09:46 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 733D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIY_snx...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIY_snx...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMDcxMjA5NDYwMDA4MjcyNDExNjE4OQ%3D%3D&google_push=AYg5qPIY_snxfDAfHqXFnFP6tgsYvHzHrqFIYGuD0LSYnk9EKEs1gW9sMKs3GJ_peaAQvk...

170 B
188 B

48ms
48ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMDcxMjA5NDYwMDA4MjcyNDExNjE4OQ%3D%3D&google_push=AYg5qPIY_snxfDAfHqXFnFP6tgsYvHzHrqFIYGuD0LSYnk9EKEs1gW9sMKs3GJ_peaAQvkYPOQply7z8_Df6RrV7ZtowLrYif48

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMDcxMjA5NDYwMDA4MjcyNDExNjE4OQ%3D%3D&google_push=AYg5qPIY_snxfDAfHqXFnFP6tgsYvHzHrqFIYGuD0LSYnk9EKEs1gW9sMKs3GJ_peaAQvkYPOQply7z8_Df6RrV7ZtowLrYif48
pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 07 Dec 2021 12:09:46 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 733D 43 B
350 B 58ms
22ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPLGybuskAdp23QeG1MuCPM&google_cver=1&google_push=AYg5qPKMMfrwMSdfFLgGRMd_7_tUg8bPM4Yrv2hMTg1kQXqbJbADeUYZIJrDGK9z5gcbTZrvwByE5WcD7Rsj5YKFR5htnD39fUk
Requested by: Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:45 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 2eaonndumemsvm2rogept41327bj8jsv

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 733D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z7W_vYr4RTu9sBVUcuHLGA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

48ms
48ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z7W_vYr4RTu9sBVUcuHLGA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJV6PZ1DIzRpdTgjRLzxP3mCvYw_y38MypGTZCYv-mJFEfAEQ-qqS-LnbgEbMeEucosciUdgRFyDypHNLj3fPBrkrKEZwI

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=z7W_vYr4RTu9sBVUcuHLGA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJV6PZ1DIzRpdTgjRLzxP3mCvYw_y38MypGTZCYv-mJFEfAEQ-qqS-LnbgEbMeEucosciUdgRFyDypHNLj3fPBrkrKEZwI
date: Tue, 07 Dec 2021 12:09:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 733D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAUChpTlp3V0LKaBFpSQNhc&google_cver=1&google_push=AYg5qPKPn8n1ZtBDAgV1ZIMYY3ubUx2Z7Ulu5_d_WGpXm2rxxk7ffg53tpYyM0AwwfBcrGSaU0A...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dXMjhGME4tMVMtMjJL&google_push=AYg5qPKPn8n1ZtBDAgV1ZIMYY3ubUx2Z7Ulu5_d_WGpXm2rxxk7ffg53tpYyM0AwwfBcrGSaU0Au90hQ3J_FFylsyHI2hNoJkKxX

170 B
188 B

47ms
47ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dXMjhGME4tMVMtMjJL&google_push=AYg5qPKPn8n1ZtBDAgV1ZIMYY3ubUx2Z7Ulu5_d_WGpXm2rxxk7ffg53tpYyM0AwwfBcrGSaU0Au90hQ3J_FFylsyHI2hNoJkKxX

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dXMjhGME4tMVMtMjJL&google_push=AYg5qPKPn8n1ZtBDAgV1ZIMYY3ubUx2Z7Ulu5_d_WGpXm2rxxk7ffg53tpYyM0AwwfBcrGSaU0Au90hQ3J_FFylsyHI2hNoJkKxX
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 733D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjD...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 733D 0
12 B 91ms
46ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jaa8VHYsHsns8IFrDgKMz52wdF_zPdKczWZ98fRVnHLbgyDv4tCezdvfMyvWLXZE3EGFh0

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sfht0if3y.js Show response
cdn.krxd.net/controltag/ Frame 326E 11 KB
4 KB 37ms
7ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 07 Dec 2021 12:09:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 131
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3744
x-served-by: config-service-a002-ash-prod.krxd.net, cache-bwi5159-BWI, cache-hhn4073-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1638878986.233174,VS0,VE0
etag: "6b7f7c5dd851aeb3a658ac72e276f359fcdeb737"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 133

GET
H3 200 index.html Show response
s0.2mdn.net/4528516/218645269490265/ Frame F614 7 KB
3 KB 86ms
39ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/218645269490265/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df56c7ad5fbfe35989b0b715a4e7b6c49c2002fa386c20829d58c8f04717695b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2662
date: Mon, 06 Dec 2021 23:05:22 GMT
expires: Tue, 07 Dec 2021 23:05:22 GMT
last-modified: Fri, 30 Jul 2021 13:34:40 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 47064
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 326E 0
571 B 183ms
84ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqI-8Pao-cqFGhV2admTaVAq_Ni4xHDdpSbbb5kbbIwPdoC70pVyFMffFRU1mup4O9x-pnEm1M-fFSERgjW8IpwkXN_dMCfZJctoH9msbBueRi7bOvkBEtwA5RIuFsIXvg0v5pvV32We6neBL9x5skXIkVFLAc7Z9gcK-QGJrAi_oQ0f9kLHu3SCNBv5-oIFfGGHBj6cfmCivG3BP3naC_TYXfv2XN-pt72zirlPhZ6MdDWZ0j6Kyoc5teXt0RwpkjpVUr05OcPvRKBpo-aWTx15XooLPQrRqYtxrD55M8J343sOJm07PSyKdM3DW6ZGO8hM1Op_P4rzh3SgNI1B4Ro4fCv3W2lxUfcPGdAXgnxk5mqef4R6zQUViRhqjIXsc1XwIqdI599Ym9BnGiAfR50qk0qHc6KGHw6-BnLDiwfOroR--PR9yMiCEUYs_GReRh8Znaon36JFOYeWDLjcDQv6EN57--fwM-rgjfXgkTqu9fSCEFQ4dNpylCtTlG5CFG1Yg0UKF1S4k8D2rMSLlfGWx0TjcU7_gzotstiCT5AGBWBT61Q3BL3uQmEMNqP99z-bXNwHzZy8RtegsW0yCuUByevdJVFPZ9cYIk7eALL6ki8-Y9AnS2jNdojBYMjBywoMjtWGoXHmzL-5iw8uKqHxmZe7WQuQhcJGZwjVkjHJPfzDD7Cuwq8DtgNaxzz9o81jM84Kaequ_q8kuuh9uP2QWfLoQ608SGnABj1FNC1ihdhbnik3TI4c_cUzRa_kotenzaJgpRhk5gVsWN5pc10t0XKTKv4D9dhl6MZsuUl_rVGprw_rwQ6jQhAU6qvTn4bzfa3cIfyEhe6eUpoB-Twh7DxsNyrQGba9Na3-LVy1aGOOpVgi0O5GhgelgJiQMRJ_Jn_r3H8eR2Emohm2GGw1DmfwqwzM2xHNnjmyip0Pi-YKNTVSTNrx8xUi3yhdH0HvB6NHD06uok9pAtUJ_ZapmDdCYAxniMAaX8FGZQDl_MkgoQ1ffmrr5N6Obl_mZ76sWzhUc4KoXZbZ-y8DsYKfBTBmj0JPCWGuQIsASrNwiNsZ4vtqiMhvZ9mqtIW0s9gBQTeHRq_kZ01ilZxdLBYFQVwsA6Qx0P1xLm1nPtifgkizZTcTG0O0guVUOgRqhs9i3zKC2kDEp-SiO-4lsyK0hT_WXOHFWqvQT-3HmklAJfDh7zGBnNvpxkLx_2Ty9Pid3DThwsewgJSY5zfsW7ifY_eYT-Hk3jGjt2&sai=AMfl-YRXADnATCoukvzl6lHFTwz7eOL20v2ZYzr2tPX3_WL6_LxDLXEgnLlXzDqeS2ItkswobBT5zS3XtqsYUol_vsTVGXzxKVtFgY5ka4tNjttxvfdG6JtT6Z9bZVYF2acX1Ec09QAyw8dQW-SQyChL2dfBq_89fA&sig=Cg0ArKJSzMggawgbBIBqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=117&cbvp=1&cstd=115&cisv=r20211201.19975&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 07 Dec 2021 12:09:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js Show response
pagead2.googlesyndication.com/bg/ Frame E615 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 15:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13379
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 15:16:26 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 326E 259 KB
83 KB 7ms
6ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 07 Dec 2021 12:09:46 GMT
content-encoding: gzip
age: 650909
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 82997
content-length: 84509
x-served-by: cache-hhn4073-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1638878986.270680,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

