lemzspb.ru Open in urlscan Pro
95.217.100.0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lemzspb.ru/
Effective URL:
https://lemzspb.ru/
Submission Tags: l4ing ru h8 sub Search All
Submission: On April 03 via api (April 3rd 2023, 4:13:35 am UTC) from UA — Scanned from FI

Summary HTTP 217 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 9 countries across 35 domains to perform 217 HTTP transactions. The main IP is 95.217.100.0, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is lemzspb.ru.
TLS certificate: Issued by R3 on January 27th 2023. Valid for: 3 months.

This is the only time lemzspb.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	95.217.100.0 95.217.100.0	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	92.38.252.165 92.38.252.165	12695 (DINET-AS) (DINET-AS)
1	2600:9000:225... 2600:9000:225e:800:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
2	91.220.120.249 91.220.120.249	202173 (MAXIMATEL...) (MAXIMATELECOM)
1 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
8	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	79.98.186.40 79.98.186.40	50340 (SELECTEL-MSK) (SELECTEL-MSK)
13	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (GLOBAL_DC) (GLOBAL_DC)
13	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	79.98.186.41 79.98.186.41	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
16	2606:4700::68... 2606:4700::6812:d32c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	103.229.205.242 103.229.205.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5 26	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
6 6	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:401... 2a00:1450:4017:804::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.167.155 64.233.167.155	15169 (GOOGLE) (GOOGLE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.28.233.170 52.28.233.170	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:26a7:915d:b928:9358	16509 (AMAZON-02) (AMAZON-02)
1 1	63.35.112.107 63.35.112.107	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4026::6	15169 (GOOGLE) (GOOGLE)
217	35

15 95.217.100.0 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.0.100.217.95.clients.your-server.de

lemzspb.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.38.252.165 (Reutov, Russian Federation)

ASN12695 (DINET-AS, RU)

push.24olimp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:800:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.220.120.249 (Russian Federation)

ASN202173 (MAXIMATELECOM, RU)

s3.wi-fi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.98.186.40 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

cdn.afp.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.98.186.41 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

ssp.afp.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:d32c (United States)

ASN13335 (CLOUDFLARENET, US)

c.bannerflow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.242 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.0.66 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.24 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.21 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4017:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.233.170 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-233-170.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:26a7:915d:b928:9358 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.112.107 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-112-107.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4026::6 (Ireland)

ASN15169 (GOOGLE, US)

r1---sn-ixh7rn76.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145	815 KB
49	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 bid.g.doubleclick.net — Cisco Umbrella Rank: 768	342 KB
16	bannerflow.net c.bannerflow.net — Cisco Umbrella Rank: 8238	205 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	172 KB
15	lemzspb.ru 1 redirects lemzspb.ru	830 KB
12	yandex.ru 2 redirects yandex.ru — Cisco Umbrella Rank: 1537 mc.yandex.ru — Cisco Umbrella Rank: 3359 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 27761 an.yandex.ru — Cisco Umbrella Rank: 3345	192 KB
11	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	1 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	218 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 6404	201 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com — Cisco Umbrella Rank: 473	137 KB
6	adform.net 6 redirects c1.adform.net — Cisco Umbrella Rank: 584	4 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	4 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1169 r1---sn-ixh7rn76.c.2mdn.net	2 MB
3	travelaudience.com 3 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6349	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	146 KB
3	google.fi adservice.google.fi — Cisco Umbrella Rank: 306082	818 B
3	afp.ai cdn.afp.ai — Cisco Umbrella Rank: 114065 ssp.afp.ai — Cisco Umbrella Rank: 45653	190 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 387	953 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 830	2 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1320	460 B
2	wi-fi.ru s3.wi-fi.ru — Cisco Umbrella Rank: 202576	38 KB
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 6050	134 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 689	592 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	712 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 828	336 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 340	461 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 652	540 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1557	350 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1512	587 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 37864	611 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 507	875 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	601 B
1	optad360.io get.optad360.io — Cisco Umbrella Rank: 37081	58 KB
1	24olimp.ru push.24olimp.ru — Cisco Umbrella Rank: 867990	4 KB
217	35

	Domain	Requested by
32	tpc.googlesyndication.com	googleads.g.doubleclick.net lemzspb.ru cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com securepubads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
26	cm.g.doubleclick.net	5 redirects lemzspb.ru googleads.g.doubleclick.net cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
25	pagead2.googlesyndication.com	lemzspb.ru pagead2.googlesyndication.com googleads.g.doubleclick.net cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
16	c.bannerflow.net	cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com c.bannerflow.net
15	lemzspb.ru	1 redirects lemzspb.ru
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com lemzspb.ru
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net lemzspb.ru
9	yastatic.net	yandex.ru
8	www.google.com	2 redirects lemzspb.ru googleads.g.doubleclick.net cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com tpc.googlesyndication.com
8	fonts.gstatic.com	fonts.googleapis.com
7	mc.yandex.ru	1 redirects lemzspb.ru mc.yandex.ru
6	c1.adform.net	6 redirects
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	lemzspb.ru googleads.g.doubleclick.net securepubads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	ads.travelaudience.com	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.fi	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	r1---sn-ixh7rn76.c.2mdn.net
2	an.yandex.ru	1 redirects
2	eb2.3lift.com	2 redirects
2	pm.w55c.net	2 redirects
2	sync.teads.tv	1 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.afp.ai	s3.wi-fi.ru
2	s3.wi-fi.ru	lemzspb.ru s3.wi-fi.ru
2	yandex.ru	lemzspb.ru s3.wi-fi.ru
1	gcdn.2mdn.net	1 redirects
1	cs.chocolateplatform.com	cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
1	ads.yieldmo.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	rtb.openx.net	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ssp.afp.ai	cdn.afp.ai
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	matchid.adfox.yandex.ru	yandex.ru
1	get.optad360.io	lemzspb.ru
1	push.24olimp.ru	lemzspb.ru
217	49

This site contains no links.

Subject Issuer	Validity	Valid
lemzspb.ru R3	`2023-01-27` - `2023-04-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
sylfpaskl.avtoblogs.ru R3	`2023-03-07` - `2023-06-05`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-03-01` - `2023-11-15`	9 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.wi-fi.ru GlobalSign RSA OV SSL CA 2018	`2022-09-26` - `2023-10-28`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.afp.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-23` - `2023-10-24`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
matchid.adfox.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-12-21` - `2023-06-14`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
eu.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2023-03-16` - `2023-06-14`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-03-21` - `2023-05-30`	2 months	crt.sh

This page contains 27 frames:

Primary Page: https://lemzspb.ru/
Frame ID: AF487613CB3C4D279EDDA87117931CCB
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Frame ID: B115A685073B2EF8B087004068018228
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&adk=1812271804&adf=1573534164&lmt=1655228260&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Flemzspb.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207079&bpp=13&bdt=548&idt=225&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4312723642993&frm=20&pv=2&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=262
Frame ID: B50A53501B3C8838BD1EB12F86BF81AD
Requests: 1 HTTP requests in this frame

Frame: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8228E5F846CEEE9B699EB948B2D5ADC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=600&adk=4275107220&adf=1171174942&pi=t.aa~a.2813527312~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1655228260&rafmt=1&to=qs&pwprc=9361489909&format=300x600&url=https%3A%2F%2Flemzspb.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207925&bpp=4&bdt=1394&idt=4&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0&nras=2&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=yZiHpTT6L1&p=https%3A//lemzspb.ru&dtd=16
Frame ID: EE3125B7E3D4821A63C9EBCAFF571CEB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=513&adk=514322978&adf=2595696695&pi=t.aa~a.2438994202~rp.4&w=730&lmt=1655228260&nsk=586a14bf&rafmt=11&pwprc=9361489909&ad_type=text_image&format=730x513&url=https%3A%2F%2Flemzspb.ru%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207952&bpp=2&bdt=1421&idt=2&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0%2C300x600&nras=3&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Gnps47ug9G&p=https%3A//lemzspb.ru&dtd=19
Frame ID: BE772A6504D3C3F35F6778A56C866570
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3FB9DB809C7A643551E176AC63D90353
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EFA5E081881A2D61D62BE1F23C4C09A7
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs
Frame ID: 7AA452ED2FC4C2E600C8ECB502AF882C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FEC428875F19158D588FA9D9725634AE
Requests: 2 HTTP requests in this frame

Frame: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44604FF6FCC50C9553965259D93F4256
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5917D7C0CBE24E2614423D4541FF7B8D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHb17MCEOWFkMcCGKCV5eMBMAE&v=APEucNV7NCWthQDrRNV9hxcqiNj30bxJeffSZ2CnpEjyVrsy3PZL4NZOsshDSxLwhTHfLQaikDV2DoK-7h4FcaDYVVzUGiypEe6JQ2cQHbRGCmU2xX0dqGm_pQ5wp5AUr8V4AEbbDydbdu2KfOV3BbAM_VkqjV0XdBPEjUO4-UtxapXb-0t9Ixu_q6cE48sMSQa1xVuRwp4EEPcVSiMF1FVz-XGOhF1t8g
Frame ID: AAFBF1F65B9CBB3F632736D2D1142CC6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js
Frame ID: 635C5DB44C70E0A91BBD143522AB5F88
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js
Frame ID: 98F1091E959F06E8820D9640D210A015
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032303151621000/amp4ads-v0.mjs
Frame ID: 34308B47ABD168EE7BCA74AB92EB60B9
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1241595EF5BE2D115954BB781300DE3B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 651EE639AC214AA2939124892348586D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D8AFE34047853BF047E9152D983ACBC5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 88C77970873351A6A03BE37D348818B1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE8C6196B5784435049B24886D6AD39B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D5B72B040CAD1DF699261ABBF2351DF5
Requests: 2 HTTP requests in this frame

Frame: blob://https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/32edac7c-3dcb-4aa2-af2c-0638884260a2
Frame ID: 4A3E7AECF40B33E0B59BA5AC84FBE4D8
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fstorytel%2F58b818c8e039002a64adc166%2Fimages%2Fa3e5db75-2635-4920-af50-db43440a357e.jpg&w=640&h=427&q=85&f=webp&rt=cover&x1=0&y1=28&x2=640&y2=309
Frame ID: 4B6D74DED63930BE234CA4EA32634EFB
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fwww.storytel.com%2Fimages%2F640x640%2F0003149892.jpg&w=116&h=116&q=90&f=webp&rt=contain
Frame ID: 93C7FA3D9CEF78CDE2B4432C4A1DBABD
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fwww.storytel.com%2Fimages%2F640x640%2F0003242734.jpg&w=116&h=116&q=90&f=webp&rt=contain
Frame ID: BDAF8F3AF9705F461FFFFC0F976B9F63
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fwww.storytel.com%2Fimages%2F640x640%2F0003417561.jpg&w=116&h=116&q=90&f=webp&rt=contain
Frame ID: 9506C689F03209CD112B75BC6F0561B1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Блог электрика -

Page URL History Show full URLs

http://lemzspb.ru/ HTTP 301
https://lemzspb.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

217
Requests

88 %
HTTPS

51 %
IPv6

35
Domains

49
Subdomains

35
IPs

9
Countries

5728 kB
Transfer

10523 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lemzspb.ru/ HTTP 301
https://lemzspb.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://mc.yandex.ru/watch/70274068?wmode=7&page-url=https%3A%2F%2Flemzspb.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A776%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1577016443018%3Ahid%3A689335615%3Az%3A0%3Ai%3A20230403041327%3Aet%3A1680495207%3Ac%3A1%3Arn%3A637937510%3Arqn%3A1%3Au%3A1680495207663380286%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C72%2C247%2C31%2C179%2C0%2C%2C273%2C1%2C%2C%2C%2C804%3Aco%3A0%3Acpf%3A1%3Ans%3A1680495206028%3Arqnl%3A1%3Ast%3A1680495207%3At%3A%D0%91%D0%BB%D0%BE%D0%B3%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%B8%D0%BA%D0%B0%20-&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/70274068/1?wmode=7&page-url=https%3A%2F%2Flemzspb.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A776%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1577016443018%3Ahid%3A689335615%3Az%3A0%3Ai%3A20230403041327%3Aet%3A1680495207%3Ac%3A1%3Arn%3A637937510%3Arqn%3A1%3Au%3A1680495207663380286%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C72%2C247%2C31%2C179%2C0%2C%2C273%2C1%2C%2C%2C%2C804%3Aco%3A0%3Acpf%3A1%3Ans%3A1680495206028%3Arqnl%3A1%3Ast%3A1680495207%3At%3A%D0%91%D0%BB%D0%BE%D0%B3%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%B8%D0%BA%D0%B0%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 129

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENHQEAABbGXkhHt5NEmb4hY&google_cver=1&google_push=Aer7DvKOuv_XY2yGleHt9Ox8yVq1nkDy2cKGZxXRl6HdPtkkk7eDRxaSd50aTT_2AqysZj75EdzxSq4xQJoc1y_pCAO5E2_q1Pczpaw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKOuv_XY2yGleHt9Ox8yVq1nkDy2cKGZxXRl6HdPtkkk7eDRxaSd50aTT_2AqysZj75EdzxSq4xQJoc1y_pCAO5E2_q1Pczpaw

Request Chain 130

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGYelzc0dkC95FopXbgDQs4&google_cver=1&google_push=Aer7DvKePT4zdGxJwn1CoDOK-6_EdU2C8lGQmxdHOclf007IBQ0vPulULaZcBsY4sVAVMkTUdCFfYn0eWx5Jlkm8LVMWN5gGIozsZmsF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKePT4zdGxJwn1CoDOK-6_EdU2C8lGQmxdHOclf007IBQ0vPulULaZcBsY4sVAVMkTUdCFfYn0eWx5Jlkm8LVMWN5gGIozsZmsF&google_hm=y69nFyJQTfCjyBAr3jyYerc

Request Chain 131

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEItXwwJT5nR6jNCxRWF6Wak&google_cver=1&google_push=Aer7DvIiGhsFD18Mp0YJH80xiLs8Vc-i_6ZyoDoiJjnuPqEAcrB3NLOttaPJWgAETpFOxAeI-nFjrvGOggSVR9p8D0oDczJaECKM9xc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxNzY3MTk1OTQ1ODIxNjA3Nw%3D%3D&google_push=Aer7DvIiGhsFD18Mp0YJH80xiLs8Vc-i_6ZyoDoiJjnuPqEAcrB3NLOttaPJWgAETpFOxAeI-nFjrvGOggSVR9p8D0oDczJaECKM9xc

Request Chain 132

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBGVIU8zQWawLZqorGUL1ok&google_cver=1&google_push=Aer7DvLsHr5hPuzZlwbako3L41TejGsLS6XpG7i6WBRjUTZX0v3u7Nvex1i-Z1WqwzCS6YkvzMb9iy18jmuqPSYcPmwdVqlXl-xg2rZK HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvLsHr5hPuzZlwbako3L41TejGsLS6XpG7i6WBRjUTZX0v3u7Nvex1i-Z1WqwzCS6YkvzMb9iy18jmuqPSYcPmwdVqlXl-xg2rZK

Request Chain 133

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB29UAqDZw7BGSKwdoFl808&google_cver=1&google_push=Aer7DvJAqK8K4fuYO0AY05fBy0Cb1OTHRNJTCQ4xNXBnlG2EkSLhByLzGenvZe1yMRMGkesOtLcd168EFYFUM7M5jvRI_-0asJI7weJx HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB29UAqDZw7BGSKwdoFl808&google_cver=1&google_push=Aer7DvJAqK8K4fuYO0AY05fBy0Cb1OTHRNJTCQ4xNXBnlG2EkSLhByLzGenvZe1yMRMGkesOtLcd168EFYFUM7M5jvRI_-0asJI7weJx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvJAqK8K4fuYO0AY05fBy0Cb1OTHRNJTCQ4xNXBnlG2EkSLhByLzGenvZe1yMRMGkesOtLcd168EFYFUM7M5jvRI_-0asJI7weJx

Request Chain 134

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB29UAqDZw7BGSKwdoFl808&google_cver=1&google_push=Aer7DvKHAm4lJLCeGed1mHFJgLVvMNNWrQ01ZWqazR5xlkiWLzVSE8fItkPuhKHni0rD6MK33dHNUl7HeOO_3MpKyynqnYix0sJA-rf8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB29UAqDZw7BGSKwdoFl808&google_cver=1&google_push=Aer7DvKHAm4lJLCeGed1mHFJgLVvMNNWrQ01ZWqazR5xlkiWLzVSE8fItkPuhKHni0rD6MK33dHNUl7HeOO_3MpKyynqnYix0sJA-rf8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIxNTg2MDIyNjQ2NTIyNDUxMw&google_push=Aer7DvKHAm4lJLCeGed1mHFJgLVvMNNWrQ01ZWqazR5xlkiWLzVSE8fItkPuhKHni0rD6MK33dHNUl7HeOO_3MpKyynqnYix0sJA-rf8

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXPgL3nfT-jQUCFOsx6jJE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXPgL3nfT-jQUCFOsx6jJE&google_cver=1&C=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCpSaTNcdjH915yQc7BwOQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXPgL3nfT-jQUCFOsx6jJE&google_cver=1

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECQDfAHGdym3dWgyGXQiniA&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECQDfAHGdym3dWgyGXQiniA%26google_cver%3D1

Request Chain 142

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1MDg2NTE1MTU3ODI4MDIyOQ%3D%3D

Request Chain 171

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 177

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFgmsU53eizGjio2nNq8F4M&google_cver=1&google_push=Aer7DvKB3VibR75fiAeLQwM-ZfqH-cnBgA-gbzUJ8PsmfHpaPLd-B7C9nnOppcwmk5zFL9vEn1YLvgFOr8ZtOiCKlPo7gLo4OvBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFgmsU53eizGjio2nNq8F4M&google_push=Aer7DvKB3VibR75fiAeLQwM-ZfqH-cnBgA-gbzUJ8PsmfHpaPLd-B7C9nnOppcwmk5zFL9vEn1YLvgFOr8ZtOiCKlPo7gLo4OvBQ

Request Chain 178

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB2jrG1mZujG6ITkSBYiPjY&google_cver=1&google_push=Aer7DvKTtr7h59E-R1rrkA836erX5a-WB7nsdoBODVE4LgpNx2C3NYR7EIG-UzYLgYs3VHb2lfUUhWdHYAbrc1-FRb2ocob37-YN HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvKTtr7h59E-R1rrkA836erX5a-WB7nsdoBODVE4LgpNx2C3NYR7EIG-UzYLgYs3VHb2lfUUhWdHYAbrc1-FRb2ocob37-YN

Request Chain 179

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKq-GvbHHG9_DSqtFSL12i0&google_cver=1&google_push=Aer7DvIDcUvkNNXqk0j1sBWyZz0XXshuXHqiQESE-_1E2Y8UeK1xgSgmlZ4-7CjaTl88mfDtgt1wmGAxwUd_CpZamRVe0_6m3We0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvIDcUvkNNXqk0j1sBWyZz0XXshuXHqiQESE-_1E2Y8UeK1xgSgmlZ4-7CjaTl88mfDtgt1wmGAxwUd_CpZamRVe0_6m3We0

Request Chain 180

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKq-GvbHHG9_DSqtFSL12i0&google_cver=1&google_push=Aer7DvLSHKEp65dvRX87-0ZGeu40LnsOhtDas8O6nAShYPlDWiPQ2-ceNsF2xwK_dBwRGsrALl3-pnxp1c9y3BRkecXORMGOqLgB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvLSHKEp65dvRX87-0ZGeu40LnsOhtDas8O6nAShYPlDWiPQ2-ceNsF2xwK_dBwRGsrALl3-pnxp1c9y3BRkecXORMGOqLgB

Request Chain 181

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJcjmYkcKEdk47H6bjDPLO0&google_cver=1&google_push=Aer7DvIBZnQx7uRhupnLmjcHrw7Z8yL4UHziStZNoQXghDIKv838cjGFw9EWlr03naOPuROdHEUDMO9qZ_QK2m_wdx47WsGaLx3X HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEcwQkdJR1EtMU4tQjdXWg==&google_push=Aer7DvIBZnQx7uRhupnLmjcHrw7Z8yL4UHziStZNoQXghDIKv838cjGFw9EWlr03naOPuROdHEUDMO9qZ_QK2m_wdx47WsGaLx3X

Request Chain 182

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFiDuBb8ZOK9QpPN4MrqO04&google_cver=1&google_push=Aer7DvJwoyETB7tMCFtmujp4fJuaWdONEoOdH9tAI38Y0z3hTnZffDlN-VEco7oalTfIx5UbwWBy4aUcUqse3WEecMprRhgq8qpC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJwoyETB7tMCFtmujp4fJuaWdONEoOdH9tAI38Y0z3hTnZffDlN-VEco7oalTfIx5UbwWBy4aUcUqse3WEecMprRhgq8qpC

Request Chain 183

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEbox_XeWhglGWbxrHsmaYQ&google_cver=1&google_push=Aer7DvJvJP_bDciKDSm58624nFGKOsp0wyfZjZLbvWpzjXtaQarAN3gPP_QHfmJCEOzGI2WrgzAJL2H_OqW6KRMMeOiMDHK1uF6GqAM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJvJP_bDciKDSm58624nFGKOsp0wyfZjZLbvWpzjXtaQarAN3gPP_QHfmJCEOzGI2WrgzAJL2H_OqW6KRMMeOiMDHK1uF6GqAM HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 186

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP_j6B9C1OW1jUQKGghSOHY&google_cver=1&google_push=Aer7DvJRagejQCYJsdIrpK9JoYVoTfv6S7QGKW1JkZIrZq844ej3df7PXG0pdK-g3AzBimIVCRvmO10eFa_xIn1YPYPGc40H21xW HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP_j6B9C1OW1jUQKGghSOHY&google_cver=1&google_push=Aer7DvJRagejQCYJsdIrpK9JoYVoTfv6S7QGKW1JkZIrZq844ej3df7PXG0pdK-g3AzBimIVCRvmO10eFa_xIn1YPYPGc40H21xW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bmxRZEw0bXIxUEpienI1&google_gid=CAESEP_j6B9C1OW1jUQKGghSOHY&google_cver=1&google_push=Aer7DvJRagejQCYJsdIrpK9JoYVoTfv6S7QGKW1JkZIrZq844ej3df7PXG0pdK-g3AzBimIVCRvmO10eFa_xIn1YPYPGc40H21xW

Request Chain 187

https://ads.travelaudience.com/google_pixel?google_gid=CAESEElJ9YD4OcMSwy4M1PDKmHE&google_cver=1&google_push=Aer7DvIW0_3yyKNMqJO0cft1tF502mulsyjk6WFqumPdV5bLw0nCKt3XOccDPKyDKOMfsz6C5Tc4XwSJxNW0vVp-KhXwPO5GwzDY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvIW0_3yyKNMqJO0cft1tF502mulsyjk6WFqumPdV5bLw0nCKt3XOccDPKyDKOMfsz6C5Tc4XwSJxNW0vVp-KhXwPO5GwzDY

Request Chain 188

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBGRu742E2uO9g-Z7_GXsTM&google_cver=1&google_push=Aer7DvLHBAjYFWe-YKLizdXEDGpwrL4GOWi-mvVcIpwzpUAoyAARm6tK2YowbHFjnS0mh6qB2GuFd5KqEUjaG_M66NBhs_nO8xU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLHBAjYFWe-YKLizdXEDGpwrL4GOWi-mvVcIpwzpUAoyAARm6tK2YowbHFjnS0mh6qB2GuFd5KqEUjaG_M66NBhs_nO8xU&google_hm=eS1JVzhzSVV4RTJwRzkwRW1Jc3NNSnVUMS5DZlNyMk1IRH5B

Request Chain 189

https://ads.yieldmo.com/exptsync?google_gid=CAESEJupmbCSd9zlfajX1hdU364&google_cver=1&google_push=Aer7DvKGDr7uWjMQieZtk5dFzDb1K95xb8vY27viE0QA4JhuMKr7jyT536D9PyzmjNy5VnxxlThDXH8wV4IMBjv9JwNk7-zdvbo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=Aer7DvKGDr7uWjMQieZtk5dFzDb1K95xb8vY27viE0QA4JhuMKr7jyT536D9PyzmjNy5VnxxlThDXH8wV4IMBjv9JwNk7-zdvbo&google_hm=ZzEzN2ZlNGY3MzIyYTg1ODNkZDM=