POST
H2 200 45954939 Show response
mc.yandex.com/webvisor/ 43 B
145 B 32ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/45954939?wmode=0&wv-part=1&wv-hit=390170396&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rn=978507065&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1638878986%3Aw%3A1600x1200%3Av%3A715%3Az%3A0%3Ai%3A20211207120946%3Au%3A1638878984639333379%3Avf%3Aha6h9sd7uqizm2nl9b%3Awe%3A1%3Ast%3A1638878986&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
last-modified: Tue, 07-Dec-2021 12:09:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:46 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 326E 0
338 B 101ms
27ms Image
text/plain 52.212.131.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=283413594&adid=477202159&creativeid=155449341&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by: Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.131.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-131-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:46 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1638878986
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame F614 236 KB
63 KB 77ms
35ms Script
text/javascript 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/218645269490265/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:46 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:24:46 GMT

GET
H3 200 javascript.js Show response
s0.2mdn.net/4528516/218645269490265/ Frame F614 37 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4528516/218645269490265/javascript.js?1627280631629

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/218645269490265/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd13cfbb2f9a795313de09555baf21a2adf2c9215937702bf0b40ad46d1c8a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/218645269490265/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9416
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:34:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 07:56:47 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4AF8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

38ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=1151b3fc-f13c-5355-b291-40dcd33e0fd5&CACHEBUSTER=18455
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Dec 2021 12:09:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Tue, 07 Dec 2021 12:09:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 af5fc09f-edef-481c-bfa7-696005c6deb3 Show response
consumer.krxd.net/consent/get/ Frame 326E 236 B
426 B 57ms
33ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:46 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a009-dub-prod.krxd.net, cache-hhn4041-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1638878986.406078,VS0,VE27
content-length: 187
x-cache-hits: 0, 0

GET
H3 200 congstarX.jpg
s0.2mdn.net/4528516/218645269490265/ Frame F614 34 KB
34 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/218645269490265/congstarX.jpg?1627280631580

Requested by

Host: e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
URL: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19fbb89946e972e22aa04c4486605250219073148b7af0dfb958b5b6235d697e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/218645269490265/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 09:40:39 GMT
x-content-type-options: nosniff
age: 8947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34990
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:34:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 09:40:39 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 326E 0
23 B 124ms
79ms Ping
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstqI-8Pao-cqFGhV2admTaVAq_Ni4xHDdpSbbb5kbbIwPdoC70pVyFMffFRU1mup4O9x-pnEm1M-fFSERgjW8IpwkXN_dMCfZJctoH9msbBueRi7bOvkBEtwA5RIuFsIXvg0v5pvV32We6neBL9x5skXIkVFLAc7Z9gcK-QGJrAi_oQ0f9kLHu3SCNBv5-oIFfGGHBj6cfmCivG3BP3naC_TYXfv2XN-pt72zirlPhZ6MdDWZ0j6Kyoc5teXt0RwpkjpVUr05OcPvRKBpo-aWTx15XooLPQrRqYtxrD55M8J343sOJm07PSyKdM3DW6ZGO8hM1Op_P4rzh3SgNI1B4Ro4fCv3W2lxUfcPGdAXgnxk5mqef4R6zQUViRhqjIXsc1XwIqdI599Ym9BnGiAfR50qk0qHc6KGHw6-BnLDiwfOroR--PR9yMiCEUYs_GReRh8Znaon36JFOYeWDLjcDQv6EN57--fwM-rgjfXgkTqu9fSCEFQ4dNpylCtTlG5CFG1Yg0UKF1S4k8D2rMSLlfGWx0TjcU7_gzotstiCT5AGBWBT61Q3BL3uQmEMNqP99z-bXNwHzZy8RtegsW0yCuUByevdJVFPZ9cYIk7eALL6ki8-Y9AnS2jNdojBYMjBywoMjtWGoXHmzL-5iw8uKqHxmZe7WQuQhcJGZwjVkjHJPfzDD7Cuwq8DtgNaxzz9o81jM84Kaequ_q8kuuh9uP2QWfLoQ608SGnABj1FNC1ihdhbnik3TI4c_cUzRa_kotenzaJgpRhk5gVsWN5pc10t0XKTKv4D9dhl6MZsuUl_rVGprw_rwQ6jQhAU6qvTn4bzfa3cIfyEhe6eUpoB-Twh7DxsNyrQGba9Na3-LVy1aGOOpVgi0O5GhgelgJiQMRJ_Jn_r3H8eR2Emohm2GGw1DmfwqwzM2xHNnjmyip0Pi-YKNTVSTNrx8xUi3yhdH0HvB6NHD06uok9pAtUJ_ZapmDdCYAxniMAaX8FGZQDl_MkgoQ1ffmrr5N6Obl_mZ76sWzhUc4KoXZbZ-y8DsYKfBTBmj0JPCWGuQIsASrNwiNsZ4vtqiMhvZ9mqtIW0s9gBQTeHRq_kZ01ilZxdLBYFQVwsA6Qx0P1xLm1nPtifgkizZTcTG0O0guVUOgRqhs9i3zKC2kDEp-SiO-4lsyK0hT_WXOHFWqvQT-3HmklAJfDh7zGBnNvpxkLx_2Ty9Pid3DThwsewgJSY5zfsW7ifY_eYT-Hk3jGjt2&sai=AMfl-YRXADnATCoukvzl6lHFTwz7eOL20v2ZYzr2tPX3_WL6_LxDLXEgnLlXzDqeS2ItkswobBT5zS3XtqsYUol_vsTVGXzxKVtFgY5ka4tNjttxvfdG6JtT6Z9bZVYF2acX1Ec09QAyw8dQW-SQyChL2dfBq_89fA&sig=Cg0ArKJSzMggawgbBIBqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=352&vt=11&dtpt=235&dett=3&cstd=115&cisv=r20211201.19975&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 12:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4AF8 32 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4e87b0833dbc4021d64216db82295cda42836ba949bbd077c29e6317a65faddf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:01:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17196
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9513
Expires: Tue, 07 Dec 2021 16:56:22 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 326E 81 B
241 B 27ms
27ms Script
text/javascript 52.212.131.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.131.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-131-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0d49ee5a6905682d1f326660857c459feb13202028a50d0221223df32cac88a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:46 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=137 t=1638878986
x-served-by: beacon-n021-dub-prod.krxd.net
content-type: text/javascript

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4AF8 284 B
536 B 31ms
8ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/jpg

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E615 0
20 B 81ms
80ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bu5RtCk-vYewVh4PfA-G2uNAJAAAAADgB4AQC&bg=!7u2l7anNAAaQHwIOkB87ACkAdvg8WsffTbJUFwjyMHC2fS8z7cx9uHAyElCWaW87I5geY7-pWy-h6gIAAACEUgAAAApoAQeZAx2GF7o8aNySXQQYH9Pe3jKKP-kwBLo7uBHV4c6ERkL6m3wWJPpJyLH6WWEs_ALYV7BAcgkFBzevQ1lYhHThXWJ_-Fe_YsaRPTZoJU8Fvz1txHXsnGkxuTl2x9YpK72nYTGRu2fFWlH3dm2BH7HjB3veu8bklOaQYm42FgyHSM2gtRWsrgF-lGbPLhd_uhGtink96BSrKufEEkfYHDD6ouBmY3b_lIlw42zSgfSkHDdFBOodU-3NScKdUFK3TM9gJHJLgAtgOlO-H7qinJe7qx8tgcVBJHS92iYvU8otZcDkDARzgWYmyf7b9pN2c7S9o1MSWXgP2s75XuSjrPoPWlMajCC5nAxc_l0rodIeQQBxzb0UoyZWXVUGq00QiHB9wW6jOSQVwiYlq_bQZkgZgupERFhjDTFnx3H1q4Oa1Bge4MOtrC7RqhiRO_cL7HFMElShX1jRp750hfvY2QwzIoerrvLh6OapYsnmd0UQgO61Fp-ag3IwK2KuJgcGOOC-Wq_AMnxH9ZxHkLoyEvNt8Z2I2yBCF9FX8L9ms3IByTdfoYKqaR40Lx4x_BYxot_nyfDurMM5L-VvSM8hRB-Xjvun2mfbj1s0JF5ZBZ6KW1z3nMzeYrL8ppstSWse8fdMAQu0vDktbNLdxLuISIh-odlALQ1wQ7RaIUy1EavAFiFtT3ZEgJ6kRfJwUPsfdrpS31cwlwTMzXTwe8iYiK0_tsnWUS49XsF1kiLVzdVPhnBKdeAia77T0SfGYTFELLZbQ8McFv4oZW6u13etD2zwxjrLQeVkUT1UoGuRj9cNKKkKS_ihDe7GYJ91MO8w8zUUX1ihDR5SjpW90rJtfEnPTvwXfXKanOaGt5CyMJQhjQd-UMmrd_uiXipg4v_2OWJRbYKLqsPur9dT10D6PwrsxkRv-JOcXI0NKOGohR30HlN8ItQWAajIQinYMYC2FoXHyzjn6yu8UJlU3usV_z30PZ_skPrewH-1YdtpaC3nyqhXxfvT712Y7CEeHeGRndCFDrA7ae_LhXVmiK9__jRh2aOdXyW62P3OW5M3u-fm2Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 18455
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame EA31 43 B
415 B 46ms
46ms Image
image/gif 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/18455

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),

Reverse DNS

Software

ms-counter-3.2.14/1.20.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.14/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 congstarXaus.jpg
s0.2mdn.net/4528516/218645269490265/ Frame F614 23 KB
23 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/218645269490265/congstarXaus.jpg?1627280631580

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

229588dea1e6bd7da2884115b010f9c2f0c9c2639898deb0d45a0cbe6c6f6ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/218645269490265/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 18:27:52 GMT
x-content-type-options: nosniff
age: 63714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23494
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:34:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 18:27:52 GMT

POST
H2 200 45954939 Show response
mc.yandex.com/webvisor/ 43 B
73 B 164ms
33ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/45954939?wmode=0&wv-part=1&wv-hit=390170396&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rn=617971577&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638878987%3Aw%3A1600x1200%3Av%3A715%3Az%3A0%3Ai%3A20211207120946%3Au%3A1638878984639333379%3Avf%3Aha6h9sd7uqizm2nl9b%3Awe%3A1%3Ast%3A1638878987&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
last-modified: Tue, 07-Dec-2021 12:09:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:46 GMT

GET
H3

200

m
cm.mgid.com/ Frame EA31
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=1151b3fc-f13c-5355-b291-40dcd33e0fd5&expires=60
https://cm.mgid.com/m?cdsp=433145&c=05a037b5-d435-46e3-8b75-173660d2adf7&gdpr=&gdpr_consent=&us_privacy=
https://cm.mgid.com/m?c=05a037b5-d435-46e3-8b75-173660d2adf7&cdsp=433145&gdpr=&gdpr_consent=&us_privacy=&sct=1

43 B
501 B

82ms
70ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?c=05a037b5-d435-46e3-8b75-173660d2adf7&cdsp=433145&gdpr=&gdpr_consent=&us_privacy=&sct=1
Protocol: H3
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b9da5a29cbf0605-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://cm.mgid.com/m?c=05a037b5-d435-46e3-8b75-173660d2adf7&cdsp=433145&gdpr=&gdpr_consent=&us_privacy=&sct=1
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b9da5a22f4f43b8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 nele.png
s0.2mdn.net/4528516/218645269490265/ Frame F614 25 KB
25 KB 40ms
39ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528516/218645269490265/nele.png?1627280631580

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b872f50e08ad44f4714b15cf94070d078e77ea0c9df62edbf6ec1697aa22a9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/4528516/218645269490265/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 18:36:51 GMT
x-content-type-options: nosniff
age: 63175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25777
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:34:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 18:36:51 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E514 2 KB
823 B 36ms
13ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=1151b3fc-f13c-5355-b291-40dcd33e0fd5&CACHEBUSTER=18455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

1151b3fc-f13c-5355-b291-40dcd33e0fd5
an.yandex.ru/mapuid/betweendigitalis/ Frame EA31
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F1151b3fc-f13c-5355-b291-40dcd33e0fd5
https://an.yandex.ru/mapuid/betweendigitalis/1151b3fc-f13c-5355-b291-40dcd33e0fd5

43 B
485 B

33ms
32ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/1151b3fc-f13c-5355-b291-40dcd33e0fd5