Request Chain 190

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENGbj0N18axipBzzn4xb4f8&google_cver=1&google_push=Aer7DvJNYYC366xYSIdePMjsoBYdCypQ_GlM2Te9b2VrEy8oT2P17uN5Jw3dBjk9cYa_b4mKm2PzpgMmCluXqJZDbDp4rbLk_-a4 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aer7DvJNYYC366xYSIdePMjsoBYdCypQ_GlM2Te9b2VrEy8oT2P17uN5Jw3dBjk9cYa_b4mKm2PzpgMmCluXqJZDbDp4rbLk_-a4&google_gid=CAESENGbj0N18axipBzzn4xb4f8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4MzA2NjExNjkwOTE5MjA2MTM1Ng%3D%3D&google_push=Aer7DvJNYYC366xYSIdePMjsoBYdCypQ_GlM2Te9b2VrEy8oT2P17uN5Jw3dBjk9cYa_b4mKm2PzpgMmCluXqJZDbDp4rbLk_-a4

Request Chain 192

https://an.yandex.ru/mapuid/google/CAESECn1nufG6FfOL-nsNwLS0U0?ext-param=Aer7DvLhD3epatYvkYiai_2yvoGXhtq66Wl11UjmrsPPvQIQt8TUJUIbSnQVwv-4AboKyEt4z6p4Jy_yzVallbgFSEk_ecHmLkGr&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESECn1nufG6FfOL-nsNwLS0U0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 196

https://gcdn.2mdn.net/videoplayback/id/a2c0ac83389443b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820498498/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B49D47251CD2076AA181403E21750565EA3910C5.A0C188D72621D1413130D7AD437501F9C15AECB0/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-ixh7rn76.c.2mdn.net/videoplayback/id/a2c0ac83389443b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820498498/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1AD7945AABD09C342A3CDE96AD954E5D2DFD49A4.0F7D96CE24E581986CC5EE84AC8EF3D816419A1B/key/cms1/cms_redirect/yes/mh/6O/mip/2a0c:f040:0:2790::3e/mm/42/mn/sn-ixh7rn76/ms/onc/mt/1680494879/mv/u/mvi/1/pl/51/file/file.mp4

217 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
lemzspb.ru/
Redirect Chain

http://lemzspb.ru/
https://lemzspb.ru/

107 KB
22 KB

320ms
247ms

Document
text/html

95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 1c20d7a4bec0164ba7be92f9315dd71f8f0571be1b4094dc2c96aa3850433ed3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Apr 2023 04:13:26 GMT
Keep-Alive: timeout=5, max=10000
Last-Modified: Tue, 14 Jun 2022 17:37:40 GMT
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Apr 2023 04:13:26 GMT
Keep-Alive: timeout=5, max=10000
Location: https://lemzspb.ru/
Server: Apache
X-Redirect-By: WordPress

GET
H/1.1 200
OK classic-themes.min.css
lemzspb.ru/wp-includes/css/ 217 B
509 B 55ms
32ms Stylesheet
text/css 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lemzspb.ru/wp-includes/css/classic-themes.min.css
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 10:35:27 GMT
Server: Apache
ETag: "d9-5ecdefb5b4bb4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 189

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 207ms
71ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%7CFira+Sans+Condensed%3A400%2C400i%2C700&subset=cyrillic&display=swap

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4918b43694447e6cdfcdd335b9791ef508b83172a77e53f4e73b268f72ed5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Apr 2023 04:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 04:13:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Apr 2023 04:13:26 GMT

GET
H/1.1 200
OK style.min.css
lemzspb.ru/wp-content/themes/reboot/assets/css/ 223 KB
42 KB 94ms
39ms Stylesheet
text/css 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lemzspb.ru/wp-content/themes/reboot/assets/css/style.min.css
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 4aba04370354f21eb09970b87c1d5b51a2ea71753978705386219b4821ba3b37

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 20:48:16 GMT
Server: Apache
ETag: "37db4-5e182a3f65b89-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9998
Content-Length: 43084

GET
H/1.1 200
OK jquery.min.js Show response
lemzspb.ru/wp-includes/js/jquery/ 88 KB
31 KB 98ms
36ms Script
application/javascript 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lemzspb.ru/wp-includes/js/jquery/jquery.min.js
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Nov 2022 10:35:27 GMT
Server: Apache
ETag: "15e54-5ecdefb5b5b54-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 30995

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 221ms
79ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fe5c3091752b8a97d9e3217744f408187f8a7cebcdfd04cde3283bcf2885a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48369
x-xss-protection: 0
server: cafe
etag: 7633882866637884219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 04:13:26 GMT

GET
H2 200 7d51e470a83904eeb8ba803a2f2e38e9fbf4e1d2.js Show response
push.24olimp.ru/1004801/ 14 KB
4 KB 391ms
53ms Script
application/javascript 92.38.252.165
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://push.24olimp.ru/1004801/7d51e470a83904eeb8ba803a2f2e38e9fbf4e1d2.js
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 92.38.252.165 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b5e736f3989ea6c896689924676f07a15702d2000e730452dc37afedb996ecb5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: gzip
last-modified: Tue, 28 Feb 2023 07:35:43 GMT
server: nginx/1.16.1
etag: W/"63fdaecf-37c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/7ba93d70-1db8-4f18-8cd6-f42f176728ba/ 271 KB
58 KB 217ms
61ms Script
application/javascript 2600:9000:225e:800:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/7ba93d70-1db8-4f18-8cd6-f42f176728ba/plugin.min.js
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8e169e7c9e27f69e39f6c9e8bb9b7283db3b9485e5fcef4b815b3aaf64284f2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 03:58:19 GMT
content-encoding: gzip
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 12:39:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 908
x-amz-server-side-encryption: AES256
etag: W/"c71273cb42bbf5af1b6351f81905f340"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 8IKM7If4nq91BtkhFNWyGgmCdAM9Jc8N_jeAKp59GLZHzfZ9VBXZuQ==

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 287 KB
85 KB 169ms
64ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c071fd7b17918e8823cfbe1d5bb3c5d2f5ce9f47ac501d8fdc5249b0e88198ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1680495206875678-16477421297098304962-vla1-4706-vla-l7-balancer-8080-BAL-6363
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 03 Apr 2023 05:13:26 GMT

GET
H/1.1 200
OK lemzspb.js Show response
s3.wi-fi.ru/mtt/configs/sites/ 16 KB
6 KB 165ms
49ms Script
application/javascript 91.220.120.249
MAXIMATELECOM

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.wi-fi.ru/mtt/configs/sites/lemzspb.js

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.220.120.249 , Russian Federation, ASN202173 (MAXIMATELECOM, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

95eec40f7573a24dc0074edd15e434f990788f3a3db29039a20066e568a25a1b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Content-Security-Policy: block-all-mixed-content
Content-Encoding: gzip
Last-Modified: Fri, 31 Mar 2023 13:01:57 GMT
Server: nginx/1.14.2
X-Amz-Request-Id: 175182A4C828DCD6
Etag: W/"5bb64c1162720cc71c432defacc26529"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Minio-Deployment-Id: ae9e4692-ccf9-495e-ad65-b797e6550821
Connection: keep-alive
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK wpshop-core.ttf
lemzspb.ru/wp-content/themes/reboot/assets/fonts/ 57 KB
58 KB 95ms
32ms Font
font/ttf 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lemzspb.ru/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde

Request headers

Referer: https://lemzspb.ru/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Last-Modified: Wed, 15 Jun 2022 20:48:16 GMT
Server: Apache
ETag: "e52c-5e182a3f64be9"
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 58668

GET
H/1.1 200
OK scripts.min.js Show response
lemzspb.ru/wp-content/themes/reboot/assets/js/ 52 KB
10 KB 73ms
32ms Script
application/javascript 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lemzspb.ru/wp-content/themes/reboot/assets/js/scripts.min.js
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 80042a2ba4be8704e8b41ec93c8e81a2c6df1f2b4176b272fefa2611a5af30b5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 20:48:16 GMT
Server: Apache
ETag: "d14f-5e182a3f65b89-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 9758

GET
H/1.1 200
OK swiper.min.js Show response
lemzspb.ru/wp-content/themes/reboot/assets/js/plugins/ 135 KB
35 KB 80ms
39ms Script
application/javascript 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lemzspb.ru/wp-content/themes/reboot/assets/js/plugins/swiper.min.js
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 8091feb8ae351ea191f02af60b6c3caf882df14011ce872d8dba382e3509c7b4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 20:48:16 GMT
Server: Apache
ETag: "21b2f-5e182a3f65b89-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=10000
Content-Length: 35003

GET
H/1.1 200
OK lazyload.min.js Show response
lemzspb.ru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 32ms
32ms Script
application/javascript 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lemzspb.ru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 May 2022 14:43:01 GMT
Server: Apache
ETag: "1ed2-5df36284e4740-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 2704

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af6bd3f9ee669bc57d0d63d5a767677c9f40032def06b4a33626f8de637e7106

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c90fbb486219001049b8d878dcecbd06bcc799518896416df9dfe2918b62c26

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73ed0e65cdace58a090069188df31d194b8c81ac33ff696b52beab4e0d8b861a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97df1d15bca156612589d032dd9f81cc0f2b0b5e6a7f15bd4fc6e867b091bcd8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f68786eac283b5f393a57aa12cac5b3c55f26b3b226de98c6dc9afc252767ab6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e76dc3506cb6cc5b6990aee36bbb0b8ee6d3dc2ec178776c20809dfba47640e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eab8d9a62dd51ac089cff79945988543cfef7365d9140bd3852fe87138f64d46

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 448325b3d1e07ef378bbab4e97738da742d873e22e84c82b75585ac3fa6bd748

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39bf4b0526001d82bd85bb655c49d93522bd920d05c29f5da24330a519b208bf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f7bfc542aafccfcfd218da96d3474ef580038d1903341e4b30e4ee23c8a10c4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 707615bad80a3b7ddc8b04051c8dd5f5eaa5fbc37020e5628bd0442a893d35f3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 205ms
97ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

067796392caf6a57a4a084f2b87b7bd9ca1ec0247d6c01e62bf320673ae1dbfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 29 Mar 2023 14:23:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64241f95-12129"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74025
expires: Mon, 03 Apr 2023 05:13:26 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 21 KB
21 KB 195ms
62ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%7CFira+Sans+Condensed%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:42:50 GMT
x-content-type-options: nosniff
age: 495036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21276
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:42:50 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWU3IuMB0ciZb.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 11 KB
11 KB 253ms
120ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWU3IuMB0ciZb.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%7CFira+Sans+Condensed%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c10ae1f077570131a120fe65c3e73f38274137c6dc06557625be9eb02ad8f187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 16:59:22 GMT
x-content-type-options: nosniff
age: 472444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11032
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:49:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 16:59:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 276ms
143ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%7CFira+Sans+Condensed%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:32:46 GMT
x-content-type-options: nosniff
age: 495640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:32:46 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWU3IuMR0cg.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 23 KB
23 KB 304ms
174ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWU3IuMR0cg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%7CFira+Sans+Condensed%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

458af683b8dbd6454c2ab93f5d228801d4c9edb8a8a8930c28563c6406a849f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:47:30 GMT
x-content-type-options: nosniff
age: 491156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23784
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 11:47:30 GMT

GET
H/1.1 200
OK shutterstock_252852034-scaled.jpg
lemzspb.ru/wp-content/uploads/2022/06/ 198 KB
198 KB 32ms
31ms Image
image/jpeg 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lemzspb.ru/wp-content/uploads/2022/06/shutterstock_252852034-scaled.jpg
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: 0a4d5497c35d905a11c33e131e72ed0aee10fa28b258bb5ae8a813c130955a72

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Last-Modified: Tue, 14 Jun 2022 17:44:33 GMT
Server: Apache
ETag: "317bb-5e16bf513f57f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9998
Content-Length: 202683

GET
H/1.1 200
OK skrinshot-14-06-2022-204503.jpg
lemzspb.ru/wp-content/uploads/2022/06/ 136 KB
136 KB 32ms
32ms Image
image/jpeg 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lemzspb.ru/wp-content/uploads/2022/06/skrinshot-14-06-2022-204503.jpg
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: f31210e21886d78cd5e904606d37dae653e9cd277274864ba467b8335d26a4e6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Last-Modified: Tue, 14 Jun 2022 17:37:01 GMT
Server: Apache
ETag: "21f35-5e16bda2c08f5"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 139061

GET
H/1.1 200
OK skrinshot-14-06-2022-204503-768x463.jpg
lemzspb.ru/wp-content/uploads/2022/06/ 83 KB
83 KB 33ms
33ms Image
image/jpeg 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lemzspb.ru/wp-content/uploads/2022/06/skrinshot-14-06-2022-204503-768x463.jpg
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: c4d58e72dd5abb163be649075719ec3c04f7debf325c316399967df418be8c10

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Last-Modified: Tue, 14 Jun 2022 17:37:01 GMT
Server: Apache
ETag: "14bb2-5e16bda2d7055"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9999
Content-Length: 84914

GET
H/1.1 200
OK skrinshot-14-06-2022-204227.jpg
lemzspb.ru/wp-content/uploads/2022/06/ 43 KB
43 KB 31ms
31ms Image
image/jpeg 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lemzspb.ru/wp-content/uploads/2022/06/skrinshot-14-06-2022-204227.jpg
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: b1a657586b22addb8accb2d4699c03c24a8bb812c8bf87401bd49767e77682ea

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Last-Modified: Tue, 14 Jun 2022 17:34:26 GMT
Server: Apache
ETag: "ac33-5e16bd0ed3815"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9997
Content-Length: 44083

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 108 KB
31 KB 128ms
127ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: s3.wi-fi.ru
URL: https://s3.wi-fi.ru/mtt/configs/sites/lemzspb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

094f6f233e9472167435b246490604861a4246e03b7996791854f66e94ba9b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1680495206942238-3975828401393723018-vla1-4706-vla-l7-balancer-8080-BAL-6402
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 03 Apr 2023 05:13:26 GMT

GET
H/1.1 200
OK all.js Show response
s3.wi-fi.ru/mtt/banners/libs/1.10.0/ 140 KB
32 KB 103ms
102ms Script
application/javascript 91.220.120.249
MAXIMATELECOM

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.wi-fi.ru/mtt/banners/libs/1.10.0/all.js

Requested by

Host: s3.wi-fi.ru
URL: https://s3.wi-fi.ru/mtt/configs/sites/lemzspb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.220.120.249 , Russian Federation, ASN202173 (MAXIMATELECOM, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

523489f9e3d44cb42f1eced6c1d82424fe8a22fec67829c4c4c6d3b073b95b9b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:26 GMT
Content-Security-Policy: block-all-mixed-content
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2022 11:34:29 GMT
Server: nginx/1.14.2
X-Amz-Request-Id: 172416DB4B4C93A7
Etag: W/"bd505244c64d67b1af689439dd44b90e"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
X-Minio-Deployment-Id: ae9e4692-ccf9-495e-ad65-b797e6550821
Connection: keep-alive
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK sdk.js Show response
cdn.afp.ai/ssp/ 185 KB
185 KB 508ms
104ms Script
application/javascript 79.98.186.40
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.afp.ai/ssp/sdk.js
Requested by: Host: s3.wi-fi.ru
URL: https://s3.wi-fi.ru/mtt/configs/sites/lemzspb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 79.98.186.40 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 0a4e2bc9aab60ed6d79dce51d9497b00f20ba2626de58981188931e10d4b8a30

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:27 GMT
Last-Modified: Wed, 29 Mar 2023 15:50:59 GMT
Server: nginx/1.14.1
ETag: "64245e63-2e206"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 188934
Expires: Wed, 03 May 2023 04:13:27 GMT

GET
H/1.1 200
OK sdk_review.js Show response
cdn.afp.ai/ssp/ 1 KB
2 KB 456ms
52ms Script
application/javascript 79.98.186.40
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.afp.ai/ssp/sdk_review.js
Requested by: Host: s3.wi-fi.ru
URL: https://s3.wi-fi.ru/mtt/configs/sites/lemzspb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 79.98.186.40 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 5f805f444ebaefc343935db22815a0fe404e7b266ec1c076d65b1bffbf30d90e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:27 GMT
Last-Modified: Mon, 14 Mar 2022 21:00:00 GMT
Server: nginx/1.14.1
ETag: "622facd0-598"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1432
Expires: Wed, 03 May 2023 04:13:27 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 350 KB
117 KB 106ms
104ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2169694473459397&plah=lemzspb.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a2b0af78d1e0476fd280d54a68747c7b35b87b406d48f63a61bceb74c987eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119835
x-xss-protection: 0
server: cafe
etag: 10066925422718870707
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 04:13:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame B115 10 KB
5 KB 206ms
61ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lemzspb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 5100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 02:48:27 GMT
etag: 2378337311435320485
expires: Mon, 17 Apr 2023 02:48:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/70274068/
Redirect Chain

https://mc.yandex.ru/watch/70274068?wmode=7&page-url=https%3A%2F%2Flemzspb.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A776%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A...
https://mc.yandex.ru/watch/70274068/1?wmode=7&page-url=https%3A%2F%2Flemzspb.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A776%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...

420 B
502 B

51ms
50ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/70274068/1?wmode=7&page-url=https%3A%2F%2Flemzspb.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A776%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1577016443018%3Ahid%3A689335615%3Az%3A0%3Ai%3A20230403041327%3Aet%3A1680495207%3Ac%3A1%3Arn%3A637937510%3Arqn%3A1%3Au%3A1680495207663380286%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C72%2C247%2C31%2C179%2C0%2C%2C273%2C1%2C%2C%2C%2C804%3Aco%3A0%3Acpf%3A1%3Ans%3A1680495206028%3Arqnl%3A1%3Ast%3A1680495207%3At%3A%D0%91%D0%BB%D0%BE%D0%B3%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%B8%D0%BA%D0%B0%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1aeb766ac924a2d17e1ad98235f2a050e20502b398905537837541a9ccfd6ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 03-Apr-2023 04:13:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://lemzspb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Mon, 03-Apr-2023 04:13:27 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Apr-2023 04:13:27 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/70274068/1?wmode=7&page-url=https%3A%2F%2Flemzspb.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A776%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A1577016443018%3Ahid%3A689335615%3Az%3A0%3Ai%3A20230403041327%3Aet%3A1680495207%3Ac%3A1%3Arn%3A637937510%3Arqn%3A1%3Au%3A1680495207663380286%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C72%2C247%2C31%2C179%2C0%2C%2C273%2C1%2C%2C%2C%2C804%3Aco%3A0%3Acpf%3A1%3Ans%3A1680495206028%3Arqnl%3A1%3Ast%3A1680495207%3At%3A%D0%91%D0%BB%D0%BE%D0%B3%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%B8%D0%BA%D0%B0%20-&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://lemzspb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 03-Apr-2023 04:13:27 GMT

GET
H2 200 1c0942547d39e10f5f56.js Show response
yastatic.net/partner-code-bundles/750183/ 14 KB
5 KB 219ms
108ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/750183/1c0942547d39e10f5f56.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b36d18262c665dc0425d093d2ea9ad977b9d3e9354c87d80652e1f1bb0d10dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://lemzspb.ru/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4802
last-modified: Sat, 01 Apr 2023 13:38:00 GMT
server: nginx/1.17.9
etag: "668a3950da8eb6da1c28fd7908df7c49"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 02 Apr 2053 10:47:03 GMT

GET
H2 200 4cab6e305d240daa62fb.js Show response
yastatic.net/partner-code-bundles/750183/ 113 KB
24 KB 240ms
130ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/750183/4cab6e305d240daa62fb.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

80003f2a47d9ea059497c2bf2290c45376dec5ae871c3e7fb6b75a42976457eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://lemzspb.ru/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24408
last-modified: Sat, 01 Apr 2023 13:38:00 GMT
server: nginx/1.17.9
etag: "dd3c1c567576be648b5510d8409da7d4"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 02 Apr 2053 10:47:06 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 255ms
146ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://lemzspb.ru/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 02 Apr 2053 10:47:14 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 193ms
86ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://lemzspb.ru/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 7674843f3d04387c
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 09:59:57 GMT

GET
H2 200 07cea2bf8567304efc16.js Show response
yastatic.net/partner-code-bundles/750183/ 23 KB
8 KB 258ms
152ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/750183/07cea2bf8567304efc16.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1a4b2c54c117337f422afbaaff66c2f30cff7cba3d0d0901f8fd6fb88a0430fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://lemzspb.ru/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7928
last-modified: Sat, 01 Apr 2023 13:38:00 GMT
server: nginx/1.17.9
etag: "b7d7dc1fffeeacfb9334152f36025838"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 02 Apr 2053 10:47:06 GMT

GET
H2 200 2ec9a88e40a26b53acde.js Show response
yastatic.net/partner-code-bundles/750183/ 7 KB
3 KB 259ms
154ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/750183/2ec9a88e40a26b53acde.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cb3f20872ae1f1a7c92266646845b7184b62e779cc4f30b8d350f7fa4876563c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://lemzspb.ru/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2065
last-modified: Sat, 01 Apr 2023 13:38:00 GMT
server: nginx/1.17.9
etag: "fced67fbda4d7ff51a1d90ba012e72e6"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 02 Apr 2053 10:47:06 GMT

GET
H2 200 3662773e92b91b066498.js Show response
yastatic.net/partner-code-bundles/750183/ 584 KB
112 KB 150ms
150ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/750183/3662773e92b91b066498.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

795b2a01caf325aef8ed9aa0165bfb2a06d6bbea388aa84d5be120e289396688

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://lemzspb.ru/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 114156
last-modified: Sat, 01 Apr 2023 13:38:00 GMT
server: nginx/1.17.9
etag: "3b7937d925d9119bc47d9dd426752b21"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 02 Apr 2053 10:47:04 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
137 B 50ms
50ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 29 Mar 2023 14:23:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64241f95-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 03 Apr 2023 05:13:27 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
272 B 270ms
54ms XHR
application/json 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0b4d27af1817d4f0e0bdae3c777259e7a36fa2e9c2a6e5fed8efa53442172ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://lemzspb.ru
date: Mon, 03 Apr 2023 04:13:27 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
timing-allow-origin: *
content-length: 88
content-type: application/json

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 236ms
75ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/7ba93d70-1db8-4f18-8cd6-f42f176728ba/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29d3f486006b57de9e7da9a589c31236493d8b6530b4be8c3730110f1308d31b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25737
x-xss-protection: 0
server: cafe
etag: 746 / 19450 / m202303270101 / config-hash: 4618862490447205413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 04:13:27 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 246ms
69ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lemzspb.ru&callback=_gfp_s_&client=ca-pub-2169694473459397

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2169694473459397&plah=lemzspb.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07d729aa65e3ca26f7c3304b34fcc65b5277225123dc5798483cc7c4ec7fa5e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
531 B 235ms
70ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=lemzspb.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 230ms
70ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lemzspb.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B50A 179 KB
48 KB 401ms
401ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&adk=1812271804&adf=1573534164&lmt=1655228260&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Flemzspb.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207079&bpp=13&bdt=548&idt=225&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4312723642993&frm=20&pv=2&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=262

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a709de0e1f32a1feee31a046987a53229bc53f43cc37c2c4c40846053846c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lemzspb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 49352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 04:13:27 GMT
expires: Mon, 03 Apr 2023 04:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK settings Show response
ssp.afp.ai/api/ 3 KB
3 KB 300ms
52ms XHR
application/json 79.98.186.41
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.afp.ai/api/settings?unit_website=lemzspb.ru
Requested by: Host: cdn.afp.ai
URL: https://cdn.afp.ai/ssp/sdk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 79.98.186.41 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: bd80a95b5885f96220ff2b87e97ea9bdbcaaab4b42a9df0a3850c696b7cd09ba

Request headers

Accept: application/json, text/plain, */*
Referer: https://lemzspb.ru/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:27 GMT
Server: nginx/1.14.1
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://lemzspb.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2933