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 12:09:46 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 07 Dec 2021 12:09:46 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/1151b3fc-f13c-5355-b291-40dcd33e0fd5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 204 event
ads.adfox.ru/260971/ 0
66 B 87ms
87ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/260971/event?pm=bmp&hash=ce7e4e5f97ece579&duid=1638878984639333379&pxo=X0mm9TDjWjelVYSJEBIubTfEsl8U_Tz3lnL4h82xGgvfFrG1SXhWFrHJ9_HbvHELdVEOGkc4-03P0kHjpOf4AZvX7IYim43oZ3jKzmLHd_CnRq_t9KYwwLUgbXjYGyMKT3eEXOPIkF-mtX12hUvTJszNAoJM9991RfmdsQKJXm12PPjk&p5=iuewa&rand=mnieqcn&sj=6PhTvi2UwTgyGf6R5iDXS4FrQqzOwUJb7SAnnfLZBvLzCL652x6lPr4ALfKG&ad-session-id=566871638878984540&lts=fhyjhfc&ytt=69269237008405&ybv=0.50302&ylv=0.50302&dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pr=cvphjxy&p1=cpewf&rqs=CDcpeipfIAkIT69hwtd4NA1w4tnJGRPz&rtb-si=b&p2=gxmq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 12:09:46 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 sync
t.adx.opera.com/ Frame EA31 0
410 B 128ms
81ms Image
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=1151b3fc-f13c-5355-b291-40dcd33e0fd5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:47 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 326E 42 B
64 B 82ms
81ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqg0kBrqSBPwcWPjmcN3KBJ-Fj8Shc7lzHdFAufCMAzx8BLqDkrlWqX1JtSHhjWnFqQ4pnqwlKc_Bv89y2kp-9SO3P-ds5144CiFP6VfQk8oNx-Sm75g&sai=AMfl-YR_-0KJYuBF0ASxdVKwIeV_pvHds8Ss1D0Cfhg8uC3xFRV35hE9VWPPxcxVXKtiYjbREU49rJaj_ULZfKzzjDOcJq4Vp3YjvGPWjroLHFSl58YCZOahnQmQWPc&sig=Cg0ArKJSzOnnJPNHUVi1EAE&cid=CAASEuRoALIjf_pGWXqIKZLdL2GVHw&id=lidar2&mcvt=1000&p=968,279,1008,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4175249508&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638878985875&rpt=285&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 45954939 Show response
mc.yandex.com/webvisor/ 43 B
169 B 33ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/45954939?wmode=0&wv-part=2&wv-hit=390170396&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rn=775399009&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638878988%3Aw%3A1600x1200%3Av%3A715%3Az%3A0%3Ai%3A20211207120948%3Au%3A1638878984639333379%3Avf%3Aha6h9sd7uqizm2nl9b%3Awe%3A1%3Ast%3A1638878988&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:48 GMT
last-modified: Tue, 07-Dec-2021 12:09:48 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:48 GMT

GET
H2 200 / Show response
pl.viadata.store/export/102696/ Frame 368D 6 KB
1 KB 55ms
55ms XHR
application/json 23.111.119.12
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl.viadata.store/export/102696/?secured=1&language=en&page_url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pub_sid=102696&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=theins.ru&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=984423&VIA_WIDTH=736&VIA_HEIGHT=414&imp=false&rc=2&cb=1638878989628
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: cb81556e4351cad17cadbff1ccece4b97927eaacd0777edd8eda3aaff8ccbcf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:49 GMT
content-encoding: br
server: nginx/1.19.5
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theins.ru
access-control-allow-credentials: true
access-control-allow-headers: sentry-trace

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame 368D 27 B
435 B 75ms
75ms XHR
text/xml 80.64.106.152
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&request_id=1026968878989685&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.152 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr7.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:49 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://theins.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H/1.1 200
OK rle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 368D 5 KB
6 KB 64ms
63ms XHR
text/xml 195.209.108.48
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=223429&bn=1&bt=61&pz=0&w=736&h=414&vp=3&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=8878989686&tail256=https%3A%2F%2Ftheins.ru%2F
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 9250c6814042f21839a48cb023d79494d6c55e4239dab4421f8c8746221a2fdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:49 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://theins.ru
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
rtb-msk-2.viadata.store/vast/ Frame 368D 71 B
417 B 69ms
68ms XHR
application/xml 23.111.115.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb-msk-2.viadata.store/vast/cs?zone=102696&w=736&h=414&site=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&vp=2&cbb=8878989686

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
age: 0
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://theins.ru
cache-control: no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type, Accept

GET
H/1.1 200
OK rle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 368D 5 KB
6 KB 63ms
63ms XHR
text/xml 195.209.108.48
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222694&bn=1&bt=61&pz=0&w=400&h=220&vp=3&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=8878989687
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: cd8892d4b9ba72835f1b6af5496c02b52832919bd7b1a51edb813f1860df6229

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:49 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://theins.ru
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK v0 Show response
vtg1.rktch.com/ Frame 368D 2 KB
2 KB 62ms
61ms XHR
text/xml 176.99.5.169
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&siteid=102696&cbb=8878989687
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41257.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: db5359fb1b57e735e56ebda946e8f7858e345c1006254930fb26076baefe64ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:49 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://theins.ru
Access-Control-Max-Age: 0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, x-ad4-*

GET
H/1.1 200
OK bid.php Show response
n.dyntrk.com/ Frame 368D 21 B
215 B 21ms
7ms XHR
text/xml 135.125.160.77
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://n.dyntrk.com/bid.php?bsrc=d5ad5bs9ht&cpu=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&uint=2&ist=1&cdid=DYN-OPM-0389&plw=736&plh=414&addu=60&pubid=102696&uifa=f39360e1-f052-49c2-ab52-bf1be8579a20&ad_ct=application%2Fjavascript%2Cvideo%2Fmp4&gdpr=0&gdpr_consent=&cbb=8878989687
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.160.77 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3195934.ip-135-125-160.eu
Software: proxy /
Resource Hash: e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://theins.ru
pragma: no-cache
access-control-allow-credentials: true
server: proxy
x-rc: 25
content-length: 21
content-type: text/xml

GET
H2 204 viads-vast Show response
adx.com.ru/ Frame 368D 0
282 B 10ms
10ms XHR
text/plain 188.34.131.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&cbb=8878989688
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.134.131.34.188.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://theins.ru
date: Tue, 07 Dec 2021 12:09:49 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
p3p: CP="adx.com.ru does not have a P3P policy"

GET
H2 200 dsp
logs.viadata.store/event/ Frame 368D 43 B
296 B 42ms
42ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102696&event=rtb&event2=request&cb=1638878989689&tids=3456,3457,3458,7593,3439,3460,3461,8427,3462,7369

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 12:09:49 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 pl14906 Show response
ssp.bidvol.com/vast/ Frame 368D 49 B
501 B 246ms
246ms XHR
text/xml 65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/vast/pl14906?page=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&domain=theins.ru
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:49 GMT
server: nginx/1.14.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://theins.ru
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 49
x-request-id: efe24b1c-3870-46e4-9fc9-8e95c46ece96
expires: 0

GET
H/1.1 200
OK v0 Show response
vtg1.rktch.com/ Frame 368D 21 B
420 B 57ms
57ms XHR
text/xml 176.99.5.169
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&bb=87&siteid=102696&att=1&ma=6
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41257.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: 64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:49 GMT
Server: nginx/1.14.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://theins.ru
Access-Control-Max-Age: 0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization, x-ad4-*

GET
H2 204 event
ads.adfox.ru/260971/ 0
66 B 63ms
63ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/260971/event?pm=bmq&hash=949bd6ad01e8bea6&duid=1638878984639333379&pxo=X0mm9TDjWjelVYSJEBIubTfEsl8U_Tz3lnL4h82xGgvfFrG1SXhWFrHJ9_HbvHELdVEOGkc4-03P0kHjpOf4AZvX7IYim43oZ3jKzmLHd_CnRq_t9KYwwLUgbXjYGyMKT3eEXOPIkF-mtX12hUvTJszNAoJM9991RfmdsQKJXm12PPjk&p5=iuewa&rand=bzvnwog&sj=6PhTvi2UwTgyGf6R5iDXS4FrQqzOwUJb7SAnnfLZBvLzCL652x6lPr4ALfKG&ad-session-id=566871638878984540&lts=fhyjhfc&ytt=69269237008405&ybv=0.50302&ylv=0.50302&dl=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pr=cvphjxy&p1=cpewf&rqs=CDcpeipfIAkIT69hwtd4NA1w4tnJGRPz&rtb-si=b&p2=gxmq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 12:09:49 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 302 KB
81 KB 74ms
74ms Script
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

afb30206cb05dacb7e3889906700415a3e45f4f66af976df83bcc1e12aad87e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1638878990069595-1706080007798212400500361-production-app-host-sas-pcode-189
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 07 Dec 2021 13:09:50 GMT

POST
H2 200 45954939 Show response
mc.yandex.com/webvisor/ 43 B
145 B 44ms
44ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/45954939?wmode=0&wv-part=3&wv-hit=390170396&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rn=173512457&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638878990%3Aw%3A1600x1200%3Av%3A715%3Az%3A0%3Ai%3A20211207120950%3Au%3A1638878984639333379%3Avf%3Aha6h9sd7uqizm2nl9b%3Awe%3A1%3Ast%3A1638878990&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:50 GMT
last-modified: Tue, 07-Dec-2021 12:09:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:50 GMT

GET
H3 200 CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame F614 102 KB
102 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/218645269490265/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:07:31 GMT
x-content-type-options: nosniff
age: 139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104232
x-xss-protection: 0
last-modified: Thu, 06 Oct 2016 14:32:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 12:22:31 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame F614 57 KB
57 KB 40ms
39ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4528516/218645269490265/index.html
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:04:22 GMT
x-content-type-options: nosniff
age: 328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Dec 2021 12:19:22 GMT

POST
H2 200 45954939 Show response
mc.yandex.com/webvisor/ 43 B
145 B 32ms
31ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/45954939?wmode=0&wv-part=4&wv-hit=390170396&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rn=88226640&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638878992%3Aw%3A1600x1200%3Av%3A715%3Az%3A0%3Ai%3A20211207120952%3Au%3A1638878984639333379%3Avf%3Aha6h9sd7uqizm2nl9b%3Awe%3A1%3Ast%3A1638878992&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:52 GMT
last-modified: Tue, 07-Dec-2021 12:09:52 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:52 GMT

POST
H2 200 45954939 Show response
mc.yandex.com/webvisor/ 43 B
145 B 32ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/45954939?wmode=0&wv-part=5&wv-hit=390170396&page-url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&rn=139463790&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638878994%3Aw%3A1600x1200%3Av%3A715%3Az%3A0%3Ai%3A20211207120954%3Au%3A1638878984639333379%3Avf%3Aha6h9sd7uqizm2nl9b%3Awe%3A1%3Ast%3A1638878994&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theins.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:54 GMT
last-modified: Tue, 07-Dec-2021 12:09:54 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://theins.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 07-Dec-2021 12:09:54 GMT

GET
H2 200 / Show response
pl.viadata.store/export/102696/ Frame 368D 6 KB
1 KB 55ms
54ms XHR
application/json 23.111.119.12
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl.viadata.store/export/102696/?secured=1&language=en&page_url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&pub_sid=102696&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=theins.ru&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=984423&VIA_WIDTH=736&VIA_HEIGHT=414&imp=false&rc=3&cb=1638878994684
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.119.12 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: cb81556e4351cad17cadbff1ccece4b97927eaacd0777edd8eda3aaff8ccbcf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:09:54 GMT
content-encoding: br
server: nginx/1.19.5
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://theins.ru
access-control-allow-credentials: true
access-control-allow-headers: sentry-trace

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame 368D 27 B
435 B 75ms
75ms XHR
text/xml 80.64.106.152
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&request_id=1026968878994741&placement_id=109&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.152 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr7.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 12:09:54 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://theins.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H/1.1 200
OK rle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 368D 5 KB
6 KB 57ms
57ms XHR
text/xml 195.209.108.48
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=223429&bn=1&bt=61&pz=0&w=736&h=414&vp=3&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=8878994742&tail256=https%3A%2F%2Ftheins.ru%2F
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 967861a76774ef2ae9aa3f4b1506ffc5d1e5af4ebc12fc2c91deb85124f9efab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:54 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://theins.ru
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
rtb-msk-2.viadata.store/vast/ Frame 368D 71 B
417 B 49ms
48ms XHR
application/xml 23.111.115.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb-msk-2.viadata.store/vast/cs?zone=102696&w=736&h=414&site=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&vp=2&cbb=8878994742

Requested by

Host: theins.ru
URL: https://theins.ru/news/246918

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
age: 0
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://theins.ru
cache-control: no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type, Accept

GET
H/1.1 200
OK rle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 368D 5 KB
6 KB 69ms
68ms XHR
text/xml 195.209.108.48
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=222694&bn=1&bt=61&pz=0&w=400&h=220&vp=3&target=top&vmindn=5&vmaxdn=180&vminbtr=30&vmaxbtr=3000&tuid=1&rnd=8878994742
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.48 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 24eafc8bc2de02cd3b3c1f4a426899b2c6914eb3a22125258c67562ddc4459f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 12:09:54 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://theins.ru
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET v0
vtg1.rktch.com/ Frame 368D 0
0

GET
H/1.1 200
OK bid.php Show response
n.dyntrk.com/ Frame 368D 21 B
215 B 21ms
7ms XHR
text/xml 135.125.160.77
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://n.dyntrk.com/bid.php?bsrc=d5ad5bs9ht&cpu=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&uint=2&ist=1&cdid=DYN-OPM-0389&plw=736&plh=414&addu=60&pubid=102696&uifa=f39360e1-f052-49c2-ab52-bf1be8579a20&ad_ct=application%2Fjavascript%2Cvideo%2Fmp4&gdpr=0&gdpr_consent=&cbb=8878994743
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.160.77 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3195934.ip-135-125-160.eu
Software: proxy /
Resource Hash: e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://theins.ru
pragma: no-cache
access-control-allow-credentials: true
server: proxy
x-rc: 25
content-length: 21
content-type: text/xml

GET
H2 204 viads-vast Show response
adx.com.ru/ Frame 368D 0
282 B 14ms
13ms XHR
text/plain 188.34.131.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.com.ru/viads-vast?vpaid=true&rolltype=outstream&referer=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&uid=f39360e1-f052-49c2-ab52-bf1be8579a20&cbb=8878994743
Requested by: Host: theins.ru
URL: https://theins.ru/news/246918
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.134.131.34.188.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://theins.ru
date: Tue, 07 Dec 2021 12:09:54 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
p3p: CP="adx.com.ru does not have a P3P policy"

GET
H2 200 dsp
logs.viadata.store/event/ Frame 368D 43 B
296 B 42ms
42ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=102696&event=rtb&event2=request&cb=1638878994743&tids=3456,3457,3458,7593,3439,3460,3461,8427,3462,7369

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://theins.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:09:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 12:09:54 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.theins.ru
URL: https://api.theins.ru/proxy/fb/?id=https%3A%2F%2Ftheins.ru%2Fnews%2F246918

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE

Domain: vtg1.rktch.com
URL: https://vtg1.rktch.com/v0?i=11736&url=https%3A%2F%2Ftheins.ru%2Fnews%2F246918&siteid=102696&cbb=8878994742