GET
H2 200 b887192c4a62fd372984.js Show response
yastatic.net/partner-code-bundles/750183/ 9 KB
4 KB 50ms
47ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/750183/b887192c4a62fd372984.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

59800a8e9074505b17b07c2642b748e0af86c7cadbbd89900d7a88a9f73be4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://lemzspb.ru/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 3550
last-modified: Sat, 01 Apr 2023 13:38:01 GMT
server: nginx/1.17.9
etag: "ede2c098857d8aee30fa0fbd9ef4341e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 02 Apr 2053 10:47:16 GMT

GET
H2 200 2cb660f53ca2715aab17.js Show response
yastatic.net/partner-code-bundles/750183/ 29 KB
9 KB 52ms
49ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/750183/2cb660f53ca2715aab17.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8002a945f5b52c6a4012321dfed057486e0cb2cf37773cc204567ed6347eef8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://lemzspb.ru/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8506
last-modified: Sat, 01 Apr 2023 13:38:00 GMT
server: nginx/1.17.9
etag: "f506cb01cd1e3f99d88ae289bf3a9c56"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 02 Apr 2053 10:47:26 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/ 399 KB
124 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4271be75b6549727b2f6b020a48a3df7d47a7e97f70371379935d25d52dbdd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 20:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27890
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126961
x-xss-protection: 0
server: cafe
etag: 11043018428268230335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 01 Apr 2024 20:28:37 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 89 B
96 B 199ms
70ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lemzspb.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8fe215d68eba760ee1d1f705630caa34e71b503cd1f8a137207200b475ba837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
expires: Mon, 03 Apr 2023 04:13:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
165 B 75ms
74ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=lemzspb.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 70ms
69ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lemzspb.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
618 B 217ms
217ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3198531475903731&correlator=311089924076666&eid=31072020%2C44785728&output=ldjh&gdfp_req=1&vrg=202303270101&ptt=17&impl=fif&iu_parts=121764058%3A22042839856%2Czoobird.ru%2Czoobird.ru_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=857435150&sfv=1-0-40&ists=1&fas=8&sc=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&abxe=1&dt=1680495207858&lmt=1655228260&dlt=1680495206531&idt=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flemzspb.ru%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d3582a0f5ff7ffc827325d585d1f40db57f2cb82ade993a2ec5764429d818a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lemzspb.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8228 6 KB
3 KB 234ms
69ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lemzspb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 04:13:28 GMT
expires: Tue, 02 Apr 2024 04:13:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/ 33 KB
12 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea7f035b47da981f01e9f8291473c0aa416f7d24ee8f530b7d702e8545f3c3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:08:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50696
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11869
x-xss-protection: 0
server: cafe
etag: 3343871760691556743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 01 Apr 2024 14:08:31 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
12 KB 491ms
491ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3198531475903731&correlator=311089924076666&eid=31072020%2C44785728&output=ldjh&gdfp_req=1&vrg=202303270101&ptt=17&impl=fif&iu_parts=121764058%3A22042839856%2Czoobird.ru%2Czoobird.ru_SF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=3&adks=4054483793&sfv=1-0-40&sc=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&abxe=1&dt=1680495207867&lmt=1655228260&dlt=1680495206531&idt=1276&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flemzspb.ru%2F&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=640&ohw=0&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68287dc702e37fa57ad91175274ac856c9273acb0813d98e1bd74004d59bb51c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12036
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lemzspb.ru
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 689ms
688ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3198531475903731&correlator=311089924076666&eid=31072020%2C44785728&output=ldjh&gdfp_req=1&vrg=202303270101&ptt=17&impl=fif&iu_parts=121764058%3A22042839856%2Czoobird.ru%2Czoobird.ru_ATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=4&adks=4214233573&sfv=1-0-40&sc=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&abxe=1&dt=1680495207873&lmt=1655228260&dlt=1680495206531&idt=1276&adxs=436&adys=673&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flemzspb.ru%2F&frm=20&vis=1&psz=0x0&msz=728x0&fws=132&ohw=1600&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5de1270d2557350968918b123be25f62091d74ab0b4ffce7aaab50e043e4ac1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9585
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lemzspb.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
10 KB 928ms
927ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3198531475903731&correlator=311089924076666&eid=31072020%2C44785728&output=ldjh&gdfp_req=1&vrg=202303270101&ptt=17&impl=fif&iu_parts=121764058%3A22042839856%2Czoobird.ru%2Czoobird.ru_W1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=5&adks=2274898234&sfv=1-0-40&sc=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&abxe=1&dt=1680495207878&lmt=1655228260&dlt=1680495206531&idt=1276&adxs=1050&adys=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flemzspb.ru%2F&frm=20&vis=1&psz=0x0&msz=300x0&fws=132&ohw=1600&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6164e56cbfc489dda1e1e8be7c3ec2d7a47f77bfade1a367609197c99a069f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10638
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lemzspb.ru
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 150 KB
51 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

125d5fa613eec3bc5949a3fc0cb2019787014e171063f31e66bd2eca1cd95aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52131
x-xss-protection: 0
server: cafe
etag: 17978340190145771462
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 04:13:27 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE31 87 KB
33 KB 452ms
452ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=600&adk=4275107220&adf=1171174942&pi=t.aa~a.2813527312~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1655228260&rafmt=1&to=qs&pwprc=9361489909&format=300x600&url=https%3A%2F%2Flemzspb.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207925&bpp=4&bdt=1394&idt=4&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0&nras=2&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=yZiHpTT6L1&p=https%3A//lemzspb.ru&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c66ee5d05eb732bf9eee25a58b37e0f78e88eb5555aef985c221713fd578881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lemzspb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34078
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 04:13:28 GMT
expires: Mon, 03 Apr 2023 04:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BE77 78 KB
25 KB 532ms
531ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=513&adk=514322978&adf=2595696695&pi=t.aa~a.2438994202~rp.4&w=730&lmt=1655228260&nsk=586a14bf&rafmt=11&pwprc=9361489909&ad_type=text_image&format=730x513&url=https%3A%2F%2Flemzspb.ru%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207952&bpp=2&bdt=1421&idt=2&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0%2C300x600&nras=3&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Gnps47ug9G&p=https%3A//lemzspb.ru&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8709dcdf61f0d4e056e80e61413357bd0f4dd0ff4ccf8114e50932556e31a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lemzspb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 25703
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 04:13:28 GMT
expires: Mon, 03 Apr 2023 04:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.fi/adsid/ 107 B
122 B 70ms
69ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fi/adsid/integrator.js?domain=lemzspb.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 70ms
70ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=lemzspb.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/ Frame 3FB9 10 KB
4 KB 61ms
61ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lemzspb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 3389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 03:16:59 GMT
etag: 2378337311435320485
expires: Mon, 17 Apr 2023 03:16:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 3FB9 4 KB
728 B 71ms
70ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 02:18:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Apr 2023 04:13:28 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3FB9 205 B
650 B 204ms
61ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 23:12:23 GMT
x-content-type-options: nosniff
age: 18065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Apr 2024 23:12:23 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3FB9 604 B
695 B 204ms
62ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 00:53:54 GMT
x-content-type-options: nosniff
age: 11974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 02 Apr 2024 00:53:54 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/ Frame 3FB9 19 KB
8 KB 213ms
63ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 22:30:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EFA5 8 KB
893 B 71ms
70ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

167b257107cabdb59f856f00b9f9947ccea131594fda5897adb27503126a6a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 02:19:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Apr 2023 04:13:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame EFA5 2 KB
818 B 133ms
126ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 22:30:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame EFA5 22 KB
9 KB 87ms
83ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 22:30:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame EFA5 3 KB
1 KB 126ms
124ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:00:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:00:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame EFA5 20 KB
8 KB 71ms
69ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:21:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EFA5 158 KB
49 KB 254ms
81ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2023 04:13:28 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame EFA5 34 KB
14 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 01:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 01:00:22 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012303151529000/ Frame 7AA4 221 KB
61 KB 240ms
62ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d412cffd4efa8babc5ab9c766ddf02558ff109c15732a3be109ecc1133fe2bde

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Mar 2023 17:09:17 GMT
age: 558251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61771
x-xss-protection: 0
server: sffe
etag: "ec0c62706e34eb3f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 26 Mar 2024 17:09:17 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 7AA4 15 KB
5 KB 347ms
170ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

215ab645453e03febd3fd2d6f5c7d6f9c9db5e70e0ebfeeb8ce68c95b60c86f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 30 Mar 2023 20:16:54 GMT
age: 287794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0
server: sffe
etag: "0c002879bc7fcff3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 29 Mar 2024 20:16:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 7AA4 94 KB
28 KB 351ms
175ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be7cf0def7deb05e739d9866c290df220818f11d361aab9ae2b8c80315f33c57

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 01 Apr 2023 23:07:16 GMT
age: 104772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28895
x-xss-protection: 0
server: sffe
etag: "3455c82fafc2c13d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 31 Mar 2024 23:07:16 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 7AA4 5 KB
2 KB 374ms
199ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e9019ccb6873ec8c8fc35dea4f692774101c4d7b6b71631dc837e1b367dfd0d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 30 Mar 2023 20:16:54 GMT
age: 287794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "43d7e8881e2bc346"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 29 Mar 2024 20:16:54 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012303151529000/v0/ Frame 7AA4 40 KB
13 KB 375ms
200ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303151529000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adce49a4a3049319e0952dc4b316f74a1a3e51bb7f4a0d9409eabcaabd326a3c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 01 Apr 2023 23:12:58 GMT
age: 104430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12941
x-xss-protection: 0
server: sffe
etag: "9279e7fc66fb3af2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 31 Mar 2024 23:12:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7AA4 4 KB
618 B 74ms
73ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f0d14e678c7dd5f443e5810048090a0a12ac42e474c478b948a8d44c7f6a4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 03:25:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Apr 2023 04:13:28 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7AA4 3 KB
3 KB 66ms
60ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 36496
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
expires: Mon, 03 Apr 2023 18:05:12 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7AA4 344 B
449 B 67ms
63ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 67930
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 03 Apr 2023 09:21:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7AA4 0
0 232ms
69ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNBVRMWVxQe_G0C_fbn7bFNzQ6ozlCQDCvH7SVGIjoM6IoCN3QzqwKBHjt-zqUWMUv4J9MqpYmdE_adx2miSdiEgn7fw
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7AA4 0
0 109ms
106ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjrmSaFIqZObIAqSM7_UP7uCYiASSuYv8aaSypaqmD7uMg6zHARABIKqAwyJg9wGgAZami7sByAEJqQLnoxjtiS-yPuACAKgDAcgDCqoEjgJP0ByawxsxKGLugutRgD8THGkvoRTJcBFdBn-K8PYhDrqxn5xuJfVrxQZREX5UCiL1w1ZgieFs7fDgeRgDvtlxRsYDFZcxAIWpvMCA7yfZroZSL7zGRSTdtnWuzMj-Kl0avR6LbK69FBPtwPi1jHiwuxOnyBls3Iz_VLDgMR2slQGGUrOEERNcrEzS89dfHZtTxCoD8P9EzpmeTzbxjx9w051eyxLgWvEPw9H_6QZ9uONV_gJdg8-xcr0st4C5jqHAM4VCPglzSTBulf5iy0-Xotw6k3NOY7ZSCkuYZHE43ItCde8IqG4PXxONOPWSdX0Le6RGdoQuVq3FgVbdKv25dbQU6xuTipqof6Z32qjABJ3Y5Oy9A-AEAZIFBAgEGAGSBQQIBRgEoAYugAfS2fTEAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEK_DBNIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xMDkzMjY3MTU1NjcwNTkzgAoDyAsBuBPkA9gTCtAVAYAXAbIXHgocCAASFHB1Yi0yMzgyMDEyNTIyOTc5MTA4GJLvIQ&sigh=L6wREThpKTw&uach_m=[UACH]&cid=CAQSOwDUE5ymx_hfg9h5tXzCoztb-ytcStnl5cmAFwXuZatuVqp7mgrE7uQsfIx9yaXM7idcT3_7ggwuvXvEGAE&template_id=484
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/8805013643643767318/ Frame 7AA4 48 KB
48 KB 64ms
63ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8805013643643767318/6592766407814317453

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a764c6458cc83d892f1ae7caa0b260b238cf9000d11db1e9ba6d505af0e06c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:35:16 GMT
x-content-type-options: nosniff
age: 391092
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49005
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 15:23:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Mar 2024 15:35:16 GMT

GET
DATA 200
OK truncated
/ Frame 7AA4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10bdf4ea2e568a69a0c35be2e27934855159dbc3189c335aa5115048a5ee401d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame EE31 2 KB
799 B 86ms
85ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=600&adk=4275107220&adf=1171174942&pi=t.aa~a.2813527312~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1655228260&rafmt=1&to=qs&pwprc=9361489909&format=300x600&url=https%3A%2F%2Flemzspb.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207925&bpp=4&bdt=1394&idt=4&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0&nras=2&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=yZiHpTT6L1&p=https%3A//lemzspb.ru&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 22:30:02 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame EE31 22 KB
9 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 22:30:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame EE31 3 KB
1 KB 78ms
73ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:00:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:00:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame EE31 20 KB
8 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:21:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EE31 0
0 167ms
70ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiKiF9_bQPfQuLDW5GGWyYWo4he8BOpKF1nKpmwGYrpAjUy-4BFdPnVN8r0YZYpWNkc-CGWsJVVosi9wMpOsntUXlTHg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=600&adk=4275107220&adf=1171174942&pi=t.aa~a.2813527312~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1655228260&rafmt=1&to=qs&pwprc=9361489909&format=300x600&url=https%3A%2F%2Flemzspb.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207925&bpp=4&bdt=1394&idt=4&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0&nras=2&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=yZiHpTT6L1&p=https%3A//lemzspb.ru&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE31 158 KB
49 KB 113ms
108ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2023 04:13:28 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame EE31 34 KB
14 KB 75ms
70ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 01:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 01:00:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEC4 143 B
166 B 62ms
62ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 2896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 03:25:12 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE31 0
0 107ms
106ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL1g0Z1IqZMzfPJOu3wPc94eQCKrSwOholuyQ3fYOChABIOvJxitg1QWgAdmmwaIoyAEBqAMByAPLBKoE2AFP0NUSMUGqsQIACe32bm8WdCRra5u1R3lS5o1KdybzTbqcMEwPZCNR-q-ZKa1MzXkQsXTqZfholXYlZHSz9NmcevlVOatKbmu-81Khh52mg3Th7PWiYECiHMzK6QZsNpW5L1Ljlc8kv-SgwJi8OLV4pmxq_YlInLIOws_PEKwZ5hU5BV5OQ0fVqaSfHY2y7bYGC3Az6r07VGPoNf9mAzN98ktOlM1v07Ouz6qjnI34WUVy-g4unCpWnF6fwbfEbQ8lrdYECqi61VkCaoIf91KU4RMVXnwaZn3ABN-I6Z_vA5IFBAgEGAGSBQQIBRgEoAYCgAfZ3pGCA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELKqA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMCiBQD0BUBgBcBshccChoIABIUcHViLTIxNjk2OTQ0NzM0NTkzOTcYAA&sigh=xaCvOahjWNI&uach_m=[UACH]&cid=CAQSOwDUE5ym9APcLmsVL08fY_KGZ2R8oXnsuDUL36Bbz-sATypch_vFOyhA-wnWvrKNR_z9QEFIKusr7cywGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=600&adk=4275107220&adf=1171174942&pi=t.aa~a.2813527312~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1655228260&rafmt=1&to=qs&pwprc=9361489909&format=300x600&url=https%3A%2F%2Flemzspb.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207925&bpp=4&bdt=1394&idt=4&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0&nras=2&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=yZiHpTT6L1&p=https%3A//lemzspb.ru&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Apr 2023 04:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame BE77 22 KB
9 KB 64ms
61ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=513&adk=514322978&adf=2595696695&pi=t.aa~a.2438994202~rp.4&w=730&lmt=1655228260&nsk=586a14bf&rafmt=11&pwprc=9361489909&ad_type=text_image&format=730x513&url=https%3A%2F%2Flemzspb.ru%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207952&bpp=2&bdt=1421&idt=2&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0%2C300x600&nras=3&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Gnps47ug9G&p=https%3A//lemzspb.ru&dtd=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 22:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 22:30:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BE77 8 KB
713 B 77ms
75ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cb00b3db2e68ae430cd96730d426b74a42cd138f3f2475564861aa1fdda0888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 02:14:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Apr 2023 04:13:28 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230327_RC00/ Frame BE77 14 KB
3 KB 207ms
61ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230327_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fba9c137973a10da57f6fb5a99315f47821bb085e7632378943dd6650fb11ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2820
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 10:37:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Mar 2024 14:11:41 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230327_RC00/ Frame BE77 377 KB
129 KB 209ms
64ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230327_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3fd39aed1f80c650f72ec55e002c64a78e9dff21e43858b9cd03b40660a2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 14:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132048
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 10:37:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Mar 2024 14:11:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame BE77 20 KB
8 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:21:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BE77 0
0 137ms
71ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTrhvDsGfzc5HSe53d-uzlvX2Dqw8Dnhxa8-8RN3Ehgi50Njd5MQGzRK-PywLvMeRdOJLH-voiNRTiBfYnSyKzQkYO9A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=513&adk=514322978&adf=2595696695&pi=t.aa~a.2438994202~rp.4&w=730&lmt=1655228260&nsk=586a14bf&rafmt=11&pwprc=9361489909&ad_type=text_image&format=730x513&url=https%3A%2F%2Flemzspb.ru%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207952&bpp=2&bdt=1421&idt=2&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0%2C300x600&nras=3&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Gnps47ug9G&p=https%3A//lemzspb.ru&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 9162597893636447685
tpc.googlesyndication.com/daca_images/simgad/ Frame EE31 32 KB
32 KB 152ms
151ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9162597893636447685?w=360&h=640

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a56d8d0fbe3945bf34ba1a22a9aefd459047fe57a6a4182854aef492a94bec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32876
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 20:47:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 10 Apr 2023 04:13:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7AA4 15 KB
16 KB 65ms
63ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 495738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7AA4 15 KB
15 KB 68ms
67ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lemzspb.ru
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 495737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:11 GMT

GET
H2 200 container.html Show response
cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4460 6 KB
3 KB 79ms
59ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lemzspb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 04:13:28 GMT
expires: Tue, 02 Apr 2024 04:13:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEC4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

70ms
69ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 04:13:28 GMT
expires: Mon, 03 Apr 2023 04:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 04:13:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5917 1 KB
643 B 67ms
61ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 68705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 09:08:23 GMT
etag: 48472445140208031
expires: Mon, 03 Apr 2023 09:08:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EE31 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 950d5d7051895580bfa7c5e177edc65342cb4f469358aa23c8c24bc689486421

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AAFB 624 B
242 B 78ms
75ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHb17MCEOWFkMcCGKCV5eMBMAE&v=APEucNV7NCWthQDrRNV9hxcqiNj30bxJeffSZ2CnpEjyVrsy3PZL4NZOsshDSxLwhTHfLQaikDV2DoK-7h4FcaDYVVzUGiypEe6JQ2cQHbRGCmU2xX0dqGm_pQ5wp5AUr8V4AEbbDydbdu2KfOV3BbAM_VkqjV0XdBPEjUO4-UtxapXb-0t9Ixu_q6cE48sMSQa1xVuRwp4EEPcVSiMF1FVz-XGOhF1t8g

Requested by

Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 04:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4460 78 KB
27 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 03 Apr 2023 04:13:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4460 42 B
63 B 103ms
100ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3NO2L04Y1Jl09aK0Nmx7-Gv3ff6sq_C2fOmH8SufRq7yeZ0MSH7lhlVwP9Uildm8zcEXRWQf-A0s3Ugt9DdpjjFrQ9LICZOgGg2OttEvMDW1kJpY

Requested by

Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4460 0
20 B 102ms
99ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3341520007210956089&x=1&ct=77

Requested by

Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 64142ff0c56577c34d0eccad Show response
c.bannerflow.net/a/ Frame 4460 69 KB
23 KB 185ms
100ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/a/64142ff0c56577c34d0eccad?did=5d7b8b746d67af0001f5b22f&deeplink=on&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCXOWXaFIqZKzLEvGU7_UPutOo2ASJ74nIb7v996OkEZfWsPKYJBABIKqAwyJg9wGgAduWkbkByAEJqQLnoxjtiS-yPqgDAcgDmwSqBJICT9DO0SdkpBnI9LQEGEbaYu0lXdWLTG1uqMW0qtpVsT2bCYYop5V5egxWO2mskeimCkoSFdBG1hDAv-h1L3zAjFLaw2yStlsbxFlgjbW4Q2m6J0COhkVQXUp2C6pehKNgPcdKkdeUfjqMHZ0ZKurUHmsMcYyRk5WQrfs9H6xFRxH_3wrEokG317bcIDQT8ru7ECiZCzncL7Xlhgbegu3iUgZmdVq7tTXs5j-WQUBfYbV7tXNdMYMSLvbUbyCmcRFJxHRryI_gY_k7ErofSSvVfoYhby9JVD2hO2d1SMYkSuvPvf8hO9qtIQV56lsl_oEwhdPVeR9XF1ZQLuyXJcWOhzElDgHpY_JwhoFt5XaV7R1LjMAEv6C8zLEE4AQDkAYBoAZNgAeN6e7GAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMTA5MzI2NzE1NTY3MDU5M5oJKmh0dHBzOi8vd3d3LnN0b3J5dGVsLmNvbS9maS9maS8jcHJpY2VQbGFuc4AKA8gLAYAMAbATjYfeEtATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ym5ilsHGm29vZqV9RMjQ_5A4Pxnwt4JwJzr-9KdwSTzPqfoiNjDcSPjyPrpSWH-agNyvdK-YnrGAE%26sig%3DAOD64_3_xdpev5LkYnyUg2uhIWpJkDLcWQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-C69jmV85rDGF4NGAJTSwnu3yo5Vtt7KVVtzT8KvAzImtJ7MiU_JBYITwmpaadSTWnfUK0zsNHIDpIOKzlmtr3SuN9MZVmq1J47AQu8kN66RtluZYxuOwe0F9o0NhjQ0MONLJcf2nofT-E4spWoKNr80ouCJ9dM_hn4JsyEfJPhw8mm7s8%26cry%3D1%26dbm_d%3DAKAmf-BBByvxZU0lJNZALVLjuAtQSSnWnYkBPXv9FPvev5ep9iBrQNnb0GQpngwdfL8xhRfupcuqpiPY7jfLyeKGOgGqUwjm94jxQLhHuwtUSj00nh_xcBclAGFJgaXmg3FECFtpbuGVPM-NkjlQLBoTZjetAnXuo0rNHPzrplHz7h1NZElZugPspLJ8ahYRA6VlLxPyXCmQ3aTw176IGGENVEHxJdYSSXYdEbYNHnIPcXiEAI_wkF6AVHkpW2kwzaAiLXsQGCj4yXJJDf1xYgL5AUmJGQJCLgPU7J2hkPhwr-u_ujeJpo8A09_mrHqbuH64ONHI9WIOBpGyO8LFrQCDN0oPkoeY1HT4vCCUif_4cYaodDQI0Jt7tCiDaclypYANW8L165m6NJEu3Q2IueXbhs-f3dcawoYZ6my9BB7pus-WPfRU6fQbi5cgdvJDiQopcOiUHtq7mXM5W0XdcRK4mPGJvp6i8m2wl08VgoEud0vLTkB9BefSVWg16CWZ_sWb4-uICai5GHUfJYeSh8lxbaSZMHfvjA%26adurl%3D&cb=1680495208304556
Requested by: Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc225d7702bb26b5bb402e0c5cd5f8fa1a426755eea6146744645c13d52becdf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 03 Apr 2023 04:13:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, s-maxage=10
cf-ray: 7b1e7aaf189cd93f-HEL
request-context: appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 4460 3 KB
1 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:00:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:00:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 4460 20 KB
8 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 09:21:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4460 0
0 72ms
70ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbCB03_PLj9E3h3Q-KnRiOG7O9_DsXKn3J9YAF-5AZHfUzZ9hH5zaUC3l2b0Qxw3ZaJ_W1A4vFb6I-UxAT82s-t5pOHQ
Requested by: Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4460 158 KB
49 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2023 04:13:28 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESENHQEAABbGXkhHt5NEmb4hY&google_cver=1&google_push=Aer7DvKOuv_XY2yGleHt9Ox8yVq1nkDy2cKGZxXRl6HdPtkkk7eDRxaSd50aTT_2AqysZj75EdzxSq4xQJoc1y_p...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKOuv_XY2yGleHt9Ox8yVq1nkDy2cKGZxXRl6HdPtkkk7eDRxaSd50aTT_2AqysZj75EdzxSq4xQJoc1y_pCAO5E2_q1Pczpaw

170 B
188 B

81ms
80ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKOuv_XY2yGleHt9Ox8yVq1nkDy2cKGZxXRl6HdPtkkk7eDRxaSd50aTT_2AqysZj75EdzxSq4xQJoc1y_pCAO5E2_q1Pczpaw

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 03 Apr 2023 04:13:29 GMT
Server: MT3 711 dd187f8 master nrt-pixel-x8 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKOuv_XY2yGleHt9Ox8yVq1nkDy2cKGZxXRl6HdPtkkk7eDRxaSd50aTT_2AqysZj75EdzxSq4xQJoc1y_pCAO5E2_q1Pczpaw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 03 Apr 2023 04:13:28 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGYelzc0dkC95FopXbgDQs4&google_cver=1&google_push=Aer7DvKePT4zdGxJwn1CoDOK-6_EdU2C8lGQmxdHOclf007IBQ0vPulULaZcBsY4sVAVMkTUdCFfYn0eWx5...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKePT4zdGxJwn1CoDOK-6_EdU2C8lGQmxdHOclf007IBQ0vPulULaZcBsY4sVAVMkTUdCFfYn0eWx5Jlkm8LVMWN5gGIozsZmsF&google_hm=y69nFyJQTfCjyBAr...