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theins.ru/	1970-01-20 08:00:14	Name: _ym_uid Value: 1638878984639333379
.theins.ru/	1970-01-20 08:00:14	Name: _ym_d Value: 1638878984
.otm-r.com/	1970-01-20 08:00:14	Name: mpid Value: NjFhZjRmMDcwYTZhMmUzMw==
.exchange.buzzoola.com/	1970-01-19 23:57:50	Name: uuid Value: ed8961a7-fd6d-49ba-64c7-bc5533a6b064
.mc.yandex.com/	1970-01-19 23:14:39	Name: sync_cookie_csrf Value: 2780390093fake
.theins.ru/	1970-01-19 23:15:50	Name: _ym_isad Value: 2
.viadata.store/	1970-01-19 23:57:50	Name: viads_uid Value: f39360e1-f052-49c2-ab52-bf1be8579a20
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWGvTwiaHAAYSZtwAlg9iiPaSdUs1tlFYEydQE9NcjqI
.mc.yandex.ru/	1970-01-19 23:14:39	Name: sync_cookie_csrf Value: 755415742fake
.adhigh.net/	1970-01-20 08:00:14	Name: gi_u Value: uLcHI3JTq6g3.AikABlF9lMy3rA
ssp.bidvol.com/	1970-02-13 19:46:02	Name: bvuid Value: qela36o64a
.theins.ru/	1970-01-20 16:45:50	Name: _ga Value: GA1.2.798049225.1638878984
.theins.ru/	1970-01-19 23:16:05	Name: _gid Value: GA1.2.695578429.1638878984
.theins.ru/	1970-01-19 23:14:39	Name: _gat_gtag_UA_44581081_1 Value: 1
.yandex.com/	1970-01-20 08:00:14	Name: yandexuid Value: 990949271638878984
.yandex.com/	1970-01-20 08:00:14	Name: yuidss Value: 990949271638878984
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1449444781638878984
.yandex.com/	1970-01-23 14:50:38	Name: i Value: 03g0msKraQHETKW6tph4mQ5ZRh9Y3oKrXfaZDBhUDXXOyKdyfKbqvnvGfHEKfFUDNjMGLbq5xWD5JpH1DDeQhFkKrAo=
.yandex.com/	1970-01-20 08:00:14	Name: ymex Value: 1670414984.yrts.1638878984#1670414984.yrtsi.1638878984
.yandex.ru/	1970-01-23 14:50:38	Name: yandexuid Value: 657630181638878984
.theins.ru/	1970-01-19 23:14:40	Name: _ym_visorc Value: w
.criteo.com/	1970-01-20 08:36:14	Name: uid Value: 922edfcc-03b0-4f2f-86c3-584382a43815
.viadata.store/	1970-01-19 23:26:10	Name: viads_sc Value: %7B%220%22%3A1638878984%2C%2230%22%3A1638878984%2C%2227%22%3A1638878984%7D
.theins.ru/	1970-01-20 08:36:14	Name: cto_bundle Value: UiZVsF9XWWpyaGFLUHl0cldHZmZHbENjVUhNM2ZrUzYyc2N2OHRsN3ZoYkg2Q3dma0xLaTlyYUlKcEdCVzFycE1KUzFFYWJvc0JpNzdLanc1c3dGclp1bDZCOU1pYWZuMW9uYnc4ZzAwNDBZREI4YnJoUSUyRmVpbENVUmk1dUZOYWZOT0pWVEZ4NU5wb0NjSldqS1BTUXh6UWd0dyUzRCUzRA
adx.com.ru/	1970-01-20 08:00:14	Name: yabbi-user Value: 61af4f08f0e015a1fe0df3fc
.spotxchange.com/	1970-01-20 08:00:18	Name: audience Value: 90a7e8d4-5756-11ec-843d-1ab52fe70506
.rktch.com/	1970-01-19 23:15:14	Name: b_uid Value: 52970d5033870408a8ea6aac71fea1d260a6
.dmg.digitaltarget.ru/	1970-01-21 01:09:50	Name: viuserid Value: r.Ed6kx5gN0oe9O772tf
.rutarget.ru/	1970-01-20 03:33:50	Name: userId Value: VnMkRvgKUctm
.adriver.ru/	1970-01-20 16:45:50	Name: cid Value: AK2OexddFi0ZZrPXBGdiJNQ
.yandex.ru/	1970-01-20 16:45:50	Name: i Value: 40VAL2RRahOCls+r+IUic10awVkV6m3iuQ+bmxEHpMKcWe8uF/uXba/Lw6wPUPuoovGQ8XdJkW9LVXYHmQ/NSY0WPok=
.doubleclick.net/	1970-01-20 08:36:14	Name: IDE Value: AHWqTUms0IMVI1XY_ueh7FCO4espP0iQGmf_a16VzYyt3q2JlRO85y2-eYVw2wy-fvs
.betweendigital.com/	1970-01-20 08:00:14	Name: dc Value: was1
.betweendigital.com/	1970-01-20 08:00:14	Name: ss Value: 1
.betweendigital.com/	1970-01-20 08:00:14	Name: tuuid Value: d61b9af6-fd25-5355-a500-5761c4af1868
.tns-counter.ru/	1970-01-20 08:00:14	Name: guid Value: 8C67682E61AF4F09X1638878985
.adhigh.net/	1970-01-20 08:00:14	Name: btw_sync Value: I9Z
.lijit.com/	1970-01-20 08:00:14	Name: ljt_reader Value: e73f83fb5aae5bbf721b3f1c
.adsniper.ru/	1970-01-27 06:26:38	Name: uuid3 Value: IiQ5MTQ2ODdmYS01NzU2LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.bumlam.com/	1970-01-27 06:26:38	Name: suuid3 Value: IiQ5MTQ2ODdmYS01NzU2LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.bidswitch.net/	1970-01-20 08:00:14	Name: c Value: 1638878985
.bidswitch.net/	1970-01-20 08:00:14	Name: tuuid_lu Value: 1638878985
.bidswitch.net/	1970-01-20 08:00:14	Name: tuuid Value: 05a037b5-d435-46e3-8b75-173660d2adf7
.admixer.net/	1970-01-20 16:45:50	Name: am-uid Value: 122f2b7b07fb48cab28f6de1e3c47236
.theins.ru/	1970-01-20 08:36:14	Name: __gads Value: ID=105ab5ed5e860c6e:T=1638878984:S=ALNI_MaCfUdsvspfYgZ9xSdPYUp-kVcmXw
.casalemedia.com/	1970-01-20 08:00:14	Name: CMID Value: Ya9PCl-SbPmuMi8jZd7yrgAA
.casalemedia.com/	1970-01-20 01:24:14	Name: CMPS Value: 3267
.casalemedia.com/	1970-01-20 01:24:14	Name: CMPRO Value: 1196
.casalemedia.com/	1970-01-19 23:16:05	Name: CMST Value: Ya9PCmGvTwoA
.adnxs.com/	1970-01-20 01:24:14	Name: uuid2 Value: 4538219985520838605
.aidata.io/	1970-01-20 16:45:50	Name: __upin Value: qK+Hk4JD3JSEulWQCUSyiA
.aidata.io/	1970-01-20 16:45:50	Name: __upints Value: 1638878986
.casalemedia.com/	1970-01-20 08:00:14	Name: CMRUM3 Value: 2d61af4f0a2760CAESEM8k1F7p0SwcOt-W5EHFwKg
.adnxs.com/	1970-01-20 01:24:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$KhecN9!]tbPl1M>e)ZlrFUfJ+tGXxoL@5!pqD?3YOY<d7Y<XP+tQ/0XY[)NyMbyN7u%nugO%v4VB%nnN@**4-F
.quantserve.com/	1970-01-20 01:24:14	Name: d Value: EE8BCQHzJIEA
.quantserve.com/	1970-01-20 08:44:53	Name: mc Value: 61af4f0a-38965-3a845-5b7b4
.pubmatic.com/	1970-01-19 23:16:05	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:24:14	Name: KADUSERCOOKIE Value: CFB5BFBD-8AF8-453B-BDB0-155472E1CB18
.sniperlog.ru/	1970-01-20 12:12:14	Name: guid Value: D8EA973F538B3A24
.e.dlx.addthis.com/	1970-01-20 08:44:53	Name: na_tc Value: Y
.krxd.net/	1970-01-20 03:33:50	Name: _kuid_ Value: OhsPgQYa
.addthis.com/	1970-01-20 08:44:53	Name: na_id Value: 2021120712094600082724116189
.addthis.com/	1970-01-20 08:44:53	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:44:53	Name: uid Value: 61af4f0a61f97fba
.addthis.com/	1970-01-20 08:44:53	Name: ouid Value: 61af4f0a00013b20c1dc4d9e72533256900c5b07017da06c1526
.dlx.addthis.com/	1970-01-19 23:57:50	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 23:57:50	Name: na_sr Value: 20211207
.dlx.addthis.com/	1970-01-19 23:14:39	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 23:57:50	Name: na_sc_e Value: 0
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lb7KZJK7v994
.mgid.com/	1970-01-19 23:14:40	Name: __cf_bm Value: xJHn27V_B.DHXANcnokonV5J_1VjPM_h_bqjqgJZDio-1638878986-0-AfskbwYiEau5fEnCuK/pKvg7hCtfHqpoD70CsxI9Wl6ouEzYFSvBzeKc/O5QDQsXwtUBf3zsO7sRz+KDoL9YMlc=
cm.mgid.com/	1970-01-19 23:57:50	Name: mg_sync Value: {"433145":1638878986}
.betweendigital.com/	1970-01-20 08:00:14	Name: ut Value: Ya9PCgAMtehZoUOsNFOveTgdTkBwe6e7d0lSOQ==
.yandex.ru/	1970-01-23 14:50:38	Name: yuidss Value: 657630181638878984
.adx.opera.com/	1970-01-19 23:57:50	Name: UID Value: 7955911f6d334d5998c2b1494aa7433d