170 B
243 B

71ms
71ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKePT4zdGxJwn1CoDOK-6_EdU2C8lGQmxdHOclf007IBQ0vPulULaZcBsY4sVAVMkTUdCFfYn0eWx5Jlkm8LVMWN5gGIozsZmsF&google_hm=y69nFyJQTfCjyBAr3jyYerc

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvKePT4zdGxJwn1CoDOK-6_EdU2C8lGQmxdHOclf007IBQ0vPulULaZcBsY4sVAVMkTUdCFfYn0eWx5Jlkm8LVMWN5gGIozsZmsF&google_hm=y69nFyJQTfCjyBAr3jyYerc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEItXwwJT5nR6jNCxRWF6Wak&google_cver=1&google_push=Aer7DvIiGhsFD18Mp0YJH80xiLs8Vc-i_6ZyoDoiJjnuPqEAcrB3NLOttaPJWgAETpFOxAeI-nFjrvGOggSVR9...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxNzY3MTk1OTQ1ODIxNjA3Nw%3D%3D&google_push=Aer7DvIiGhsFD18Mp0YJH80xiLs8Vc-i_6ZyoDoiJjnuPqEAcrB3NLOttaPJWgAETpFOxAeI-nFjrvGOggSVR9p8D0...

170 B
232 B

73ms
72ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxNzY3MTk1OTQ1ODIxNjA3Nw%3D%3D&google_push=Aer7DvIiGhsFD18Mp0YJH80xiLs8Vc-i_6ZyoDoiJjnuPqEAcrB3NLOttaPJWgAETpFOxAeI-nFjrvGOggSVR9p8D0oDczJaECKM9xc

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxNzY3MTk1OTQ1ODIxNjA3Nw%3D%3D&google_push=Aer7DvIiGhsFD18Mp0YJH80xiLs8Vc-i_6ZyoDoiJjnuPqEAcrB3NLOttaPJWgAETpFOxAeI-nFjrvGOggSVR9p8D0oDczJaECKM9xc
Date: Mon, 03 Apr 2023 04:13:28 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBGVIU8zQWawLZqorGUL1ok&google_cver=1&google_push=Aer7DvLsHr5hPuzZlwbako3L41TejGsLS6XpG7i6WBRjUTZX0v3u7Nvex1i-Z1WqwzCS6YkvzMb9iy18jmuqPSYc...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvLsHr5hPuzZlwbako3L41TejGsLS6XpG7i6WBRjUTZX0v3u7Nvex1i-Z1WqwzCS6YkvzMb9iy18jmuqPSYcPmwdVqlXl-xg2rZK

170 B
232 B

72ms
72ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvLsHr5hPuzZlwbako3L41TejGsLS6XpG7i6WBRjUTZX0v3u7Nvex1i-Z1WqwzCS6YkvzMb9iy18jmuqPSYcPmwdVqlXl-xg2rZK

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Apr 2023 04:13:28 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvLsHr5hPuzZlwbako3L41TejGsLS6XpG7i6WBRjUTZX0v3u7Nvex1i-Z1WqwzCS6YkvzMb9iy18jmuqPSYcPmwdVqlXl-xg2rZK
x-host: tde-deliveryengine-production-86c874c4d8-wzc4h
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB29UAqDZw7BGSKwdoFl808&google_cver=1&google_push=Aer7DvJAqK8K4fuYO0AY05fBy0Cb1OTHRNJTCQ4xNXBnlG2EkSLhByLzGenvZe1yMRMGkesOtLcd168E...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB29UAqDZw7BGSKwdoFl808&google_cver=1&google_push=Aer7DvJAqK8K4fuYO0AY05fBy0Cb1OTHRNJTCQ4xNXBnlG2EkSLhByLzGenvZe1yMRMGkesOtLc...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvJAqK8K4fuYO0AY05fBy0Cb1OTHRNJTCQ4xNXBnlG2EkSLhByLzGenvZe1yMRMGkesOtLcd16...

170 B
232 B

97ms
96ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvJAqK8K4fuYO0AY05fBy0Cb1OTHRNJTCQ4xNXBnlG2EkSLhByLzGenvZe1yMRMGkesOtLcd168EFYFUM7M5jvRI_-0asJI7weJx

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvJAqK8K4fuYO0AY05fBy0Cb1OTHRNJTCQ4xNXBnlG2EkSLhByLzGenvZe1yMRMGkesOtLcd168EFYFUM7M5jvRI_-0asJI7weJx
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5917
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB29UAqDZw7BGSKwdoFl808&google_cver=1&google_push=Aer7DvKHAm4lJLCeGed1mHFJgLVvMNNWrQ01ZWqazR5xlkiWLzVSE8fItkPuhKHni0rD6MK33dHNUl7H...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB29UAqDZw7BGSKwdoFl808&google_cver=1&google_push=Aer7DvKHAm4lJLCeGed1mHFJgLVvMNNWrQ01ZWqazR5xlkiWLzVSE8fItkPuhKHni0rD6MK33dH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIxNTg2MDIyNjQ2NTIyNDUxMw&google_push=Aer7DvKHAm4lJLCeGed1mHFJgLVvMNNWrQ01ZWqazR5xlkiWLzVSE8fItkPuhKHni0rD6MK33dHNUl...

170 B
232 B

72ms
72ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIxNTg2MDIyNjQ2NTIyNDUxMw&google_push=Aer7DvKHAm4lJLCeGed1mHFJgLVvMNNWrQ01ZWqazR5xlkiWLzVSE8fItkPuhKHni0rD6MK33dHNUl7HeOO_3MpKyynqnYix0sJA-rf8

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTIxNTg2MDIyNjQ2NTIyNDUxMw&google_push=Aer7DvKHAm4lJLCeGed1mHFJgLVvMNNWrQ01ZWqazR5xlkiWLzVSE8fItkPuhKHni0rD6MK33dHNUl7HeOO_3MpKyynqnYix0sJA-rf8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5917 43 B
350 B 197ms
78ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENowaVFDry47eZz8Q3DrlYs&google_cver=1&google_push=Aer7DvIBh1OL3-vlX1Lyp5rtiHhtoG6aE5qtmQ2SRYGqZpR8wAQ_3CYRb8DiGyxJy9ml2OCBAyrPcnvjUPqFmTHWBn1pZ1nKmcXbc41C
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=600&adk=4275107220&adf=1171174942&pi=t.aa~a.2813527312~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1655228260&rafmt=1&to=qs&pwprc=9361489909&format=300x600&url=https%3A%2F%2Flemzspb.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207925&bpp=4&bdt=1394&idt=4&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0&nras=2&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1448&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=yZiHpTT6L1&p=https%3A//lemzspb.ru&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: tlb3d9qqnoupg1pato2p14b78raps398

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5917 0
139 B 215ms
68ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LsdyQ6QAQDAiZeyAEV27ll3o9LVBkf-1FSspeIUZ90z2jGXea1X5G3ctUJotQWhmNA5QNX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js Show response
pagead2.googlesyndication.com/bg/ Frame 635C 36 KB
14 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 14:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 309787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14116
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:10:21 GMT

GET
H3 200 wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js Show response
pagead2.googlesyndication.com/bg/ Frame 98F1 36 KB
14 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 14:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 309787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14116
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:10:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AAFB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXPgL3nfT-jQUCFOsx6jJE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXPgL3nfT-jQUCFOsx6jJE&google_cver=1&C=1

43 B
766 B

57ms
57ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXPgL3nfT-jQUCFOsx6jJE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHb17MCEOWFkMcCGKCV5eMBMAE&v=APEucNV7NCWthQDrRNV9hxcqiNj30bxJeffSZ2CnpEjyVrsy3PZL4NZOsshDSxLwhTHfLQaikDV2DoK-7h4FcaDYVVzUGiypEe6JQ2cQHbRGCmU2xX0dqGm_pQ5wp5AUr8V4AEbbDydbdu2KfOV3BbAM_VkqjV0XdBPEjUO4-UtxapXb-0t9Ixu_q6cE48sMSQa1xVuRwp4EEPcVSiMF1FVz-XGOhF1t8g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 04:13:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 04:13:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEIXPgL3nfT-jQUCFOsx6jJE&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AAFB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZCpSaTNcdjH915yQc7BwOQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXPgL3nfT-jQUCFOsx6jJE&google_cver=1

43 B
766 B

58ms
57ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXPgL3nfT-jQUCFOsx6jJE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHb17MCEOWFkMcCGKCV5eMBMAE&v=APEucNV7NCWthQDrRNV9hxcqiNj30bxJeffSZ2CnpEjyVrsy3PZL4NZOsshDSxLwhTHfLQaikDV2DoK-7h4FcaDYVVzUGiypEe6JQ2cQHbRGCmU2xX0dqGm_pQ5wp5AUr8V4AEbbDydbdu2KfOV3BbAM_VkqjV0XdBPEjUO4-UtxapXb-0t9Ixu_q6cE48sMSQa1xVuRwp4EEPcVSiMF1FVz-XGOhF1t8g
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 04:13:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXPgL3nfT-jQUCFOsx6jJE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame AAFB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECQDfAHGdym3dWgyGXQiniA&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECQDfAHGdym3dWgyGXQiniA%26google_cver%3D1

43 B
1 KB

55ms
55ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECQDfAHGdym3dWgyGXQiniA%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHb17MCEOWFkMcCGKCV5eMBMAE&v=APEucNV7NCWthQDrRNV9hxcqiNj30bxJeffSZ2CnpEjyVrsy3PZL4NZOsshDSxLwhTHfLQaikDV2DoK-7h4FcaDYVVzUGiypEe6JQ2cQHbRGCmU2xX0dqGm_pQ5wp5AUr8V4AEbbDydbdu2KfOV3BbAM_VkqjV0XdBPEjUO4-UtxapXb-0t9Ixu_q6cE48sMSQa1xVuRwp4EEPcVSiMF1FVz-XGOhF1t8g

Protocol

HTTP/1.1

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 04:13:29 GMT
AN-X-Request-Uuid: fc706d9c-3f29-4d0b-8736-f6d0d116d564
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.204.1.183; 185.204.1.183; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 04:13:29 GMT
AN-X-Request-Uuid: 8e44ae47-b62a-4593-80fc-ae02498f9b26
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECQDfAHGdym3dWgyGXQiniA%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.204.1.183; 185.204.1.183; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAFB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1MDg2NTE1MTU3ODI4MDIyOQ%3D%3D

170 B
188 B

77ms
75ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1MDg2NTE1MTU3ODI4MDIyOQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 03 Apr 2023 04:13:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.204.1.183; 185.204.1.183; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1c70d5ce-5897-4252-9dc1-2716632c8ce7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1MDg2NTE1MTU3ODI4MDIyOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032303151621000/ Frame 3430 221 KB
60 KB 65ms
62ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032303151621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bac819a5bc970cd6cb39e39cfcba3cdd94646474eb9085eeb5a25d62d23313c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Mar 2023 23:51:54 GMT
age: 447694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61783
x-xss-protection: 0
server: sffe
etag: "55b574c8e559156e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Mar 2024 23:51:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032303151621000/v0/ Frame 3430 15 KB
5 KB 100ms
98ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032303151621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4f1ff793b9ae11982096cb0c049cd0a0cee90b9cddfe72c35b33b370f743865

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Mar 2023 23:51:54 GMT
age: 447694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "64ac5ddec28ac2aa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Mar 2024 23:51:54 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032303151621000/v0/ Frame 3430 94 KB
28 KB 90ms
88ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032303151621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

397850bc917afaa87d5ffce333fd3db75d324bb3a76249ab53cfd9e60197742b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Mar 2023 23:51:54 GMT
age: 447694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28944
x-xss-protection: 0
server: sffe
etag: "46c36ca14bcffdc8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Mar 2024 23:51:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032303151621000/v0/ Frame 3430 5 KB
2 KB 85ms
83ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032303151621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74cd04f60065b6e31e98e97a89b616b2f46ac40ea2533bba749515688b4b8047

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Mar 2023 23:51:54 GMT
age: 447694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1905
x-xss-protection: 0
server: sffe
etag: "e0aae84f332fc66d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Mar 2024 23:51:54 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032303151621000/v0/ Frame 3430 40 KB
13 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032303151621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1085ca7b96d9f287bf35a440569948a42787e6a6b94144936149dee077b22277

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Mar 2023 23:51:54 GMT
age: 447694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "cbb0c0b6f4ec6009"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Mar 2024 23:51:54 GMT

GET
H3 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3430 3 KB
3 KB 64ms
63ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 36496
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
expires: Mon, 03 Apr 2023 18:05:12 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3430 344 B
368 B 62ms
61ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303270101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 67930
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 03 Apr 2023 09:21:18 GMT

GET
DATA 200
OK truncated
/ Frame 3430 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bfd2f06c30b3b82aa3c931d2d72cb136fad148c0d8ad245cbdaf57f70565b73

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 17911180986046359903
tpc.googlesyndication.com/simgad/ Frame 3430 130 KB
130 KB 63ms
62ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17911180986046359903

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49877ef274b96707b12cf48388f3ba01b787402b7eedd4d9bfa9b02f699f333b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:42:48 GMT
x-content-type-options: nosniff
age: 408640
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132860
x-xss-protection: 0
last-modified: Wed, 08 Jul 2020 15:19:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Mar 2024 10:42:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3430 0
0 71ms
71ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQp0HktjE5F6LcTEFQu4d7-i7es3e44Hq5nm9g5swB8Wync-doSSI0z1ckDGplQiCVQ0OnNJOV4ZX03gIO0YbEcWyZx1Q
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3430 0
0 106ms
105ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrvXJaFIqZLqGIN6U7_UP5Yuo6ATz9em8Zbnbg43HC9Ol9f0IEAEgqoDDImD3AaAB8OW6ogPIAQOpAuejGO2JL7I-4AIAqAMByAMIqgT7AU_QRiROr8LgChnaY0hy0Pf5_1He_9b0d4vdxZBPxVJhYgYQmO1YixJkoVQA2yvUZKOIDM90AdQ-KB86guZSRogJ3YHCrrPCQid2sjN2ITHBTfzjzMxByWr6UIJd0zEZT1yPJW7mXZwOtVK6HI13W60dtxnssAlRTn4QUrKIkHiAAl723_IX6mzmqzGcX0O2vcDj9JNhHuBIgG3C8Dlvby1g97bDSNNNf0fcaKgh512tLvFyredhyfxuBwR4WK5S6iXxlbNmiAmQBr4raaoFku30Q7fXhXamYzM78hUvtylYxCks9IRdzXNoS7fUGLrYg1iboDvS8kXTX17XwASag6Le6wHgBAGSBQQIBBgBkgUECAUYBKAGA4AH-JnFXagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEN-RDdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0xMDkzMjY3MTU1NjcwNTkzgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTIzODIwMTI1MjI5NzkxMDgYku8h&sigh=DXhYYpLsSxQ&uach_m=[UACH]&cid=CAQSOwDUE5ym4MOFb9hGTjqA1v-GehcnNj5sYXg_MYEo-ZGRzmt_3iqj4T6hzLSyrNIL5t7L_zw0P6OWOpFfGAE
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4460 0
20 B 95ms
94ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9612388805760&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4460 0
20 B 106ms
106ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9612388805760&version=m202301230201&ct=77&x=1&cor=3341520007210956300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4460 15 KB
11 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPzvl28wYj_KYSrIACqvRrF6Z8Y9VTQZYjYu_IAOfi4vWRVDJkNscutHFCl6yZyLDI0GcAE8MmolZpBpgh4DRYX7C2pkei-xchiNZj7YcFkDKRVw2hTPp-3otdaNLTER6pmnML7gbtI96HjlLvn4FeUD8BgI1Hcf-AOJL0q4HyYNyW5pE&cry=1&dbm_d=AKAmf-Bi5pbt094z_SDnXKpY98xk9FaciZQCgKJJyWuL6q1tybcQZpOYfBHh0Zvgkm4oybKb-CIKYlYmKGKtYteew9FnT8cuJzEqHiFto3Afw8qSm_Zg-Hg11wVywWc3SiK442fE4Ef8JW-cZVeJFDNbCbXJ49owj_evlEVyT2vVJWXo7IjeKSRaSuiOF3am4KJmJtFj7y9shqq4WoTVLK6wmJThqJXKewy_zGeKPH25qfqfIV_AFg9efsiEOMsb7bOV7iWLi6mwZzCOZY8PrsByqCrA_UB4ydO2hcmC8iX9D9gQGTla8acLXzst509cCNa9s1jX3gn3KFa6oKLG2qcLX9QQu0SXCoWe7WDoTZueZJEUWuKsFzxfGyb4I5NdPXX6vjdxP4cekJYJ8oxQWFZzpYVTbVFXSj0YtqKpwmqFiPv6idQDFyL6IkBtc7V9gAKkg40JdoKcwnq1zNfdITswvglcYPzdZLKcdUy90BQHuSyrMv_nY5-Nv7U-I3r9lf6rdZL1oXmUJ36KFvJ5GK2wiP9_GaZAWwyhAsq5mCWZ3-bS2y5qIXSG6t0LpPSJGitPiLkQZlPk1HDfE4VQIwERrkJeJAoaRTmZycxGEctLv-kKE0jC75qCmvhzJ3Z9Y1ceH1PFJmTtUCZGdsVlRrYOGPhlYxO0irl8t88lvWdbYfgTyjfl6uoViozbpLLQoPPqzfv3_GJ2alWpUM8phFkgJPjfL5njbXl1CYTlodjenWLpr87Y8WSR2wiid3yLQwn8iGD88KLjMT7M7qlVxvktbs1iDEDFbmqQhR_mK5NSV5swMgMnx5Z6Nhr2OPiduddOiDbbHXd6ZwY9BHhI-44cTOH4N21ovvYeDD6zeDq7b6pq9hacwWMrVtTHay-qVaWAVjKbPcUpnqBXppMIeA78VcYWLWleecL85u0pkJtIq1kX__QKTA3DJIA1HGiPNF8K2N5fNIcPOVexTDPThQRpg07NZjL6QUEY0c1XyOzyoSsk2uhokLsM13zbgdjLabsScTdzVmM_Rx5s63sjWR_D34vvPtFE_6l4kaGXtYZf2LyCZ5rF_k8PAciRAF6CX3E8gvkYSeE_2MvSPZGHLOxJkJ5S1DQox0O3TK45dQzDKI4JXxMJ0ixBsqjwWgurWwwfqbEYMK5axtH57_82aIrsck9CbiA7bdB74vMsgUUNmtzF4kDvwfBuewaRr81HZCuvGhNv-79watTsgSALDUPVtlxz4wfsoIqAxqyz1ca_59M3a5E_L4zIX5Xk73hgFPQScGbxPTUiLEZsFIL0b79XbDCyxOUEmfmX4zpMllH13-5rb-FT0lFqYtSC7VSH_29pMiGwZnsHj5ff_xoIcEOWG-z_9WF1-kXJkzynq_H9FEvJ0yfzAGjjwFjUJ6qufwpLbXk8rj8NGIjLjX9tkLiUc1sQljLMYLtRDU0Wc_w-FBy9lCae3E3bShRkGCIhRgWI5bYAKK2_rLLg0F3Mfi2pGxsU_pl73ajsgRTiJV1axBG6zAk0yD17Osn7FXdbmqXJcjV_T5KD2XpDPwhU9lyMNYKfGARRHbeUb8vN5HwMQz8YjbQqEkoBMS1h7lVMItRsxDSYMliOP6ZIyKOto7RnTeWrde3VGAj8VfJgOwgwO56y6MrvBcKwv5evJgkQBW_CsEsEGXCeJOyxYbQar-1Nn9v5GF4QcMXpLSQS6W2oo0-bOdoGIz2Scxx5NbgDOxEpeilEallZICNVbIzY5z9HbQSVoaXjU8i09yMSFRM0ukFdST-Re7jJSEum2BzzEBSPB5ow5BKFjBDwwUG7VjkTwZMQ2U20UN-OTA85kg9bkFFKcz8zOcuofDyGjxnA8pVRHmFU0OWBUEaYC5SY-mUmdKzstwOBmLKyW5R5RA5O5HkWLMyfPDte-3wM6jlYomP3mh5cm_JON2vXFL3bChKsDO9YLfIoXUA3CAwcL7CDdRbfG9RJB01KFKweSkZtoFPl4ts1m-JvgHZErB4u17yDadHoniCv8Cw1IQKZ24RvqN96VeCNaZDJJ5GrR391mposECA-byPlBHr6Thm8v6rMJPRKBohK1giW4k0hleSzUT7HqCCzcMHDgZKCl6SFCD4mWre-DergbTgLEuvUcruV1hCdpvVvAIhQ3LxYX46RAFe1aM9cwwbB0d0r-ZQmVMNOibZmG7rqPtcuJ-zi3BVeGnk5jl_nOJUF1vLWHGi6pD6A1fnGqECtGE-FPmjrgh2NpyBxcyZloxJkZXSS1hY9osH4QFXuhSSLrfrbJ0H0w24TzIh-rz9JlgQfk0gGkS-R-Ro0a9W4M32DfhM4L2BqENKDOQuh-E9G5ihCFC59RQgM2QUdQrH_DobYVOjz_V2NU0I7ZcSlZHmenaBeOUQ4XpC0heRHCiY-XVdHYC1ekpgHnCEPEQe0nQSIbKBd4sH4hkGB7hnQTOa8jBk_6K4mK6ZICa2xkYqiIOsmfRZCU5Hbzlsf8G0gftHhp5gD6-rRCnGAGVsojjJiiNU2ADcwZ0WsJEvMaq0P5at66beyFx3rTaJ4Khn6YLeKdrH4EfG6-nTHgNLmQHGlCpmeiu83CqIwr2gVlpEXaQajPzGHxAQLa6V-jqdOr4yrkJD6q1RfgI8iJjiXAqr9JO85aT_cRpenbtB8R2muyeD_mZNWWDssxl3jjPv4nDDXN48e8K3xzSL-l6VSNUxKUm44Qz_rKOfdVjnaQ217chpVWB91z_JEFDoYlWFNm885uI_Yqtx6oEPOadfUQYu9Cd16JkX1-VEvoPogna_ovsLb6zzpVcc7qoAwzbQ3TA2fQCEZc0Xs1dgEGVTflkGXgGUmK2CXU0wQQHAhBngcCARiszjoBOc49iKapcYiYS0If1FK5_VCCIpKRjuzdohHczTfZ6RB2OrEK7ZOy7iQwrjq3bXEGodYw6w2OajzKYQ-IeXJY_oA28Ctvg1NgzFH2A53cuUECCGxfvRcVF6BegvM9UUaOIKAxoGmCp3_Eqq4hVPHJusetdJg3Kwq5n0e-_AA18qQ5fpN_iJym8-V-_wWnMgb9gVtOa6BikIwaaIJYiYna_Kx3pt5XBNfxX-EHXtT_7Nq0e6hUnxJEvjOIvZHUhf5YeXC7Z9ohClXvwcXyVaYvvauwDZucca_QuuF-kU-prlr-jLNgrTqVOIE_gxDmWzNkGWVqLsCv_LwBvcLc9ioBlCPn7C8MeNOEK309IbzmwnoAKHVzIPfqZg14YaI0ZpIlY1JjdTG9aQ7CQ6BbJnFL4NxSk-KACaYx1tEh1Lhzh6NkqETrg9o6r2UlbRl4tMEb1_BfI-gTQhacaBVCJxW4QIJrRyEtNWFVjItLocPr19ZTeEyHYv_fLZIaOXlg-O9DmIKBfB2_KZMcxgdIJ9TOsapZBbmBv-CqpbHy0DGRz-wBKH0OuOmgorAh7A9amlKzob8P-z66dcGfKtadg7gqmBivW7GguLwiT2xS8qnE45bYmj99deXHl76n6Ql33x0Sy5Ol36dsQbUGKDEdWiNAlxHci5niflko-NCMK-7W8NmDDJnWseUgMdV2e-uf4dsrrvERkZlPb3YY1WpRsE5I0ZPLes9q6zDA8scYh3XLVowO4NYsu8_91Xb94m-pAma5UM502aCvBpchwG01gWR6BDbvcQmj7B2UV9nRopaJY2wRIZwhJFDRJKOgEpqxQkyMeLTTCyt2vsuU-ALJQ07GE6NqIZewSFW5UPVhGF4p3zYLa1vFXPkDWikKbEsGaRjADTupwNMNaPGf38_NR-CN4VGL-AxxbWfWOSu8ERbeWd-MAdoB_l33ecYaf38vZnHnA__OMj20qMZnBEhiM8uRHUYk0vvAQmd9yswuSurCR07L9rzpfpSgkzbnTzl7CSIIAwYnKG0hxU&cid=CAQSOwDUE5ym5ilsHGm29vZqV9RMjQ_5A4Pxnwt4JwJzr-9KdwSTzPqfoiNjDcSPjyPrpSWH-agNyvdK-YnrGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Flemzspb.ru%2F&ds=l&xdt=1&iif=1&cor=3341520007210956300&adk=2857193498&idt=96&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6a5968665c64515444f54dd4e14318f66239a95d11c01f36ddbcadb22e501e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7AA4 3 KB
3 KB 86ms
86ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 36496
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
expires: Mon, 03 Apr 2023 18:05:12 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7AA4 344 B
368 B 102ms
102ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012303151529000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 67930
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 03 Apr 2023 09:21:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BE77 0
234 B 321ms
110ms Ping
image/gif 2a00:1450:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lg0bgi1l&c=4560652538737&slotId=2280326269368.5&qqid=CL6Tr7_sjP4CFQ_Cdwodl9IMuw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230327_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BE77 9 KB
9 KB 71ms
70ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:22 GMT
x-content-type-options: nosniff
age: 495727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BE77 15 KB
15 KB 61ms
61ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 495738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE77 0
20 B 96ms
96ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CZZd6aFIqZL6_AY-E3wOXpbPYC86a2-Bvr6uW0osRvqLKwcMyEAEg68nGK2D3AaABqf_lxgHIAQWoAwHIA5sEqgSAAk_QGv3xQkER-CzyvQeDB5LfxZ0Xj0D-9gPjNVm0wCZU7VD7U6yxIAsuvi2si51MRLtlvitUALmPP6TnDNpLpGtcxK96RdaPWkKPqxUnz1W_xAUu-2Eb6OKhPYpCJkGNu7_vi2cUp2HPSd9SwzMnNDrtAAt5cPw7zI6ayaJe2sBf2AsB9CzegRZ7APkG2JPfcPKqtVmr2G-J_7WkzDu4MeCLP9es2QRclmCPIP0wAibNQV9WArwOuKPZWoYMryrWclTVPw0CZxASImi7kvYzO_uISbvDskBnuNHDHval6eSeDxLBUbwXyveA74pQPTtS-7lpie9W5A1I0I61UnVnZXvABKbQ9pOtBOAEA5AGAaAGToAHv4CauQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE8uw3hLYEw2IFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1680495209090&ai=CZZd6aFIqZL6_AY-E3wOXpbPYC86a2-Bvr6uW0osRvqLKwcMyEAEg68nGK2D3AaABqf_lxgHIAQWoAwHIA5sEqgSAAk_QGv3xQkER-CzyvQeDB5LfxZ0Xj0D-9gPjNVm0wCZU7VD7U6yxIAsuvi2si51MRLtlvitUALmPP6TnDNpLpGtcxK96RdaPWkKPqxUnz1W_xAUu-2Eb6OKhPYpCJkGNu7_vi2cUp2HPSd9SwzMnNDrtAAt5cPw7zI6ayaJe2sBf2AsB9CzegRZ7APkG2JPfcPKqtVmr2G-J_7WkzDu4MeCLP9es2QRclmCPIP0wAibNQV9WArwOuKPZWoYMryrWclTVPw0CZxASImi7kvYzO_uISbvDskBnuNHDHval6eSeDxLBUbwXyveA74pQPTtS-7lpie9W5A1I0I61UnVnZXvABKbQ9pOtBOAEA5AGAaAGToAHv4CauQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE8uw3hLYEw2IFALYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BE77 0
54 B 307ms
110ms Ping
image/gif 2a00:1450:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lg0bgi2r&c=4560652538737&slotId=2280326269368.5&qqid=CL6Tr7_sjP4CFQ_Cdwodl9IMuw&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230327_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame BE77 28 KB
16 KB 241ms
86ms XHR
text/xml 64.233.167.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BWLZQNFvSIwvIbIK3VWhMW_uCdbWxCMpPnAPuMBbjuiOXg1EWlCIkhHdtO_5eiNFsOSswfgBuWA7SGmGcZ7KpoHIwHBQ&cry=1&dbm_d=AKAmf-AiSmUbrDE-0tUwoesPZMcEY1OfdMb5k2cGFk-YFaR5hWL8hIfIS03sQ5pRAew7AJHmAnGO9vfr9szCPPYrvWyLesTgYFR9Yoi8YopvKPwxE8SKsL_nE6SQe0CX67utf7u-SaTuC1soyMaLf9OeCHLREYC1KhjnJ8UGeYHf29EJptxfHKIrWxBXd6K8SbCdhrIqgHuON_QM43enQOaCRCLv2V3YTJJVQtlyJTEgizvTw-HRvNmy4lSmfBmE2S-9jUyaM9y7y5E0PL9SoI0L168DkIOdnKE8R3uFQYPXZCAz0UIaTKqtnhT1cu-Fnu1TAn1iCWw4qTfEj8aqx-ORXGY-aO6LNJRMxXd1Dkis4UHvRvjodCjMbbtVB2jTE2nNoL1eW-zN4RV75Aqe0P5Watyjw4rvywQSW03awhFd1k0UdYUesFGejtIyRuDWd1EzFHG7oqxY4SFZ53a-0DJXpj-E99jwu2Aok9f5tef3wmkNdO5QubQbn2p9d29Pn-u20oxBUQJxl0S_6kXjg_gnF1t9Y2cT3gH7H0RX4JLEOQkb1DBrMghGYnkXvKpr-ujliptH7hb_uxBZ4VV-2kPaQGC9Qf7hYMnJRqMb6VNryr0GFDkCvh_cfkt5Tb5m4HheisrWzpQArWSBGdQN_GMzIHRBWcrXExP8IT6fFQIUMAPLFbdzV4ZI1mg_Wol0vMfXtoKo7eOrg0_zhxWFaRdDEo7vguzix1obEHcTWSeni3_10t4OV1xs5Lke7CzPaK3TOt2IxlEZIcxydL-Dgitm-Kq8aVb9zAtv_VqoXPg2qGkOiF7VZJC-LIRuVLRBj_HFblBmqTaLI4qvAOerNvF56unWiSAreKnUVEpcq0dKm34Vvh3CqHgVhOphyOTS5Hu1FFgdlJFEEPlzstfeo9YToOEgSQILxsdfujZTyfS5RD5jh9Gem5ZjPx-uDwwsrh5din-q-0vjj1SZRcGL8SWJNZg-gzlqNKkvW0C47nyU4QzjvwXUNDAeVK0tR6AVfMfxCpVlgmdf0YCqprWqGHWOmfCKCVHE5E2tRQPBI4pU-6cDLqbyETOLb-vaNZPdWAZmxsEEVl88jVPBHlFIIaXNSxtP4lp6SmlfZu5mpfiupnwMbfSPZtYQmGiYge7KMTtAWtdPCR4kDIywmqd45e_860KuiV3GlRyXAcSLoYJGnn7xyd9ulVpm-rNG4u5pUr0joG_eGhHSpysJCC7KgZnQgIAl9DlvK7p4wWvDE_xhM_NcwGMLPU-ODg5XyHfMgeY1iGjrRNi9c4qtbhH32zm6cYDGi8lMyjgsPvjKYbmn7v-9Nhby6orUB5JTzZeXAQEAWcbhz0TjwjiItIN7cnzVMtGasF28jTfGFuWwpvZnRzphnqKfSHLHkGSKAkyOtZ-Kq8AAfZGkMw4B8SJnaqvJUx2XUA6N85YLZf3lTlaKwexBXEnPyIvalVmPSnjcehm-3kMP7ddo0wMz2WgVhxNfXY3rBfbZZrI5A7z-fzFMU3zIYNccx8K4JXUsVALCciulcOccXcQYc8c45H2dKmYpwjv6ubNe9qk8F_IL_iwoBU3qIrVK0pyMBb_9XFJHC3aaVV04FRPrVIb-IAmhmhiiuYZzmo62BruOwf3J7S1DSpfgqOYiBqTytssNCOWUR7izvUGufE5juW2VuDcDx5FzMkdfHNddNxVT0lw71Li5UYit9oT4bIqi7VE6n8UoYZ-Jg8HaA0tXPSwVJ6QVehJ9H4lLKp98yU_truKx_48-nm8cg_OVtU7gYcMUoSTbCwTr50Tff6NfvWoGqmRrzixkq_Ah_qEEPW2HfEYlHJDetCQ4VwY5aBf7VH_PdGNGFEOxpB4bA94gqKXjQyg3-TsFoxnydyWRWLaHOTqJuq7j9MNPuNEwjgm-7R-R7OFLeajVIu5rnKqvUsoMLMFWQwN_guIpj0gMXUmsO__1TvKGp3vshE814pIkG-eMEUGwRnRuX4FJchu8E0-D3LxYWtGurD1q4aga02UzG3O4z4hU7KFltr4sslckOsPzzO7T61wQV8ACVU5WqM-jPLKKWAsdZx7GrRYb6NrNNlV_VqFnCf0KVm__Z_ByLW1H_FkDhfhB--I6TGpMpxJY4DLj1Y_gFyY5t-yUHGxzu54Rc84Lw50GFlp7q9sXWNs2sg8fzdAwu8QFYFNpVvhVEIBA0EyHHvS8Eigsfz_aH3EnDxddQgOIFx2GX_hxJoQt8D8v26kchfRlX1TSbIKMMeCoJnO6kNqjw7URQiCHNUXWaZ9A70Apo8qBK5UK6yu51oX6jsTm6puFa3BhkzZtmEN-Ek5fYvzPkOUgiGvpTaTz4g7olhA-lus6RmqEWUwkJfOxeHDL5GdXGrbPBS-JaVpavxAQVZcxpukYV42pp1DxrSsHDbsSBwb48C-IlnsU3cKl_Ah6jQTnmXLXn6dc4GQNmWPXvmAhEOQ2HDe-x28ITX1TqKC9VbFUDp7eatwBxrYlmSb2zvhpXmJFwu7mykZ6dbvRkNXjkPRoJO8Ugw2Z3maTsFR2Bm7BAQI6pRtAvi1qYJY2SsLalnEa3E-yGF9HcMEdPHRLM_HR21-13A94IMzCDmrZFKudbM7x39gJK2WyBrfvUCv_Pu9VUP-lJfYF0liiMshhDli-ZyB1p_JRv4jr8P_Mmt8WTFerzW0GdU-3iN2uzZw9fMcpn_DXmFqFG6b9gOQjmXSVeXZbyduGEISHrF6eidhEm0xPlb5YmZr9w7ISPgXZAXCqwJP6FFOCC1FJs0WVPfKvVvyWkwHTLhmS8W78KHV5EZlSlsiPOA1AJ56HlkN6DuptKj6YhSlBKvtu7WggfhkrMlihNADdu7Zw1y9l3zan5IuO4L8WHzJgjzUovbZfXMe49j0X8vBiFgHW6_UO_NV7RPZpTnp8SH5Ujl8tkjqKveVbxyP0xl-ThfIaVzs7D-q7GFEb9U6AV564yleT8ytVfbQRy8dOf7rXkM9K6tg0zkTgZnIatv_cyHbGqiCnKWCEYyJCKtgIW-GPgJJ6egfNwWplnjcaOrK4oiOazmD9JiqDgkzhRiMH45OvSnbuYtDbZoyiOxywm6aojeZmfDUKojgPsrC27TGH-1BD6UkLbbCe9uDVFqXDQsqQEDN9NHKFcagvPwZJ9FuDwKb1p_WA2qeUxufjQHSEcPUMbdOvhcsVW4YYJgVIVkQGHppkA3m8aJxDjDLXPqWE7bHeTf2VvfyRkOPNwFTX72BQvijXrPa0XMsRlapZTdQaafoK1gVCEQGsonV-sVF2BNa6TVNJGL33Nq6QH-HC4xtsOqCtfLkhztk8wFRJm3UHAVAU0lW5DVmIpdzipcGjKiAlQZ6VC8OSBq60t4nQjQxdgavqzzwCPRLIOTbxa-MEXnetDoPBu-EBisgn3vIVyDQGQIeEbTy21CKyiGV6og6UrFrDYpqsDi5i4hZ-x8w6RkG3kDZ9&cid=CAQSOwDUE5ymSFqgTLfYTVd9iGf5DY64VQB1lpF83-ra5x-XOvWD5k13IkiJBdXHanA2IwPssDv3Tmu3jYY1GAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230327_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f155.1e100.net

Software

cafe /

Resource Hash

e175863cdf068316ac40542c5d502fa7aecb97e2444a16ae4bed7c9c073605aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16373
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4460 41 KB
15 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPzvl28wYj_KYSrIACqvRrF6Z8Y9VTQZYjYu_IAOfi4vWRVDJkNscutHFCl6yZyLDI0GcAE8MmolZpBpgh4DRYX7C2pkei-xchiNZj7YcFkDKRVw2hTPp-3otdaNLTER6pmnML7gbtI96HjlLvn4FeUD8BgI1Hcf-AOJL0q4HyYNyW5pE&cry=1&dbm_d=AKAmf-Bi5pbt094z_SDnXKpY98xk9FaciZQCgKJJyWuL6q1tybcQZpOYfBHh0Zvgkm4oybKb-CIKYlYmKGKtYteew9FnT8cuJzEqHiFto3Afw8qSm_Zg-Hg11wVywWc3SiK442fE4Ef8JW-cZVeJFDNbCbXJ49owj_evlEVyT2vVJWXo7IjeKSRaSuiOF3am4KJmJtFj7y9shqq4WoTVLK6wmJThqJXKewy_zGeKPH25qfqfIV_AFg9efsiEOMsb7bOV7iWLi6mwZzCOZY8PrsByqCrA_UB4ydO2hcmC8iX9D9gQGTla8acLXzst509cCNa9s1jX3gn3KFa6oKLG2qcLX9QQu0SXCoWe7WDoTZueZJEUWuKsFzxfGyb4I5NdPXX6vjdxP4cekJYJ8oxQWFZzpYVTbVFXSj0YtqKpwmqFiPv6idQDFyL6IkBtc7V9gAKkg40JdoKcwnq1zNfdITswvglcYPzdZLKcdUy90BQHuSyrMv_nY5-Nv7U-I3r9lf6rdZL1oXmUJ36KFvJ5GK2wiP9_GaZAWwyhAsq5mCWZ3-bS2y5qIXSG6t0LpPSJGitPiLkQZlPk1HDfE4VQIwERrkJeJAoaRTmZycxGEctLv-kKE0jC75qCmvhzJ3Z9Y1ceH1PFJmTtUCZGdsVlRrYOGPhlYxO0irl8t88lvWdbYfgTyjfl6uoViozbpLLQoPPqzfv3_GJ2alWpUM8phFkgJPjfL5njbXl1CYTlodjenWLpr87Y8WSR2wiid3yLQwn8iGD88KLjMT7M7qlVxvktbs1iDEDFbmqQhR_mK5NSV5swMgMnx5Z6Nhr2OPiduddOiDbbHXd6ZwY9BHhI-44cTOH4N21ovvYeDD6zeDq7b6pq9hacwWMrVtTHay-qVaWAVjKbPcUpnqBXppMIeA78VcYWLWleecL85u0pkJtIq1kX__QKTA3DJIA1HGiPNF8K2N5fNIcPOVexTDPThQRpg07NZjL6QUEY0c1XyOzyoSsk2uhokLsM13zbgdjLabsScTdzVmM_Rx5s63sjWR_D34vvPtFE_6l4kaGXtYZf2LyCZ5rF_k8PAciRAF6CX3E8gvkYSeE_2MvSPZGHLOxJkJ5S1DQox0O3TK45dQzDKI4JXxMJ0ixBsqjwWgurWwwfqbEYMK5axtH57_82aIrsck9CbiA7bdB74vMsgUUNmtzF4kDvwfBuewaRr81HZCuvGhNv-79watTsgSALDUPVtlxz4wfsoIqAxqyz1ca_59M3a5E_L4zIX5Xk73hgFPQScGbxPTUiLEZsFIL0b79XbDCyxOUEmfmX4zpMllH13-5rb-FT0lFqYtSC7VSH_29pMiGwZnsHj5ff_xoIcEOWG-z_9WF1-kXJkzynq_H9FEvJ0yfzAGjjwFjUJ6qufwpLbXk8rj8NGIjLjX9tkLiUc1sQljLMYLtRDU0Wc_w-FBy9lCae3E3bShRkGCIhRgWI5bYAKK2_rLLg0F3Mfi2pGxsU_pl73ajsgRTiJV1axBG6zAk0yD17Osn7FXdbmqXJcjV_T5KD2XpDPwhU9lyMNYKfGARRHbeUb8vN5HwMQz8YjbQqEkoBMS1h7lVMItRsxDSYMliOP6ZIyKOto7RnTeWrde3VGAj8VfJgOwgwO56y6MrvBcKwv5evJgkQBW_CsEsEGXCeJOyxYbQar-1Nn9v5GF4QcMXpLSQS6W2oo0-bOdoGIz2Scxx5NbgDOxEpeilEallZICNVbIzY5z9HbQSVoaXjU8i09yMSFRM0ukFdST-Re7jJSEum2BzzEBSPB5ow5BKFjBDwwUG7VjkTwZMQ2U20UN-OTA85kg9bkFFKcz8zOcuofDyGjxnA8pVRHmFU0OWBUEaYC5SY-mUmdKzstwOBmLKyW5R5RA5O5HkWLMyfPDte-3wM6jlYomP3mh5cm_JON2vXFL3bChKsDO9YLfIoXUA3CAwcL7CDdRbfG9RJB01KFKweSkZtoFPl4ts1m-JvgHZErB4u17yDadHoniCv8Cw1IQKZ24RvqN96VeCNaZDJJ5GrR391mposECA-byPlBHr6Thm8v6rMJPRKBohK1giW4k0hleSzUT7HqCCzcMHDgZKCl6SFCD4mWre-DergbTgLEuvUcruV1hCdpvVvAIhQ3LxYX46RAFe1aM9cwwbB0d0r-ZQmVMNOibZmG7rqPtcuJ-zi3BVeGnk5jl_nOJUF1vLWHGi6pD6A1fnGqECtGE-FPmjrgh2NpyBxcyZloxJkZXSS1hY9osH4QFXuhSSLrfrbJ0H0w24TzIh-rz9JlgQfk0gGkS-R-Ro0a9W4M32DfhM4L2BqENKDOQuh-E9G5ihCFC59RQgM2QUdQrH_DobYVOjz_V2NU0I7ZcSlZHmenaBeOUQ4XpC0heRHCiY-XVdHYC1ekpgHnCEPEQe0nQSIbKBd4sH4hkGB7hnQTOa8jBk_6K4mK6ZICa2xkYqiIOsmfRZCU5Hbzlsf8G0gftHhp5gD6-rRCnGAGVsojjJiiNU2ADcwZ0WsJEvMaq0P5at66beyFx3rTaJ4Khn6YLeKdrH4EfG6-nTHgNLmQHGlCpmeiu83CqIwr2gVlpEXaQajPzGHxAQLa6V-jqdOr4yrkJD6q1RfgI8iJjiXAqr9JO85aT_cRpenbtB8R2muyeD_mZNWWDssxl3jjPv4nDDXN48e8K3xzSL-l6VSNUxKUm44Qz_rKOfdVjnaQ217chpVWB91z_JEFDoYlWFNm885uI_Yqtx6oEPOadfUQYu9Cd16JkX1-VEvoPogna_ovsLb6zzpVcc7qoAwzbQ3TA2fQCEZc0Xs1dgEGVTflkGXgGUmK2CXU0wQQHAhBngcCARiszjoBOc49iKapcYiYS0If1FK5_VCCIpKRjuzdohHczTfZ6RB2OrEK7ZOy7iQwrjq3bXEGodYw6w2OajzKYQ-IeXJY_oA28Ctvg1NgzFH2A53cuUECCGxfvRcVF6BegvM9UUaOIKAxoGmCp3_Eqq4hVPHJusetdJg3Kwq5n0e-_AA18qQ5fpN_iJym8-V-_wWnMgb9gVtOa6BikIwaaIJYiYna_Kx3pt5XBNfxX-EHXtT_7Nq0e6hUnxJEvjOIvZHUhf5YeXC7Z9ohClXvwcXyVaYvvauwDZucca_QuuF-kU-prlr-jLNgrTqVOIE_gxDmWzNkGWVqLsCv_LwBvcLc9ioBlCPn7C8MeNOEK309IbzmwnoAKHVzIPfqZg14YaI0ZpIlY1JjdTG9aQ7CQ6BbJnFL4NxSk-KACaYx1tEh1Lhzh6NkqETrg9o6r2UlbRl4tMEb1_BfI-gTQhacaBVCJxW4QIJrRyEtNWFVjItLocPr19ZTeEyHYv_fLZIaOXlg-O9DmIKBfB2_KZMcxgdIJ9TOsapZBbmBv-CqpbHy0DGRz-wBKH0OuOmgorAh7A9amlKzob8P-z66dcGfKtadg7gqmBivW7GguLwiT2xS8qnE45bYmj99deXHl76n6Ql33x0Sy5Ol36dsQbUGKDEdWiNAlxHci5niflko-NCMK-7W8NmDDJnWseUgMdV2e-uf4dsrrvERkZlPb3YY1WpRsE5I0ZPLes9q6zDA8scYh3XLVowO4NYsu8_91Xb94m-pAma5UM502aCvBpchwG01gWR6BDbvcQmj7B2UV9nRopaJY2wRIZwhJFDRJKOgEpqxQkyMeLTTCyt2vsuU-ALJQ07GE6NqIZewSFW5UPVhGF4p3zYLa1vFXPkDWikKbEsGaRjADTupwNMNaPGf38_NR-CN4VGL-AxxbWfWOSu8ERbeWd-MAdoB_l33ecYaf38vZnHnA__OMj20qMZnBEhiM8uRHUYk0vvAQmd9yswuSurCR07L9rzpfpSgkzbnTzl7CSIIAwYnKG0hxU&cid=CAQSOwDUE5ym5ilsHGm29vZqV9RMjQ_5A4Pxnwt4JwJzr-9KdwSTzPqfoiNjDcSPjyPrpSWH-agNyvdK-YnrGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Flemzspb.ru%2F&ds=l&xdt=1&iif=1&cor=3341520007210956300&adk=2857193498&idt=96&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 16:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 16:20:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BE77 0
0 99ms
98ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1JshaFIqZL6_AY-E3wOXpbPYC86a2-Bvr6uW0osRvqLKwcMyEAEg68nGK2D3AaABqf_lxgHIAQWoAwGqBP0BT9Aa_fFCQRH4LPK9B4MHkt_FnRePQP72A-M1WbTAJlTtUPtTrLEgCy6-LayLnUxEu2W-K1QAuY8_pOcM2kuka1zEr3pF1o9aQo-rFSfPVb_EBS77YRvo4qE9ikImQY27v--LZxSnYc9J31LDMyc0Ou0AC3lw_DvMjprJol7awF_YCwH0LN6BFnsA-QbYk99w8qq1WavYb4n_taTMO7gx4Is_16zZBFyWYI8g_TACJs1BX1YCvA64o9lahgyvctfooUatS5C5-LVKqhySU8lZZXI1TDnOt7Xq8sma_4zxUCHtcF-Jaj3k7yo-aCzK44TRlXFVMumMzxp7db3308AEptD2k60E4AQDiAWBxsKQSZIFBggDEAEYAZIFBggbEAMYAZIFCggiEAIYAUiYrHySBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQsIocGP_kh-EB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE8uw3hLIE96h2d8D2BMNiBQC2BQB0BUBgBcBshccChoIABIUcHViLTIxNjk2OTQ0NzM0NTkzOTcYAA&sigh=1pIuh2cx5xc&uach_m=[UACH]&cid=CAQSOwDUE5ymSFqgTLfYTVd9iGf5DY64VQB1lpF83-ra5x-XOvWD5k13IkiJBdXHanA2IwPssDv3Tmu3jYY1GAE&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169694473459397&output=html&h=513&adk=514322978&adf=2595696695&pi=t.aa~a.2438994202~rp.4&w=730&lmt=1655228260&nsk=586a14bf&rafmt=11&pwprc=9361489909&ad_type=text_image&format=730x513&url=https%3A%2F%2Flemzspb.ru%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680495207952&bpp=2&bdt=1421&idt=2&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4fd4930ef642e604-2252399ff6de0041%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MZPi34N69A3y1HLDezjs__Ja68e0g&gpic=UID%3D00000a3df53e8a25%3AT%3D1680495207%3ART%3D1680495207%3AS%3DALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w&prev_fmts=0x0%2C300x600&nras=3&correlator=4312723642993&frm=20&pv=1&ga_vid=971915036.1680495207&ga_sid=1680495207&ga_hid=2114017258&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073107&oid=2&pvsid=3198531475903731&tmod=1168235545&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=2&fsb=1&xpc=Gnps47ug9G&p=https%3A//lemzspb.ru&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 03 Apr 2023 04:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1241 1 KB
643 B 65ms
64ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 68706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 09:08:23 GMT
etag: 48472445140208031
expires: Mon, 03 Apr 2023 09:08:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 651E 1 KB
643 B 62ms
61ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 68706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 09:08:23 GMT
etag: 48472445140208031
expires: Mon, 03 Apr 2023 09:08:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4460 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78998a79528c9af036acd2d6cc5638c0b3b0d338fd42bb2cb6f2a7bc8b676623