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9480.l_vJel9CKTf42QHHFBzc9pZkKmyKA2SPUJcYpO_iCCLdZ03n6HsgStNLj2tHq_oUqP9P0gXjrm2rW0kkDoc6IA%2C%2C.6QB_TuiS-FHJCHdkbkOs5fjBVl0%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ya9PCl_SbPmuMi8jZd7yrgAABKwAAAAB&google_gid=CAESEBjaDwaTp2aVicFW8CUGYJA&google_cver=1&google_push=AYg5qPIOcqTVj2KwMaOakKorAVkFcCkBTJJjDUnD1jwvpDY-KEjT5fwrLiCptE_dKmbTNQv1fsWV_Kfckzs_OyEGhpKXgZVxFKZE Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adriver.ru
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
ads.digitalcaramel.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
ap.lijit.com
api.theins.ru
beacon.krxd.net
bidder.criteo.com
cache.betweendigital.com
cdn.krxd.net
cdn.viadata.store
clientside-video-bidder.rutarget.ru
cm.adform.net
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
code.createjs.com
consumer.krxd.net
dmg.digitaltarget.ru
dsum-sec.casalemedia.com
e.dlx.addthis.com
e58aadc982d5c672193dba9037c70083.safeframe.googlesyndication.com
eus.rubiconproject.com
exchange.buzzoola.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.adtelligent.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
logs.viadata.store
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
n.dyntrk.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.adriver.ru
pixel.everesttech.net
pixel.rubiconproject.com
pl.viadata.store
pubads.g.doubleclick.net
px.adhigh.net
rtb-msk-2.viadata.store
rtb.openx.net
ru.viadata.store
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssp-rtb.sape.ru
ssp.bidvol.com
static.criteo.net
stats.g.doubleclick.net
sync.bumlam.com
sync.search.spotxchange.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
theins.ru
token.rubiconproject.com
tpc.googlesyndication.com
vtg1.rktch.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
yhb.p.otm-r.com
api.theins.ru
cm.g.doubleclick.net
vtg1.rktch.com
104.109.78.125
104.111.215.191
104.19.134.78
116.202.51.146
135.125.160.77
138.201.65.68
142.250.184.194
142.250.184.226
142.250.185.162
142.250.74.194
144.76.118.200
146.0.227.110
151.101.194.133
151.101.2.133
151.236.71.19
176.99.5.169
178.250.2.131
178.250.2.146
18.195.177.130
185.15.175.159
185.184.8.65
185.33.221.13
185.94.180.126
188.34.131.134
193.232.150.45
195.209.108.48
195.209.111.15
198.47.127.19
2.18.234.21
2.19.35.65
2001:6d0:4001::226
216.52.2.48
23.111.115.172
23.111.115.236
23.111.115.244
23.111.119.12
23.111.211.20
2606:4700:10::6816:2e68
2606:4700:10::ac43:15ad
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1148:db00::17
2a00:1450:4001:801::2008
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c0a::9b
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00::210:ba12
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::90
2a02:6b8:a::a
2a0c:5c81:5142::2
31.172.81.158
31.172.81.159
31.172.81.172
35.186.253.211
37.157.6.245
51.89.9.252
52.18.11.109
52.212.131.178
65.108.1.48
69.173.144.139
80.64.106.152
82.145.213.8
88.99.234.26
89.108.119.28
96.46.186.57
0319d71d8bed0d33559b4158f5beabaad9ae85678f792423d476f8c6d39786fd
03cb67968a56ab998398f5a5f7b515e817ec487e5ba4b417c1def63eca12ca73
04b281f269aa142078ccfb43c9c187898247c17bac758717ad4a270b5123931c
09f5a546d338271977ebb834261b2f45b0aabcb9e0a19a16beb0c7ba4b01412f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d49ee5a6905682d1f326660857c459feb13202028a50d0221223df32cac88a5
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
11c17fa1d31b854a771ec4833b336c218445ccd40f5047880ad496a27b737280
11f7e167b0b3b86b9e41c3f16a2c28db888d7320354f1278af1a80b7ec11eb25
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15a3efce4e527795167d6fb4bb107345067176ddfc514a85cf0ee9a031b07e55
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
19fbb89946e972e22aa04c4486605250219073148b7af0dfb958b5b6235d697e
1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12
20dcd1712a09e708373636f76fb4afc4a7b3a66277ecafbb036d6cb4acac941b
229588dea1e6bd7da2884115b010f9c2f0c9c2639898deb0d45a0cbe6c6f6ecb
23213e38d64fe2c90977bebe7271f9f34bcec1c2e793664037e37a0c5b2bb8f2
24eafc8bc2de02cd3b3c1f4a426899b2c6914eb3a22125258c67562ddc4459f5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b2d2472f310f3a4c880947f473b8de3e58662291206e24a5426ee2bd64684ca
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5
3576afae118b48511f152d8ce95a1e19315db7c0a0030726889822498af78d70
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37dc0a11c65ecce74cd009be8503cc290c168fb94795b3b32d52a097c194b313
3907b7b0b0768954a940e36103cc4ba52ad97ae422feb65b2aeeb4568e928c79
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448a333dfdb98768c6308de7aeb073d319ec34bef67636b30fdf97abba0683b7
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
45f0f17894ab482b67a6d7f5fa80bd19fb44da017e93a2df668311c9409c0970
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e87b0833dbc4021d64216db82295cda42836ba949bbd077c29e6317a65faddf
4f1569d418fccfd6809707f53befd2343c3f2c32c92429af2f1e61cd06e345a4
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53376875a177ffdd2ae2b0b19fc973b0e101ea68fe79734738274024476a517f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559e15e9c1f2aed0308858ccdd55dd9de22dcd2a3a4802de64ab56c5a00bef97
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5a15dcfbcda13abdb3dfd470cf969141bbea86d05932e8f49b1e7a9249bc416f
5c883fd81aa6616988d11949a780dfa476f39ba7aca55f1cfeaec60b5d19cbe4
5e4bfd9bf00eb5891b76c2a43b0900f0114a7d0cd68e72369bff74e756eb87c7
60eda5c5fe2cc97aa7c143c138faaad627b595bf1465d07a2879b215e05813e6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
63cce1521fcd97e195120a05274cd014773a4cb4ef37d4faa70c2bb8ecb9d999
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6
65d7726c522dde05a5cb467fbc568cf76c31ad1ae1a90d50f061fe04c08d0f7b
692446225814c5bc8e8f73a291afdf6626e40a2a3a533ab737e8dea55e5545d1
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
7de9af56181ba280b16b9c09f179b4921644025d372d2cd1d9d4e053f8b8158b
7e4076fbe85ca310bb97bc23bc4686bd4c46be96f8b3532effb0d02d0acbdce6
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
804473b9434e24b6535d04f9cbcffa112039a85f756dd9340b4d21f131033115
82fe21d6994a6536926c852c7b0b0fdac534e4902333d7472507b462acf03a37
834af6158f003b1d449f2398617ac58ecca6a0d8c0cd653442c49185432fc06e
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8a1fda95c418902fba3c9a6a2220a102886f0f97322916a8eef38776bf5f2333
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
924e0001b638d4b7a9ca60596f6f828a76fa92add457b49c1075faaa1ce35cd1
9250c6814042f21839a48cb023d79494d6c55e4239dab4421f8c8746221a2fdf
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
94aedf74ee9c2f40bc8d5b8e9dd891946d0f843b7cfbd6d86f6343067ecd9528
967861a76774ef2ae9aa3f4b1506ffc5d1e5af4ebc12fc2c91deb85124f9efab
98853c314da19dd937694bcabe140f6549fe2bd27e641bcfbb534a9c804ff487
99bf0c9526e4ca09f66abfd88e13cbacdff3f602cec540de29b66c22c1b1dbc6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9efec227fa2dd3f0e1cc60a36dc9b1c27d2a0baf2b03c29efb20e0025ed76d0f
9f37ea77c3303ede846b02f7d22ade6c0284e4e73ad8d8c5b53608de003a1066
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a785aa484329b4182ebddb1803903e4dd7c7dc8904fbe96cee26edd5918b30
a5a48edbedb82854e025408b8e0aa97a9ac9c7a4902669d27d4c6317474dc0a3
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75fe9acfb784bda910aec728288489aed0d6afcd101c109af4d9726e32da7a6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aca5f4a4ff7b7fccca3e6c69efb1cf762e53d0b5a5e6259a57463d973b0de18d
aee7fc5f785653c0d549f29d69632d36edcfec69e0460b6cb0d0747febae5ac2
afb30206cb05dacb7e3889906700415a3e45f4f66af976df83bcc1e12aad87e0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2501d83e7a70f991d54ba2762dc364f54f6e081055b24f688c4e90e3fbc6590
b872f50e08ad44f4714b15cf94070d078e77ea0c9df62edbf6ec1697aa22a9ed
bac676d115d20505b7728ea958e6b20b980243fb7ba8cfa92f6aab4f5ce4edb4
bb1f113dd02e0df63bb02b0f993b27f5dc8d96883d54fda74d84e1c76fbeb7da
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef
c361cc03a3443a5e1430458e1ef1b224ced6a00325f89096d4ee996c3a31f7a3
c7e832f91eb0a4ec7d6cc446c1ae8c7ca5e1bedf037d5a70d328d9bb40ac840b
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cb81556e4351cad17cadbff1ccece4b97927eaacd0777edd8eda3aaff8ccbcf4
cd8892d4b9ba72835f1b6af5496c02b52832919bd7b1a51edb813f1860df6229
ce400adf4048173aaf986da2569e97fd793eac19b1863f94132ade681abf0a29
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1d777d1448f841f8d6c3dc55073f244022acf5a60d246863cff979748ccf142
d3e94d7543e46901c826a8841ea94c787b922a7449783c07c2ed973243c32ec0
d522081cd8a06c9234230d006ca584c4830cdd279c8efac249e062b1394b1560
d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97
daeba59bff811af8a3ea861617a4811bb82489e260e4ac62a4df0aa67a4057d9
db5359fb1b57e735e56ebda946e8f7858e345c1006254930fb26076baefe64ef
dbf4b3740132345240bb9d1973775fb945be7909e52181c269032c94f4cdd0c4
dd13cfbb2f9a795313de09555baf21a2adf2c9215937702bf0b40ad46d1c8a7a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df56c7ad5fbfe35989b0b715a4e7b6c49c2002fa386c20829d58c8f04717695b
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
e16593de2304848db8dfe5a87b2ba1f45dc86587bf847b755b11830b67737db8
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4b8f7079db84f76db199ccc4597f1efa957d270eb484bac2e02d343ba848fa4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6c0631b5562969d860d515a3ddaf6f4d189e2314ecfe38071f3296b4274437
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f15862683d750a598e7e20e75cd9e39c12ad10c7aed79d12658c2e70b6a712c9
f331142ac634bbe369caf0f7e926e305fb3ef1b1685e84678a316d337b427eca
f3ad5466bf8e93c888ca830d9b03728feeb7156e6118f878f45f36fca31f17d4
f3fcd4d519126562473c51b6889e9e323daec962753c833119c209529a9a7fc4
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fad2e6b1c147c30ac71bc627652895f64a3fcab20d350c8f67bcb9ec24fcfdfc

theins.ru Open in urlscan Pro 2606:4700:10::6816:2e68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

216 Requests

86 %HTTPS

36 %IPv6

57 Domains

83 Subdomains

71 IPs

13 Countries

3888 kBTransfer

9294 kBSize

75 Cookies

24 Outgoing links

Redirected requests

216 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

theins.ru Open in urlscan Pro
2606:4700:10::6816:2e68 Public Scan

Screenshot
Live screenshot

Full Image

216
Requests

86 %
HTTPS

36 %
IPv6

57
Domains

83
Subdomains

71
IPs

13
Countries

3888 kB
Transfer

9294 kB
Size

75
Cookies

216 HTTP transactions
11 data transactions