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BE77 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3764732a890dd9e6c62383df3f62a2ae406b66b3ebfc04db762ef9811a5bd2d8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3430
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

92ms
90ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/
Protocol: H3
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

date: Mon, 03 Apr 2023 04:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 preload.jpg
c.bannerflow.net/accounts/storytel/5f3f61791bd8d345f0b8369b/published/4395471/5142513/ Frame 4460 41 KB
41 KB 39ms
38ms Image
image/jpeg 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/accounts/storytel/5f3f61791bd8d345f0b8369b/published/4395471/5142513/preload.jpg
Requested by: Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede7f841f9d4e60068660bb18ee1142fac73ccfe3ddc20235f6d2ef36e6a202c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Apr 2023 04:13:29 GMT
cf-cache-status: HIT
age: 1443565
content-length: 41581
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 17 Mar 2023 09:17:02 GMT
server: cloudflare
etag: "0x8DB26C85E857AC6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: da4a30d7-001e-0096-57c1-58e4f7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
accept-ranges: bytes
cf-ray: 7b1e7ab1ae52d93f-HEL

GET
H3 200 17911180986046359903
tpc.googlesyndication.com/simgad/ Frame 3430 130 KB
130 KB 64ms
61ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17911180986046359903

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032303151621000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49877ef274b96707b12cf48388f3ba01b787402b7eedd4d9bfa9b02f699f333b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 10:42:48 GMT
x-content-type-options: nosniff
age: 408641
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132860
x-xss-protection: 0
last-modified: Wed, 08 Jul 2020 15:19:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Mar 2024 10:42:48 GMT

GET
H3 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3430 3 KB
3 KB 71ms
68ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032303151621000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 36497
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
expires: Mon, 03 Apr 2023 18:05:12 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3430 344 B
368 B 72ms
69ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032303151621000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 09:21:18 GMT
x-content-type-options: nosniff
server: cafe
age: 67931
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 03 Apr 2023 09:21:18 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D8AF 22 KB
8 KB 64ms
61ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 302005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Mar 2023 16:20:04 GMT
expires: Fri, 29 Mar 2024 16:20:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1241
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFgmsU53eizGjio2nNq8F4M&google_push=Aer7DvKB3VibR75fiAeLQwM-ZfqH-cnBgA-gbzUJ8PsmfHpaPLd-B7C9nn...

170 B
188 B

73ms
73ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFgmsU53eizGjio2nNq8F4M&google_push=Aer7DvKB3VibR75fiAeLQwM-ZfqH-cnBgA-gbzUJ8PsmfHpaPLd-B7C9nnOppcwmk5zFL9vEn1YLvgFOr8ZtOiCKlPo7gLo4OvBQ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230065-FRA
pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1680495209.473304,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFgmsU53eizGjio2nNq8F4M&google_push=Aer7DvKB3VibR75fiAeLQwM-ZfqH-cnBgA-gbzUJ8PsmfHpaPLd-B7C9nnOppcwmk5zFL9vEn1YLvgFOr8ZtOiCKlPo7gLo4OvBQ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1241
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB2jrG1mZujG6ITkSBYiPjY&google_cver=1&google_push=Aer7DvKTtr7h59E-R1rrkA836erX5a-WB7nsdoBODVE4LgpNx2C3NYR7EIG-UzYLgYs3VHb2lfUUhWdHYAbrc1-F...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvKTtr7h59E-R1rrkA836erX5a-WB7nsdoBODVE4LgpNx2C3NYR7EIG-UzYLgYs3VHb2lfUUhWdHYAbrc1-FRb2ocob37-YN

170 B
188 B

71ms
70ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvKTtr7h59E-R1rrkA836erX5a-WB7nsdoBODVE4LgpNx2C3NYR7EIG-UzYLgYs3VHb2lfUUhWdHYAbrc1-FRb2ocob37-YN

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Apr 2023 04:13:29 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvKTtr7h59E-R1rrkA836erX5a-WB7nsdoBODVE4LgpNx2C3NYR7EIG-UzYLgYs3VHb2lfUUhWdHYAbrc1-FRb2ocob37-YN
x-host: tde-deliveryengine-production-86c874c4d8-wzc4h
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1241
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKq-GvbHHG9_DSqtFSL12i0&google_cver=1&google_push=Aer7DvIDcUvkNNXqk0j1sBWyZz0XXshuXHqiQESE-_1E2Y8UeK1xgSgmlZ4-7CjaTl88mfDtgt1wmGAx...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvIDcUvkNNXqk0j1sBWyZz0XXshuXHqiQESE-_1E2Y8UeK1xgSgmlZ4-7CjaTl88mfDtgt1wmG...

170 B
188 B

72ms
72ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvIDcUvkNNXqk0j1sBWyZz0XXshuXHqiQESE-_1E2Y8UeK1xgSgmlZ4-7CjaTl88mfDtgt1wmGAxwUd_CpZamRVe0_6m3We0

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvIDcUvkNNXqk0j1sBWyZz0XXshuXHqiQESE-_1E2Y8UeK1xgSgmlZ4-7CjaTl88mfDtgt1wmGAxwUd_CpZamRVe0_6m3We0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1241
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKq-GvbHHG9_DSqtFSL12i0&google_cver=1&google_push=Aer7DvLSHKEp65dvRX87-0ZGeu40LnsOhtDas8O6nAShYPlDWiPQ2-ceNsF2xwK_dBwRGsrALl3-pnxp...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvLSHKEp65dvRX87-0ZGeu40LnsOhtDas8O6nAShYPlDWiPQ2-ceNsF2xwK_dBwRGsrALl3-pn...

170 B
188 B

71ms
70ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvLSHKEp65dvRX87-0ZGeu40LnsOhtDas8O6nAShYPlDWiPQ2-ceNsF2xwK_dBwRGsrALl3-pnxp1c9y3BRkecXORMGOqLgB

Requested by

Host: lemzspb.ru
URL: https://lemzspb.ru/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTAwOTUwNTg3MDM5MzA3MTQ2NQ&google_push=Aer7DvLSHKEp65dvRX87-0ZGeu40LnsOhtDas8O6nAShYPlDWiPQ2-ceNsF2xwK_dBwRGsrALl3-pnxp1c9y3BRkecXORMGOqLgB
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1241
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJcjmYkcKEdk47H6bjDPLO0&google_cver=1&google_push=Aer7DvIBZnQx7uRhupnLmjcHrw7Z8yL4UHziStZNoQXghDIKv838cjGFw9EWlr03naOPuROdHEU...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEcwQkdJR1EtMU4tQjdXWg==&google_push=Aer7DvIBZnQx7uRhupnLmjcHrw7Z8yL4UHziStZNoQXghDIKv838cjGFw9EWlr03naOPuROdHEUDMO9qZ_QK2m_wdx47WsGaLx3X

170 B
188 B

74ms
74ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEcwQkdJR1EtMU4tQjdXWg==&google_push=Aer7DvIBZnQx7uRhupnLmjcHrw7Z8yL4UHziStZNoQXghDIKv838cjGFw9EWlr03naOPuROdHEUDMO9qZ_QK2m_wdx47WsGaLx3X

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEcwQkdJR1EtMU4tQjdXWg==&google_push=Aer7DvIBZnQx7uRhupnLmjcHrw7Z8yL4UHziStZNoQXghDIKv838cjGFw9EWlr03naOPuROdHEUDMO9qZ_QK2m_wdx47WsGaLx3X
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1241
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFiDuBb8ZOK9QpPN4MrqO04&google_cver=1&google_push=Aer7DvJwoyETB7tMCFtmujp4fJuaWdONEoOdH9tAI38Y0z3hTnZffDlN-VEco7oalTfIx5UbwWBy4aUcUqse...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJwoyETB7tMCFtmujp4fJuaWdONEoOdH9tAI38Y0z3hTnZffDlN-VEco7oalTfIx5UbwWBy4aUcUqse3WEecMprRhgq8qpC

170 B
188 B

72ms
72ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJwoyETB7tMCFtmujp4fJuaWdONEoOdH9tAI38Y0z3hTnZffDlN-VEco7oalTfIx5UbwWBy4aUcUqse3WEecMprRhgq8qpC

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJwoyETB7tMCFtmujp4fJuaWdONEoOdH9tAI38Y0z3hTnZffDlN-VEco7oalTfIx5UbwWBy4aUcUqse3WEecMprRhgq8qpC
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 1241
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEEbox_XeWhglGWbxrHsmaYQ&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJvJP_bDciKDSm58624nFGKOsp0wyfZjZLbvWpzjXtaQarAN3gPP_QHfmJCEOzGI2WrgzAJL2H_OqW6KRMMeOiMDHK1uF6GqAM
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

99ms
99ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Mon, 03 Apr 2023 04:13:29 GMT
pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1241 0
12 B 74ms
72ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J_ygNAqZqnNqBziycgBM6f19Xefrtsl67ov0mJxuFPieuc65IRz5TdP27qAqKCeNkAWGOeAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 /
c.bannerflow.net/tr/v2/pixel/ Frame 4460 0
81 B 79ms
78ms Ping
text/plain 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/tr/v2/pixel/
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64142ff0c56577c34d0eccad?did=5d7b8b746d67af0001f5b22f&deeplink=on&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCXOWXaFIqZKzLEvGU7_UPutOo2ASJ74nIb7v996OkEZfWsPKYJBABIKqAwyJg9wGgAduWkbkByAEJqQLnoxjtiS-yPqgDAcgDmwSqBJICT9DO0SdkpBnI9LQEGEbaYu0lXdWLTG1uqMW0qtpVsT2bCYYop5V5egxWO2mskeimCkoSFdBG1hDAv-h1L3zAjFLaw2yStlsbxFlgjbW4Q2m6J0COhkVQXUp2C6pehKNgPcdKkdeUfjqMHZ0ZKurUHmsMcYyRk5WQrfs9H6xFRxH_3wrEokG317bcIDQT8ru7ECiZCzncL7Xlhgbegu3iUgZmdVq7tTXs5j-WQUBfYbV7tXNdMYMSLvbUbyCmcRFJxHRryI_gY_k7ErofSSvVfoYhby9JVD2hO2d1SMYkSuvPvf8hO9qtIQV56lsl_oEwhdPVeR9XF1ZQLuyXJcWOhzElDgHpY_JwhoFt5XaV7R1LjMAEv6C8zLEE4AQDkAYBoAZNgAeN6e7GAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMTA5MzI2NzE1NTY3MDU5M5oJKmh0dHBzOi8vd3d3LnN0b3J5dGVsLmNvbS9maS9maS8jcHJpY2VQbGFuc4AKA8gLAYAMAbATjYfeEtATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ym5ilsHGm29vZqV9RMjQ_5A4Pxnwt4JwJzr-9KdwSTzPqfoiNjDcSPjyPrpSWH-agNyvdK-YnrGAE%26sig%3DAOD64_3_xdpev5LkYnyUg2uhIWpJkDLcWQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-C69jmV85rDGF4NGAJTSwnu3yo5Vtt7KVVtzT8KvAzImtJ7MiU_JBYITwmpaadSTWnfUK0zsNHIDpIOKzlmtr3SuN9MZVmq1J47AQu8kN66RtluZYxuOwe0F9o0NhjQ0MONLJcf2nofT-E4spWoKNr80ouCJ9dM_hn4JsyEfJPhw8mm7s8%26cry%3D1%26dbm_d%3DAKAmf-BBByvxZU0lJNZALVLjuAtQSSnWnYkBPXv9FPvev5ep9iBrQNnb0GQpngwdfL8xhRfupcuqpiPY7jfLyeKGOgGqUwjm94jxQLhHuwtUSj00nh_xcBclAGFJgaXmg3FECFtpbuGVPM-NkjlQLBoTZjetAnXuo0rNHPzrplHz7h1NZElZugPspLJ8ahYRA6VlLxPyXCmQ3aTw176IGGENVEHxJdYSSXYdEbYNHnIPcXiEAI_wkF6AVHkpW2kwzaAiLXsQGCj4yXJJDf1xYgL5AUmJGQJCLgPU7J2hkPhwr-u_ujeJpo8A09_mrHqbuH64ONHI9WIOBpGyO8LFrQCDN0oPkoeY1HT4vCCUif_4cYaodDQI0Jt7tCiDaclypYANW8L165m6NJEu3Q2IueXbhs-f3dcawoYZ6my9BB7pus-WPfRU6fQbi5cgdvJDiQopcOiUHtq7mXM5W0XdcRK4mPGJvp6i8m2wl08VgoEud0vLTkB9BefSVWg16CWZ_sWb4-uICai5GHUfJYeSh8lxbaSZMHfvjA%26adurl%3D&cb=1680495208304556
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 03 Apr 2023 04:13:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b1e7ab23f44d93f-HEL
content-length: 0
request-context: appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP_j6B9C1OW1jUQKGghSOHY&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP_j6B9C1OW1jUQKGghSOHY&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bmxRZEw0bXIxUEpienI1&google_gid=CAESEP_j6B9C1OW1jUQKGghSOHY&google_cver=1&google_push=Aer7DvJRagejQCYJsdIrpK9JoYVoTfv6S7QGKW1JkZIrZq8...

170 B
188 B

71ms
71ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bmxRZEw0bXIxUEpienI1&google_gid=CAESEP_j6B9C1OW1jUQKGghSOHY&google_cver=1&google_push=Aer7DvJRagejQCYJsdIrpK9JoYVoTfv6S7QGKW1JkZIrZq844ej3df7PXG0pdK-g3AzBimIVCRvmO10eFa_xIn1YPYPGc40H21xW

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 04:13:28 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-017dcce659d1d3103@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bmxRZEw0bXIxUEpienI1&google_gid=CAESEP_j6B9C1OW1jUQKGghSOHY&google_cver=1&google_push=Aer7DvJRagejQCYJsdIrpK9JoYVoTfv6S7QGKW1JkZIrZq844ej3df7PXG0pdK-g3AzBimIVCRvmO10eFa_xIn1YPYPGc40H21xW
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEElJ9YD4OcMSwy4M1PDKmHE&google_cver=1&google_push=Aer7DvIW0_3yyKNMqJO0cft1tF502mulsyjk6WFqumPdV5bLw0nCKt3XOccDPKyDKOMfsz6C5Tc4XwSJxNW0vVp-...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvIW0_3yyKNMqJO0cft1tF502mulsyjk6WFqumPdV5bLw0nCKt3XOccDPKyDKOMfsz6C5Tc4XwSJxNW0vVp-KhXwPO5GwzDY

170 B
188 B

73ms
72ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvIW0_3yyKNMqJO0cft1tF502mulsyjk6WFqumPdV5bLw0nCKt3XOccDPKyDKOMfsz6C5Tc4XwSJxNW0vVp-KhXwPO5GwzDY

Requested by

Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Apr 2023 04:13:29 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=sDXtN8YeRRquCYXeW1xazw2&google_push=Aer7DvIW0_3yyKNMqJO0cft1tF502mulsyjk6WFqumPdV5bLw0nCKt3XOccDPKyDKOMfsz6C5Tc4XwSJxNW0vVp-KhXwPO5GwzDY
x-host: tde-deliveryengine-production-86c874c4d8-wzc4h
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBGRu742E2uO9g-Z7_GXsTM&google_cver=1&google_push=Aer7DvLHBAjYFWe-YKLizdXEDGpwrL4GOWi-mvVcIpwzpUAoyAARm6tK2YowbHFjnS0mh6qB2GuFd5KqEUjaG_M66NBhs_n...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLHBAjYFWe-YKLizdXEDGpwrL4GOWi-mvVcIpwzpUAoyAARm6tK2YowbHFjnS0mh6qB2GuFd5KqEUjaG_M66NBhs_nO8xU&google_hm=eS1JVzhzSVV4RTJwRzkwRW1...

170 B
188 B

78ms
78ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLHBAjYFWe-YKLizdXEDGpwrL4GOWi-mvVcIpwzpUAoyAARm6tK2YowbHFjnS0mh6qB2GuFd5KqEUjaG_M66NBhs_nO8xU&google_hm=eS1JVzhzSVV4RTJwRzkwRW1Jc3NNSnVUMS5DZlNyMk1IRH5B

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Apr 2023 04:13:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLHBAjYFWe-YKLizdXEDGpwrL4GOWi-mvVcIpwzpUAoyAARm6tK2YowbHFjnS0mh6qB2GuFd5KqEUjaG_M66NBhs_nO8xU&google_hm=eS1JVzhzSVV4RTJwRzkwRW1Jc3NNSnVUMS5DZlNyMk1IRH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEJupmbCSd9zlfajX1hdU364&google_cver=1&google_push=Aer7DvKGDr7uWjMQieZtk5dFzDb1K95xb8vY27viE0QA4JhuMKr7jyT536D9PyzmjNy5VnxxlThDXH8wV4IMBjv9JwNk7-zdvbo
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=Aer7DvKGDr7uWjMQieZtk5dFzDb1K95xb8vY27viE0QA4JhuMKr7jyT536D9PyzmjNy5VnxxlThDXH8wV4IMBjv9JwNk7-zdvbo&google_hm=ZzEzN2ZlNGY3MzIyYTg1O...

170 B
188 B

72ms
72ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=Aer7DvKGDr7uWjMQieZtk5dFzDb1K95xb8vY27viE0QA4JhuMKr7jyT536D9PyzmjNy5VnxxlThDXH8wV4IMBjv9JwNk7-zdvbo&google_hm=ZzEzN2ZlNGY3MzIyYTg1ODNkZDM=

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=Aer7DvKGDr7uWjMQieZtk5dFzDb1K95xb8vY27viE0QA4JhuMKr7jyT536D9PyzmjNy5VnxxlThDXH8wV4IMBjv9JwNk7-zdvbo&google_hm=ZzEzN2ZlNGY3MzIyYTg1ODNkZDM=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENGbj0N18axipBzzn4xb4f8&google_cver=1&google_push=Aer7DvJNYYC366xYSIdePMjsoBYdCypQ_GlM2Te9b2VrEy8oT2P17uN5Jw3dBjk9cYa_b4mKm2PzpgMmCluXqJZDbDp4rbLk_-a4
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aer7DvJNYYC366xYSIdePMjsoBYdCypQ_GlM2Te9b2VrEy8oT2P17uN5Jw3dBjk9cYa_b4mKm2PzpgMmCluXqJZDbDp4rbLk_-a...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4MzA2NjExNjkwOTE5MjA2MTM1Ng%3D%3D&google_push=Aer7DvJNYYC366xYSIdePMjsoBYdCypQ_GlM2Te9b2VrEy8oT2P17uN5...

170 B
188 B

72ms
71ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4MzA2NjExNjkwOTE5MjA2MTM1Ng%3D%3D&google_push=Aer7DvJNYYC366xYSIdePMjsoBYdCypQ_GlM2Te9b2VrEy8oT2P17uN5Jw3dBjk9cYa_b4mKm2PzpgMmCluXqJZDbDp4rbLk_-a4

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM4MzA2NjExNjkwOTE5MjA2MTM1Ng%3D%3D&google_push=Aer7DvJNYYC366xYSIdePMjsoBYdCypQ_GlM2Te9b2VrEy8oT2P17uN5Jw3dBjk9cYa_b4mKm2PzpgMmCluXqJZDbDp4rbLk_-a4
date: Mon, 03 Apr 2023 04:13:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK pub
cs.chocolateplatform.com/ Frame 651E 0
134 B 829ms
144ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESECUKiNG7d7dtpTkJi7azXro&google_cver=1&google_push=Aer7DvLs9quGMQy1fXWuKiYl1kKcYGgITfy0ij2KefzSZaz30Wd8chton_oTYbva6IA87Bmj64fjFxqiSoHBT9-hUUP8T78mVsQ
Requested by: Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: CookieSync Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Apr 2023 04:13:29 GMT
server: CookieSync Server
content-length: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 651E
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESECn1nufG6FfOL-nsNwLS0U0?ext-param=Aer7DvLhD3epatYvkYiai_2yvoGXhtq66Wl11UjmrsPPvQIQt8TUJUIbSnQVwv-4AboKyEt4z6p4Jy_yzVallbgFSEk_ecHmLkGr&partner-tag=yandex_ag&g...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESECn1nufG6FfOL-nsNwLS0U0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

57ms
56ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 18 Mar 2024 04:13:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 651E 0
12 B 94ms
93ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbOO9jTE5k3qT_3rtgg_oR-_IRRc6oPvVTWFu_lrWuMc3dODL_MsRA3yJBuRMXFbRAsHJQLg

Requested by

Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame BE77 0
54 B 123ms
109ms Ping
image/gif 2a00:1450:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lg0bgi35&c=4560652538737&slotId=2280326269368.5&qqid=CL6Tr7_sjP4CFQ_Cdwodl9IMuw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230327_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame BE77 41 KB
15 KB 64ms
61ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230327_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 09:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Mar 2024 09:00:57 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-ixh7rn76.c.2mdn.net/videoplayback/id/a2c0ac83389443b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820498498/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BE77
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/a2c0ac83389443b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820498498/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-ixh7rn76.c.2mdn.net/videoplayback/id/a2c0ac83389443b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820498498/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

155ms
32ms

Fetch
video/mp4

2a00:1450:4026::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-ixh7rn76.c.2mdn.net/videoplayback/id/a2c0ac83389443b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820498498/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1AD7945AABD09C342A3CDE96AD954E5D2DFD49A4.0F7D96CE24E581986CC5EE84AC8EF3D816419A1B/key/cms1/cms_redirect/yes/mh/6O/mip/2a0c:f040:0:2790::3e/mm/42/mn/sn-ixh7rn76/ms/onc/mt/1680494879/mv/u/mvi/1/pl/51/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4026::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:29 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2227342
Last-Modified: Fri, 10 Feb 2023 17:29:29 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 03 Apr 2023 04:13:29 GMT

Redirect headers

date: Mon, 03 Apr 2023 04:13:29 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-ixh7rn76.c.2mdn.net/videoplayback/id/a2c0ac83389443b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820498498/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1AD7945AABD09C342A3CDE96AD954E5D2DFD49A4.0F7D96CE24E581986CC5EE84AC8EF3D816419A1B/key/cms1/cms_redirect/yes/mh/6O/mip/2a0c:f040:0:2790::3e/mm/42/mn/sn-ixh7rn76/ms/onc/mt/1680494879/mv/u/mvi/1/pl/51/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 206ms
77ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230329&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b02f486747f04bb352700e442fe821f20b481e66063db8661851308bafde3ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11164
x-xss-protection: 0

GET
H3 200 wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js Show response
pagead2.googlesyndication.com/bg/ Frame D8AF 36 KB
14 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 14:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 309788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14116
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:10:21 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 88C7 23 KB
9 KB 61ms
61ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 584428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 09:53:01 GMT
expires: Tue, 26 Mar 2024 09:53:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 TbkRrD5BXGyp-AXWn4EJ5yVok9cUGO3dMlQ2-4_WT-o.js Show response
pagead2.googlesyndication.com/bg/ Frame 88C7 36 KB
14 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TbkRrD5BXGyp-AXWn4EJ5yVok9cUGO3dMlQ2-4_WT-o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4db911ac3e415c6ca9f805d69f8109e7256893d71418eddd325436fb8fd64fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 11:02:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14203
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 11:02:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Apr 2023 04:13:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8AF 0
20 B 109ms
105ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmcFpaFIqZJbEONXR3wOZkL_4CAAAAAA4AeAEAg&bg=!7-yl7LjNAAbEgrg45II7ADkAdvg8WvYgB6afPaWun1VShLkCqhpMAZNPfJ9zvnp0WS2nwuN6NQ9Dss8t3kR8TlkfqjlfteTMz-sCAAAAi1IAAAADaAEHCgBQYLillYcyjUHBDV7eYQvv1g7Xp50OepuLr7PhoZ7fS02FX0H8FLt-aQqtl-a4ZzT023X4B9TuQ7rQ5j4UlPXzMa5vgSHUHhHMW1XLe8GKCf6ZAvh1vlkcDP3VxWmIUIElVJfrp-JhJ9N5C3tX7szB8w64lJyiBB4tlQIKnJGJDGzHjbKDRRn4Umz0DjJ7hsYQ4VvlXz6CdZcLqjgkuP5WP-QEELDDqnwlC3N1YY6gVx7JTVQOji3_JpQneFj2DKhuTlD2SvnKHvnuFWhC7H7gTtudX-kJAEIgfHNOI_9STFGEFb4gJyrzDO9uN-V6c_g1rD0pHtx2fYh9W2E4edMNf75_g-KaVRHY10Fg4lT8UnxgW53YpE3yKdKxu8_bUerlymAXpmyNRynfKhczaB2Mv4WfbO4WfKmU1KyZLNNqWEI52VbkuF9NJZ6Xe9y2iq-kk_LnRXYTMQzZpFm8zlf7wABOyOhxEeS7r-5qHRJcUvSsASKthz4v_dw63vNigBg6LuSgKu7vOv3u-5bYvVjOleC3Ds3G7uvbA1r76hGSgtdd5OAva7jGZoO1SjwZbDJfXGW1pK5yVdMjfoNK35rspVwBFxZe56pv7ntCPsC59G_xyN4VpQyarLaCR13k6-2udZsVOljh6PIGbl12owVtpdZa41SXCM1OjOCHYemLQoDNWFuDkK5IT-y4Nw41v7ud1qRq9h-l3EIGOUKFdDzkqX8pI8aLfisDscFh7lWCTKIdaD2bfYwvdG-Xt1qC4Fe4OP8EDFlgielpob3HK1E4pPufLHIKsKTp2quwF7LkdfB1uEGT5fzQFNrmkRCTCfmZD6yeP85zQ5yGggtZWeaKE2W2ePz56SD3vSvhwDgx-Zo0bRWia0n2Ck9Oj7oCS04a-XdYkXjdvtL_9I-BsdTLD11zrmRqJ1XYAWgo5E2lkYY8LCJW-YTq3HjhODkg1YqfHHMpDzGC57E4CzgjQJE5SZ4HDS2qjo7zru023Vmrj8TQ07Riq_mig--yesT5F1DuXMzTdWsjLJ4BXoTxc46ll28qLLBg_pzH8HULBnE0wsF19YFxVDtd3L3jOwrtntmOVtEZyq-qdIL1Zx56azzjWMXjsnTIdXk-v_nW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE8C 13 KB
5 KB 64ms
63ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lemzspb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 69159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 09:00:50 GMT
expires: Mon, 01 Apr 2024 09:00:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D5B7 783 B
535 B 72ms
71ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ca69fa9bfc47273b071c515d04661647f3d55e6100438e265d507f09e75ba97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7O-UZY1LebgR2sbbquVgXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lemzspb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-7O-UZY1LebgR2sbbquVgXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 04:13:29 GMT
expires: Mon, 03 Apr 2023 04:13:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 206 file.mp4
r1---sn-ixh7rn76.c.2mdn.net/videoplayback/id/a2c0ac83389443b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820498498/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame BE77 2 MB
2 MB 67ms
32ms Media
video/mp4 2a00:1450:4026::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4026::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9153ccda62a4b93f9fcb6788ca17fd4c167eb45a30ef0cddfbd952479015afda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 03 Apr 2023 04:13:29 GMT
date: Mon, 03 Apr 2023 04:13:29 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2227341/2227342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2227342
last-modified: Fri, 10 Feb 2023 17:29:29 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D5B7 0
0 95ms
95ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230329&jk=3198531475903731&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js Show response
pagead2.googlesyndication.com/bg/ Frame EE8C 36 KB
14 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wMoe6OciHLqnbxL28zp4y_OVtpvKQBw-ZRrleUvee-M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 14:10:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 309788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14116
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:10:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88C7 0
20 B 98ms
97ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BTnvBaVIqZKCWEqjGzAbumYLQDwAAAAA4AeAEAg&bg=!3t2l3YnNAAbEgrg45II7ADkAdvg8Wp9L0wmO8CuDP4KLtEtAdsNkS-uCat39CBvcvkoBO9szoFICPDknFArYGf0K0fR-5dl_uhUCAAAAulIAAAADaAEHCgAFIzQf4w-ZAr9FJe-2MGwJWQOIjWCVJz9DJW_8JTZVqyHFr3EBzMH3tgY4nxa4LwKXE1sN02I3uRCaFxc3rmBgTzGcd1Rpl6seK4a6gCYZ8H6JcJlv5BHZjO1C4QZ3zVfvXtU3WK_-V0z_yXfnwwWkiUSqWLESW6hYetQPUfkWeFIr0-4ZhNaSyFSMYojf1El1mYVhhq1bvZaGh1PtclS77cBJgSmQlm06xawV5m9xiDcsCneOFMLCG5C9eqs6yOzvYe5ach671nkUORWx4DWC5J1MuFNWaKLxFwrzndqoe5ZoYbeeU2XhPzJ2_94h-TasEw1dj3RzxkKWyFYdA7DdEXGMt0zLDJjVAp3bF7OrOM7SMm4diGXTg738GRwWlUV6oB0uMkHd6Kt59IwyIfGg1L2XVgSt19Oi3dB_Vj-RjUAkQ2z65si5iLNf3dm89jfZBvk6gPU8qSLHDEUwDmWxCS5Y5aa38Rf859zyvSjJ1RD4vMOTZGtS4HwXUv9FUXQm6z7sQXmg9yV9kF5UHYBJnzRS7uuwFTh3nf7DTye3I9rPg4F4_kYkHihBpzoWUY1vdpD3o4FKO-ZNWMhjTYpNnPVWO1imov-selW0reaAWB3HvhHxoC1lBbL8ayTINfq0XIfBGQ9MBgPiNp-l1B7Z0ArqxRznxsZj7I0oIAI7gEMw-ZUEGRKyKJD-v9oZEjfnG24OZSldXhvmx7x2ZWjLKDAots_O9q-uGOJaEJnZQGp03hwHZjZVrnrNSM0yTS77jOL_wLnKKzTm-9KKEfgT2fwSjjDo58ndKqlNMGgdhdCN4E4dWrDDm-UViOnQm4gbDTxB-BBdcYBtSNTbxf61PUNdwPscYjZoDF24MYmRfs67uKGBSaVcF6pTeh-UpdUk3SOMrTR-0OEHztYkuH1-rrrTQFEHPrrrd1hMfGhkI-iPrnEOAx5E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EE8C 0
11 B 62ms
60ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5UIINQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7AA4 42 B
64 B 105ms
104ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR9A7PeHKYWaSchVNyaMD3GRlOo8ZQrYK0hynVFeP1H46YweeUO4aDetDt688uoWc71xyYCeIoPMHjcTe5iv08JwLiQLY5k_8URJMRnPb8iBjeDYfADrVVi6MlNU7RFkh_Zmqh5A&sai=AMfl-YQRsp2S9aSUs2XYze4cqclfgjuQga3EXsV8NCbHe5h_UaGxx_kBctBrngFcdCAu3bzMUin-2YIIaINmBVQfm896WX6W7tSRlP4-TgSFq0TnTrRPazFq2fdJg7k&sig=Cg0ArKJSzH1HBBw5kv0UEAE&cid=CAQSOwDUE5ymx_hfg9h5tXzCoztb-ytcStnl5cmAFwXuZatuVqp7mgrE7uQsfIx9yaXM7idcT3_7ggwuvXvEGAE&id=ampim&o=315,1100&d=970,100&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=720&tls=1722&g=100&h=100&tt=1722&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4460 42 B
64 B 104ms
103ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSjzUPiaau7qM3Q-3VQS2JgISIS6e0UnIsvE_LTYbR8mDS5IlMaxgu8AegTinlbtw1I0Cnhf3wV5trWyrwgqgZkSgfhc6r5qjJSWo9z5Cy6ytLrSEXX-PUj5pVvEgrtH4ez60_bw&sai=AMfl-YSs2IFyq1utIgeX7MW5WOSRLAB070XyLoJv04ucZlDsvK0GBCWDbi2Kg_DncVvdfuz3QZh8YPpIdud0JmcPOgM13Z8PmipDKPMYNOm27yYVNclR2wJX7vwfwgI&sig=Cg0ArKJSzCJFVUFNPOSuEAE&cid=CAQSOwDUE5ym5ilsHGm29vZqV9RMjQ_5A4Pxnwt4JwJzr-9KdwSTzPqfoiNjDcSPjyPrpSWH-agNyvdK-YnrGAE&id=lidar2&mcvt=1000&p=656,315,906,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4214233573&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680495208578&rpt=605&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.e41a0c4132970d505cc8.js Show response
c.bannerflow.net/scripts/ Frame 4460 20 KB
7 KB 43ms
43ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/widget.e41a0c4132970d505cc8.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64142ff0c56577c34d0eccad?did=5d7b8b746d67af0001f5b22f&deeplink=on&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCXOWXaFIqZKzLEvGU7_UPutOo2ASJ74nIb7v996OkEZfWsPKYJBABIKqAwyJg9wGgAduWkbkByAEJqQLnoxjtiS-yPqgDAcgDmwSqBJICT9DO0SdkpBnI9LQEGEbaYu0lXdWLTG1uqMW0qtpVsT2bCYYop5V5egxWO2mskeimCkoSFdBG1hDAv-h1L3zAjFLaw2yStlsbxFlgjbW4Q2m6J0COhkVQXUp2C6pehKNgPcdKkdeUfjqMHZ0ZKurUHmsMcYyRk5WQrfs9H6xFRxH_3wrEokG317bcIDQT8ru7ECiZCzncL7Xlhgbegu3iUgZmdVq7tTXs5j-WQUBfYbV7tXNdMYMSLvbUbyCmcRFJxHRryI_gY_k7ErofSSvVfoYhby9JVD2hO2d1SMYkSuvPvf8hO9qtIQV56lsl_oEwhdPVeR9XF1ZQLuyXJcWOhzElDgHpY_JwhoFt5XaV7R1LjMAEv6C8zLEE4AQDkAYBoAZNgAeN6e7GAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMTA5MzI2NzE1NTY3MDU5M5oJKmh0dHBzOi8vd3d3LnN0b3J5dGVsLmNvbS9maS9maS8jcHJpY2VQbGFuc4AKA8gLAYAMAbATjYfeEtATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ym5ilsHGm29vZqV9RMjQ_5A4Pxnwt4JwJzr-9KdwSTzPqfoiNjDcSPjyPrpSWH-agNyvdK-YnrGAE%26sig%3DAOD64_3_xdpev5LkYnyUg2uhIWpJkDLcWQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-C69jmV85rDGF4NGAJTSwnu3yo5Vtt7KVVtzT8KvAzImtJ7MiU_JBYITwmpaadSTWnfUK0zsNHIDpIOKzlmtr3SuN9MZVmq1J47AQu8kN66RtluZYxuOwe0F9o0NhjQ0MONLJcf2nofT-E4spWoKNr80ouCJ9dM_hn4JsyEfJPhw8mm7s8%26cry%3D1%26dbm_d%3DAKAmf-BBByvxZU0lJNZALVLjuAtQSSnWnYkBPXv9FPvev5ep9iBrQNnb0GQpngwdfL8xhRfupcuqpiPY7jfLyeKGOgGqUwjm94jxQLhHuwtUSj00nh_xcBclAGFJgaXmg3FECFtpbuGVPM-NkjlQLBoTZjetAnXuo0rNHPzrplHz7h1NZElZugPspLJ8ahYRA6VlLxPyXCmQ3aTw176IGGENVEHxJdYSSXYdEbYNHnIPcXiEAI_wkF6AVHkpW2kwzaAiLXsQGCj4yXJJDf1xYgL5AUmJGQJCLgPU7J2hkPhwr-u_ujeJpo8A09_mrHqbuH64ONHI9WIOBpGyO8LFrQCDN0oPkoeY1HT4vCCUif_4cYaodDQI0Jt7tCiDaclypYANW8L165m6NJEu3Q2IueXbhs-f3dcawoYZ6my9BB7pus-WPfRU6fQbi5cgdvJDiQopcOiUHtq7mXM5W0XdcRK4mPGJvp6i8m2wl08VgoEud0vLTkB9BefSVWg16CWZ_sWb4-uICai5GHUfJYeSh8lxbaSZMHfvjA%26adurl%3D&cb=1680495208304556
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Apr 2023 04:13:30 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: nZPaCeepSHMZbbh+xShfnA==
age: 2300510
cf-polished: origSize=20123
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Tue, 07 Mar 2023 10:29:01 GMT
server: cloudflare
etag: W/"0x8DB1EF6C4FEC22F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 34431595-801e-001e-21ec-5001fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b1e7ab7eb30d93f-HEL

GET
H2 200 feed.ac107082df06007ec521.js Show response
c.bannerflow.net/scripts/ Frame 4460 5 KB
3 KB 39ms
38ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/feed.ac107082df06007ec521.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64142ff0c56577c34d0eccad?did=5d7b8b746d67af0001f5b22f&deeplink=on&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCXOWXaFIqZKzLEvGU7_UPutOo2ASJ74nIb7v996OkEZfWsPKYJBABIKqAwyJg9wGgAduWkbkByAEJqQLnoxjtiS-yPqgDAcgDmwSqBJICT9DO0SdkpBnI9LQEGEbaYu0lXdWLTG1uqMW0qtpVsT2bCYYop5V5egxWO2mskeimCkoSFdBG1hDAv-h1L3zAjFLaw2yStlsbxFlgjbW4Q2m6J0COhkVQXUp2C6pehKNgPcdKkdeUfjqMHZ0ZKurUHmsMcYyRk5WQrfs9H6xFRxH_3wrEokG317bcIDQT8ru7ECiZCzncL7Xlhgbegu3iUgZmdVq7tTXs5j-WQUBfYbV7tXNdMYMSLvbUbyCmcRFJxHRryI_gY_k7ErofSSvVfoYhby9JVD2hO2d1SMYkSuvPvf8hO9qtIQV56lsl_oEwhdPVeR9XF1ZQLuyXJcWOhzElDgHpY_JwhoFt5XaV7R1LjMAEv6C8zLEE4AQDkAYBoAZNgAeN6e7GAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMTA5MzI2NzE1NTY3MDU5M5oJKmh0dHBzOi8vd3d3LnN0b3J5dGVsLmNvbS9maS9maS8jcHJpY2VQbGFuc4AKA8gLAYAMAbATjYfeEtATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ym5ilsHGm29vZqV9RMjQ_5A4Pxnwt4JwJzr-9KdwSTzPqfoiNjDcSPjyPrpSWH-agNyvdK-YnrGAE%26sig%3DAOD64_3_xdpev5LkYnyUg2uhIWpJkDLcWQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-C69jmV85rDGF4NGAJTSwnu3yo5Vtt7KVVtzT8KvAzImtJ7MiU_JBYITwmpaadSTWnfUK0zsNHIDpIOKzlmtr3SuN9MZVmq1J47AQu8kN66RtluZYxuOwe0F9o0NhjQ0MONLJcf2nofT-E4spWoKNr80ouCJ9dM_hn4JsyEfJPhw8mm7s8%26cry%3D1%26dbm_d%3DAKAmf-BBByvxZU0lJNZALVLjuAtQSSnWnYkBPXv9FPvev5ep9iBrQNnb0GQpngwdfL8xhRfupcuqpiPY7jfLyeKGOgGqUwjm94jxQLhHuwtUSj00nh_xcBclAGFJgaXmg3FECFtpbuGVPM-NkjlQLBoTZjetAnXuo0rNHPzrplHz7h1NZElZugPspLJ8ahYRA6VlLxPyXCmQ3aTw176IGGENVEHxJdYSSXYdEbYNHnIPcXiEAI_wkF6AVHkpW2kwzaAiLXsQGCj4yXJJDf1xYgL5AUmJGQJCLgPU7J2hkPhwr-u_ujeJpo8A09_mrHqbuH64ONHI9WIOBpGyO8LFrQCDN0oPkoeY1HT4vCCUif_4cYaodDQI0Jt7tCiDaclypYANW8L165m6NJEu3Q2IueXbhs-f3dcawoYZ6my9BB7pus-WPfRU6fQbi5cgdvJDiQopcOiUHtq7mXM5W0XdcRK4mPGJvp6i8m2wl08VgoEud0vLTkB9BefSVWg16CWZ_sWb4-uICai5GHUfJYeSh8lxbaSZMHfvjA%26adurl%3D&cb=1680495208304556
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e59e11845d0bb2a6aef1777b9a763f0970e609a16f4967614451b84913556eb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Apr 2023 04:13:30 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: qmBi7t8dubW0rznrBiyB8A==
age: 2396786
cf-polished: origSize=5175
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 06 Mar 2023 09:10:27 GMT
server: cloudflare
etag: W/"0x8DB1E22A0CC5F3F"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5762fbf9-e01e-0018-700e-503241000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b1e7ab7eb34d93f-HEL

GET
H2 200 document.0000005F20180A.js Show response
c.bannerflow.net/accounts/storytel/5f3f61791bd8d345f0b8369b/published/4395471/5142513/ Frame 4460 80 KB
15 KB 60ms
59ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/accounts/storytel/5f3f61791bd8d345f0b8369b/published/4395471/5142513/document.0000005F20180A.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64142ff0c56577c34d0eccad?did=5d7b8b746d67af0001f5b22f&deeplink=on&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCXOWXaFIqZKzLEvGU7_UPutOo2ASJ74nIb7v996OkEZfWsPKYJBABIKqAwyJg9wGgAduWkbkByAEJqQLnoxjtiS-yPqgDAcgDmwSqBJICT9DO0SdkpBnI9LQEGEbaYu0lXdWLTG1uqMW0qtpVsT2bCYYop5V5egxWO2mskeimCkoSFdBG1hDAv-h1L3zAjFLaw2yStlsbxFlgjbW4Q2m6J0COhkVQXUp2C6pehKNgPcdKkdeUfjqMHZ0ZKurUHmsMcYyRk5WQrfs9H6xFRxH_3wrEokG317bcIDQT8ru7ECiZCzncL7Xlhgbegu3iUgZmdVq7tTXs5j-WQUBfYbV7tXNdMYMSLvbUbyCmcRFJxHRryI_gY_k7ErofSSvVfoYhby9JVD2hO2d1SMYkSuvPvf8hO9qtIQV56lsl_oEwhdPVeR9XF1ZQLuyXJcWOhzElDgHpY_JwhoFt5XaV7R1LjMAEv6C8zLEE4AQDkAYBoAZNgAeN6e7GAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMTA5MzI2NzE1NTY3MDU5M5oJKmh0dHBzOi8vd3d3LnN0b3J5dGVsLmNvbS9maS9maS8jcHJpY2VQbGFuc4AKA8gLAYAMAbATjYfeEtATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ym5ilsHGm29vZqV9RMjQ_5A4Pxnwt4JwJzr-9KdwSTzPqfoiNjDcSPjyPrpSWH-agNyvdK-YnrGAE%26sig%3DAOD64_3_xdpev5LkYnyUg2uhIWpJkDLcWQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-C69jmV85rDGF4NGAJTSwnu3yo5Vtt7KVVtzT8KvAzImtJ7MiU_JBYITwmpaadSTWnfUK0zsNHIDpIOKzlmtr3SuN9MZVmq1J47AQu8kN66RtluZYxuOwe0F9o0NhjQ0MONLJcf2nofT-E4spWoKNr80ouCJ9dM_hn4JsyEfJPhw8mm7s8%26cry%3D1%26dbm_d%3DAKAmf-BBByvxZU0lJNZALVLjuAtQSSnWnYkBPXv9FPvev5ep9iBrQNnb0GQpngwdfL8xhRfupcuqpiPY7jfLyeKGOgGqUwjm94jxQLhHuwtUSj00nh_xcBclAGFJgaXmg3FECFtpbuGVPM-NkjlQLBoTZjetAnXuo0rNHPzrplHz7h1NZElZugPspLJ8ahYRA6VlLxPyXCmQ3aTw176IGGENVEHxJdYSSXYdEbYNHnIPcXiEAI_wkF6AVHkpW2kwzaAiLXsQGCj4yXJJDf1xYgL5AUmJGQJCLgPU7J2hkPhwr-u_ujeJpo8A09_mrHqbuH64ONHI9WIOBpGyO8LFrQCDN0oPkoeY1HT4vCCUif_4cYaodDQI0Jt7tCiDaclypYANW8L165m6NJEu3Q2IueXbhs-f3dcawoYZ6my9BB7pus-WPfRU6fQbi5cgdvJDiQopcOiUHtq7mXM5W0XdcRK4mPGJvp6i8m2wl08VgoEud0vLTkB9BefSVWg16CWZ_sWb4-uICai5GHUfJYeSh8lxbaSZMHfvjA%26adurl%3D&cb=1680495208304556
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5891da4d090300d67d26bfbbe8c6bb84048d767a942644214a2903bfc1e07f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Apr 2023 04:13:30 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: Bxz7lGEOi3L0Gx2jFdxxOg==
age: 1443565
cf-polished: origSize=85575
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Fri, 17 Mar 2023 09:17:04 GMT
server: cloudflare
etag: W/"0x8DB26C85FA50386"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dc14ed4c-501e-0040-6cc1-58ea1e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b1e7ab7eb38d93f-HEL

GET
H2 200 animated-creative.5b52d8f9d40b2db6298f.js Show response
c.bannerflow.net/scripts/ Frame 4460 156 KB
53 KB 45ms
44ms Script
application/javascript 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/scripts/animated-creative.5b52d8f9d40b2db6298f.js
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64142ff0c56577c34d0eccad?did=5d7b8b746d67af0001f5b22f&deeplink=on&redirecturl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCXOWXaFIqZKzLEvGU7_UPutOo2ASJ74nIb7v996OkEZfWsPKYJBABIKqAwyJg9wGgAduWkbkByAEJqQLnoxjtiS-yPqgDAcgDmwSqBJICT9DO0SdkpBnI9LQEGEbaYu0lXdWLTG1uqMW0qtpVsT2bCYYop5V5egxWO2mskeimCkoSFdBG1hDAv-h1L3zAjFLaw2yStlsbxFlgjbW4Q2m6J0COhkVQXUp2C6pehKNgPcdKkdeUfjqMHZ0ZKurUHmsMcYyRk5WQrfs9H6xFRxH_3wrEokG317bcIDQT8ru7ECiZCzncL7Xlhgbegu3iUgZmdVq7tTXs5j-WQUBfYbV7tXNdMYMSLvbUbyCmcRFJxHRryI_gY_k7ErofSSvVfoYhby9JVD2hO2d1SMYkSuvPvf8hO9qtIQV56lsl_oEwhdPVeR9XF1ZQLuyXJcWOhzElDgHpY_JwhoFt5XaV7R1LjMAEv6C8zLEE4AQDkAYBoAZNgAeN6e7GAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMTA5MzI2NzE1NTY3MDU5M5oJKmh0dHBzOi8vd3d3LnN0b3J5dGVsLmNvbS9maS9maS8jcHJpY2VQbGFuc4AKA8gLAYAMAbATjYfeEtATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ym5ilsHGm29vZqV9RMjQ_5A4Pxnwt4JwJzr-9KdwSTzPqfoiNjDcSPjyPrpSWH-agNyvdK-YnrGAE%26sig%3DAOD64_3_xdpev5LkYnyUg2uhIWpJkDLcWQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-C69jmV85rDGF4NGAJTSwnu3yo5Vtt7KVVtzT8KvAzImtJ7MiU_JBYITwmpaadSTWnfUK0zsNHIDpIOKzlmtr3SuN9MZVmq1J47AQu8kN66RtluZYxuOwe0F9o0NhjQ0MONLJcf2nofT-E4spWoKNr80ouCJ9dM_hn4JsyEfJPhw8mm7s8%26cry%3D1%26dbm_d%3DAKAmf-BBByvxZU0lJNZALVLjuAtQSSnWnYkBPXv9FPvev5ep9iBrQNnb0GQpngwdfL8xhRfupcuqpiPY7jfLyeKGOgGqUwjm94jxQLhHuwtUSj00nh_xcBclAGFJgaXmg3FECFtpbuGVPM-NkjlQLBoTZjetAnXuo0rNHPzrplHz7h1NZElZugPspLJ8ahYRA6VlLxPyXCmQ3aTw176IGGENVEHxJdYSSXYdEbYNHnIPcXiEAI_wkF6AVHkpW2kwzaAiLXsQGCj4yXJJDf1xYgL5AUmJGQJCLgPU7J2hkPhwr-u_ujeJpo8A09_mrHqbuH64ONHI9WIOBpGyO8LFrQCDN0oPkoeY1HT4vCCUif_4cYaodDQI0Jt7tCiDaclypYANW8L165m6NJEu3Q2IueXbhs-f3dcawoYZ6my9BB7pus-WPfRU6fQbi5cgdvJDiQopcOiUHtq7mXM5W0XdcRK4mPGJvp6i8m2wl08VgoEud0vLTkB9BefSVWg16CWZ_sWb4-uICai5GHUfJYeSh8lxbaSZMHfvjA%26adurl%3D&cb=1680495208304556
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe202abf53bad9d94579af8970df45a80825ce2f107db690c1d71278826d157

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Apr 2023 04:13:30 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: yuPzqdVejh3V/xKTkpP2yw==
age: 1617531
cf-polished: origSize=159436
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 15 Mar 2023 09:37:34 GMT
server: cloudflare
etag: W/"0x8DB2538E82092A4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f37f46ec-501e-0040-4a22-57ea1e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: public,max-age=31536000,immutable
x-ms-version: 2011-08-18
cf-ray: 7b1e7ab7eb39d93f-HEL

GET
H/1.1 200
OK skrinshot-14-06-2022-204227.jpg
lemzspb.ru/wp-content/uploads/2022/06/ 43 KB
43 KB 32ms
32ms Image
image/jpeg 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lemzspb.ru/wp-content/uploads/2022/06/skrinshot-14-06-2022-204227.jpg
Requested by: Host: lemzspb.ru
URL: https://lemzspb.ru/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: b1a657586b22addb8accb2d4699c03c24a8bb812c8bf87401bd49767e77682ea

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:30 GMT
Last-Modified: Tue, 14 Jun 2022 17:34:26 GMT
Server: Apache
ETag: "ac33-5e16bd0ed3815"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9996
Content-Length: 44083

POST
H2 204 csi
csi.gstatic.com/ Frame BE77 0
54 B 115ms
114ms Ping
image/gif 2a00:1450:4017:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lg0bgiay&c=4560652538737&slotId=2280326269368.5&qqid=CL6Tr7_sjP4CFQ_Cdwodl9IMuw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=989&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230327_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4017:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4460 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 32edac7c-3dcb-4aa2-af2c-0638884260a2 Show response
https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/ Frame 4A3E 668 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/32edac7c-3dcb-4aa2-af2c-0638884260a2
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.5b52d8f9d40b2db6298f.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 668
Content-Type

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4460 0
20 B 95ms
94ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9612388805760&version=m202301230201&ct=77&x=1&cor=3341520007210956300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 4460 8 KB
9 KB 106ms
41ms Font
font/woff 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F550abe329445702310657a53%2F58b818c8e039002a64adc166%2F96044bfc-b5f5-4add-917f-c8a48a793d11.woff&t=%20%2a%2C-.%2F12349HUVadehijklmnostu%C3%A4%E2%82%AC
Requested by: Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cde83a35570898773b44b04f85ad40ff64641abc02194b8901b2e3801ee8d78

Request headers

Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
Origin: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:30 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 11:12:15 GMT
server: cloudflare
age: 1443675
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=96044bfc-b5f5-4add-917f-c8a48a793d11-subset.woff
cf-ray: 7b1e7ab9dfeed90a-HEL
expires: Sat, 16 Mar 2024 11:12:15 GMT

POST
H2 200 70274068 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 255ms
60ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/70274068?wmode=0&wv-part=1&wv-hit=689335615&page-url=https%3A%2F%2Flemzspb.ru%2F&rn=58899432&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680495211%3Aw%3A1600x1200%3Av%3A991%3Az%3A0%3Ai%3A20230403041330%3Au%3A1680495207663380286%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680495211&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lemzspb.ru/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Apr-2023 04:13:30 GMT
content-type: image/gif
access-control-allow-origin: https://lemzspb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Apr-2023 04:13:30 GMT

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 4460 6 KB
6 KB 38ms
38ms Font
font/woff 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58b81434e039020e54fff1f6%2F44817080-542f-455f-a935-fa0f22ada2bf.woff&t=%20%2C%2F1349NRaeijklmnorstuy%E2%82%AC
Requested by: Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5c3831008ad854d2f21411dfe50befcd29bdeaa5a0ba90c5de30c9701eebee4

Request headers

Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
Origin: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:30 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 11:12:24 GMT
server: cloudflare
age: 1443666
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=44817080-542f-455f-a935-fa0f22ada2bf-subset.woff
cf-ray: 7b1e7aba18a2d90a-HEL
expires: Sat, 16 Mar 2024 11:12:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 99ms
98ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230329&jk=3198531475903731&bg=!Q0ClQBTNAAbEgrg45II7ADkAdvg8Wruq5e8hHbOuy5pWfg7M42EwOk-k7sKNO1TtwLP8p0eEq4OX91bj_Q3YpwdFWJrRr-FP0AgCAAAAe1IAAAADaAEHCgBmJvcI4I0AQ9xqElxYv8HUIg8vmh0nlNlfUC0vsJ6nQ-KbLlG7bv5lT8yjLk6TuwDbt4wS3DgpTkTyF7yhx_3jK7g-hxTtPZhyAHY2OQtbLLGgZ7QWOEdALIuYT7oIQ-F7oWcgDg98mQKeTWszsBCLI3k6pQnP-cHpbY4aJptWucGaoYYK6BdQmnYxqweeH8Du59dLtG34Oy8k-wPhAU1j2NXx-keckQ17O5abVLBmyTOVPBp0JbbX9_K7RHDTSGRA8LAD4zEtAjl7QV285N7fThroQPq1J4mSlunmE3MEN0nhHjUWP614mXdO1tdpNhjpjcYLgefVAqoJRzBaefsbXgcIcBiK0zWEOoonTtX-k7E8UCWzx-RHtmInkED-HJYTHJObNBbeUYbNW9UqNKplnyxqTdJsx0vAYP5QkQ5D1cF-xnT3mhzr-9riSO_VDk5meyQJZqjhykAXPHdLr5hVPdC8Vu7zBmeW8EYerUmmNVwwiwAKAkjxXjPRF5G8fsQaHP5u4zgtieGoOQWkPE-JYENY2s988EOpeR1uNxbv9t9YX5ZeG1FT0ogfskKJ1rd-e9S_j6ZIy0VplZjXPwRs0B-KKyi-cduS92jTiJK21nLwJ8rJRAZetAJIywx5teGqCRm-iSj1YkDXP7Ww5v6BIF8dxGGzlHFTNJrDhBFnRiFE6zcusUOWL5XC1T2fi7vYofJAKDkHbXnj72q0f6cpeTgia9JlFmZVED_vVfBeLrdcAmJdKElHlQ1Wzhn1pqqli3HQNVoBPubD3CKcgyMFf1mU8g5UZzogK4NmKqjJ-PDuBO868nWi3-PnaO964jnyAzVcIRoI7CqJ7UGZR6sixH8GEvs0YqOeuvHUZ9gr9bRd6OOkj-zIxxnht3EQOmkyAOsT36bPtKX6UNsY9Ng4Rw9N_3-QBlKBefdhLRTQuhN9bfdT3jP8WXm3zzrfqlkw4Un9FDULieWCGUWPRI53Yl6zksQkZgfsn7DuXtgKbWqHONSqEimcw6WtD8VFFD43EtTQVEGEOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 font
c.bannerflow.net/fs/api/v2/ Frame 4460 3 KB
3 KB 37ms
37ms Font
font/woff 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F58b81434e039020e54fff1f6%2F015c5988-2081-4008-bc1f-d4b7f4a15ca7.woff&t=%0ASUdeilmnorty
Requested by: Host: cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
URL: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f4cf2e1edb51de38de6bab2e643db3d05711cf98c7e6600a24dd38fb902d5c

Request headers

Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
Origin: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:30 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 11:12:15 GMT
server: cloudflare
age: 1443675
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition: attachment; filename=015c5988-2081-4008-bc1f-d4b7f4a15ca7-subset.woff
cf-ray: 7b1e7aba5943d90a-HEL
expires: Sat, 16 Mar 2024 11:12:15 GMT

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 4B6D 16 KB
16 KB 38ms
38ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fstorytel%2F58b818c8e039002a64adc166%2Fimages%2Fa3e5db75-2635-4920-af50-db43440a357e.jpg&w=640&h=427&q=85&f=webp&rt=cover&x1=0&y1=28&x2=640&y2=309
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4b6c0f03ad372fc341258a5b4a268126f42d13b05ee4ee927ce49dcf5c3a19a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:30 GMT
cf-cache-status: HIT
last-modified: Sun, 02 Apr 2023 16:27:19 GMT
api-supported-versions: 2.0
server: cloudflare
age: 39920
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b1e7abae917d93f-HEL
content-length: 15952
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 4B6D 2 KB
2 KB 37ms
37ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fstorytel%2F58b818c8e039002a64adc166%2Fimages%2F506f00bb-f959-4cc9-b685-bbf000b8c14f.png&w=172&h=312&q=85&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f90ad760bc07c15b5e0fbf6fb592c64976e9d3a9c83bbf23540ad463fe164fb6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:30 GMT
cf-cache-status: HIT
last-modified: Sun, 02 Apr 2023 08:48:45 GMT
api-supported-versions: 2.0
server: cloudflare
age: 54131
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b1e7abaf934d93f-HEL
content-length: 2096
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 93C7 7 KB
7 KB 38ms
38ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fwww.storytel.com%2Fimages%2F640x640%2F0003149892.jpg&w=116&h=116&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81513c47c34d4e92f81cd03f2e2a1fff11b5a7547fe9e60551e3c448798f2fb8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:30 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Apr 2023 14:38:39 GMT
api-supported-versions: 2.0
server: cloudflare
age: 48842
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b1e7abb196ad93f-HEL
content-length: 7458
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame BDAF 5 KB
6 KB 42ms
41ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fwww.storytel.com%2Fimages%2F640x640%2F0003242734.jpg&w=116&h=116&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca1ddda835e8de26d788269124b8afbcbd129bc33068cec16feee0ea4067e43d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:30 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Apr 2023 14:38:39 GMT
api-supported-versions: 2.0
server: cloudflare
age: 48842
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b1e7abb1971d93f-HEL
content-length: 5626
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 optimize
c.bannerflow.net/io/api/image/ Frame 9506 10 KB
10 KB 44ms
44ms Image
image/webp 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fwww.storytel.com%2Fimages%2F640x640%2F0003417561.jpg&w=116&h=116&q=90&f=webp&rt=contain
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43ae125a3fdb80425e831e218a5bf5a7e862f05ac87824a03a6f0aaadb010db0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:30 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Apr 2023 14:38:39 GMT
api-supported-versions: 2.0
server: cloudflare
age: 48842
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 7b1e7abb1979d93f-HEL
content-length: 9962
request-context: appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1

GET
H2 200 641309bcb95a69a5c585b0c0.json Show response
c.bannerflow.net/sfeeds/5f3f61791bd8d345f0b8369b/ Frame 4460 31 KB
3 KB 151ms
150ms Fetch
application/json 2606:4700::6812:d32c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bannerflow.net/sfeeds/5f3f61791bd8d345f0b8369b/641309bcb95a69a5c585b0c0.json
Requested by: Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/feed.ac107082df06007ec521.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d32c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09c18fb24c1ab3dd627ce3d6c8bd6ac13e7531a1fa9bd554747c8b6bbeff5980

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 04:13:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 03 Apr 2023 04:13:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-if-error=28800, stale-while-revalidate=28800
cf-ray: 7b1e7abb2b02d90a-HEL
request-context: appId=cid-v1:ab2f42fc-6a35-4ceb-b810-86e88366fb0b

POST
H2 200 70274068 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 50ms
50ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/70274068?wmode=0&wv-part=1&wv-hit=689335615&page-url=https%3A%2F%2Flemzspb.ru%2F&rn=955324702&wv-type=3&browser-info=we%3A1%3Aet%3A1680495211%3Aw%3A1600x1200%3Av%3A991%3Az%3A0%3Ai%3A20230403041330%3Au%3A1680495207663380286%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680495211&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lemzspb.ru/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Apr-2023 04:13:30 GMT
content-type: image/gif
access-control-allow-origin: https://lemzspb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Apr-2023 04:13:30 GMT

POST
H2 200 70274068 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/70274068?wmode=0&wv-part=2&wv-hit=689335615&page-url=https%3A%2F%2Flemzspb.ru%2F&rn=727869077&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1680495212%3Aw%3A1600x1200%3Av%3A991%3Az%3A0%3Ai%3A20230403041331%3Au%3A1680495207663380286%3Avf%3A3ue65zhww2f2brt35wtqzj%3Ast%3A1680495212&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lemzspb.ru/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Apr 2023 04:13:31 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03-Apr-2023 04:13:31 GMT
content-type: image/gif
access-control-allow-origin: https://lemzspb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 03-Apr-2023 04:13:31 GMT

GET
H/1.1 200
OK skrinshot-14-06-2022-203507.jpg
lemzspb.ru/wp-content/uploads/2022/06/ 126 KB
126 KB 31ms
31ms Image
image/jpeg 95.217.100.0
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lemzspb.ru/wp-content/uploads/2022/06/skrinshot-14-06-2022-203507.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.100.0 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.0.100.217.95.clients.your-server.de
Software: Apache /
Resource Hash: c3a99a60005eebfda6bff6539fef6a3667c8f490d826b9e8133b5b4564fb2223

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://lemzspb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 04:13:34 GMT
Last-Modified: Tue, 14 Jun 2022 17:27:04 GMT
Server: Apache
ETag: "1f67a-5e16bb69769be"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=9995
Content-Length: 128634

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lemzspb.ru/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.yandex.ru/	1970-01-20 20:24:15	Name: i Value: hjM7C8JqzWXR74MfJfbi1inUnmXICxIr1BgrfGUQWm2N66n/05im8fxwmwXI8bpLEuJqZ2v8TSOQOjXWVSg7v9iHGu0=
.yandex.ru/	1970-01-20 19:33:51	Name: yandexuid Value: 6983049621680495206
.lemzspb.ru/	1970-01-20 19:33:51	Name: _ym_uid Value: 1680495207663380286
.lemzspb.ru/	1970-01-20 19:33:51	Name: _ym_d Value: 1680495207
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1844643141680495207
.yandex.ru/	1970-01-20 19:33:51	Name: yuidss Value: 6983049621680495206
.yandex.ru/	1970-01-20 19:33:51	Name: ymex Value: 1712031207.yrts.1680495207
.lemzspb.ru/	1970-01-20 10:49:27	Name: _ym_isad Value: 2
.lemzspb.ru/	1970-01-20 10:48:17	Name: _ym_visorc Value: w
.lemzspb.ru/	1970-01-20 20:09:51	Name: __gpi Value: UID=00000a3df53e8a25:T=1680495207:RT=1680495207:S=ALNI_MYdnijcmQzaCvyQTEhUtO0zhbVH5w
.lemzspb.ru/	1970-01-20 20:09:51	Name: __gads Value: ID=4fd4930ef642e604-2252399ff6de0041:T=1680495207:S=ALNI_MZPi34N69A3y1HLDezjs__Ja68e0g
.doubleclick.net/	1970-01-20 10:48:18	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 20:09:51	Name: IDE Value: AHWqTUlT1WboEXz_vymHjaCsTDhSHFi_JuATAvAFPyUHUCDTFotn7GV9svJVODypbPs
.ctnsnet.com/	1970-01-20 19:33:51	Name: cid_cbaf671722504df0a3c8102bde3c987a Value: 1
.ctnsnet.com/	1970-01-20 19:33:51	Name: gid_CAESEGYelzc0dkC95FopXbgDQs4 Value: 1
.travelaudience.com/	1970-01-20 20:18:29	Name: _tracker Value: %7B%22UUID%22%3A%22B035ED37-C61E-451A-AE09-85DE5B5C5ACF%22%7D
.adform.net/	1970-01-20 11:31:27	Name: C Value: 1
.adfarm1.adition.com/	1970-01-20 12:57:51	Name: UserID1 Value: 7217671959458216077
.adform.net/	1970-01-20 12:14:39	Name: uid Value: 5009505870393071465
.casalemedia.com/	1970-01-20 12:57:51	Name: CMPS Value: 2144
.casalemedia.com/	1970-01-20 12:57:51	Name: CMPRO Value: 2144
.casalemedia.com/	1970-01-20 19:33:51	Name: CMID Value: ZCpSaTNcdjH915yQc7BwOQAA
.adnxs.com/	1970-01-20 12:57:51	Name: uuid2 Value: 7650865151578280229
.adnxs.com/	1970-01-20 12:57:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?foNB7.!]tbPl1M>e)ZlrFUfJ+tGXxoaXQ*eOPS5]+^(V)^LHTxZCyReFYZT(!1n8Od3If)y3KL9D3I?+`9Tjvj
ads.travelaudience.com/	1970-01-20 20:18:29	Name: _tracker Value: %7B%22UUID%22%3A%22B035ED37-C61E-451A-AE09-85DE5B5C5ACF%22%7D
.3lift.com/	1970-01-20 12:57:51	Name: tluid Value: 1383066116909192061356
.w55c.net/	1970-01-20 20:18:29	Name: wfivefivec Value: nlQdL4mr1PJbzr5
.yahoo.com/	1970-01-20 19:34:12	Name: A3 Value: d=AQABBGlSKmQCEK5i9UFVVRYgTjrfuXUznZsFEgEBAQGjK2Q0ZAAAAAAA_eMAAA&S=AQAAAkXE88Ub4kQK_PmaB8-sy9E
.everesttech.net/	1970-01-20 19:33:51	Name: everest_g_v2 Value: g_surferid~ZCpSaQAAARwiPQAm
.yieldmo.com/	1970-01-20 19:33:51	Name: yieldmo_id Value: g137fe4f7322a8583dd3%7C1680495209578%7C0%7C
.mathtag.com/	1970-01-20 20:14:10	Name: uuid Value: 5b2b642a-5269-4600-a8e0-c36a50a82140
.mathtag.com/	1970-01-20 11:31:27	Name: mt_mop Value: 4:1680495209
.w55c.net/	1970-01-20 11:31:27	Name: matchgoogle Value: 5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://lemzspb.ru/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
ads.yieldmo.com
adservice.google.com
adservice.google.fi
an.yandex.ru
bid.g.doubleclick.net
c.bannerflow.net
c1.adform.net
cc158876c122775fd1e3ecfe7f5e98f7.safeframe.googlesyndication.com
cdn.afp.ai
cdn.ampproject.org
cm.g.doubleclick.net
cs.chocolateplatform.com
csi.gstatic.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gcm.ctnsnet.com
get.optad360.io
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
lemzspb.ru
matchid.adfox.yandex.ru
mc.yandex.ru
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
push.24olimp.ru
r1---sn-ixh7rn76.c.2mdn.net
rtb.openx.net
s3.wi-fi.ru
securepubads.g.doubleclick.net
ssp.afp.ai
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
yandex.ru
yastatic.net
103.229.205.242
104.111.217.42
13.248.245.213
142.250.186.162
151.101.130.49
159.203.145.121
185.80.39.216
2600:9000:225e:800:11:a4de:2580:93a1
2606:4700::6812:d32c
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:4017:804::2003
2a00:1450:4026::6
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
2a05:d018:d29:3601:26a7:915d:b928:9358
35.186.193.173
35.186.253.211
35.190.0.66
37.157.4.24
37.252.171.21
51.89.9.251
52.28.233.170
63.35.112.107
64.233.167.155
69.173.144.139
79.98.186.40
79.98.186.41
85.114.159.118
91.220.120.249
92.38.252.165
95.217.100.0
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
067796392caf6a57a4a084f2b87b7bd9ca1ec0247d6c01e62bf320673ae1dbfa
07d729aa65e3ca26f7c3304b34fcc65b5277225123dc5798483cc7c4ec7fa5e8
08f4cf2e1edb51de38de6bab2e643db3d05711cf98c7e6600a24dd38fb902d5c
094f6f233e9472167435b246490604861a4246e03b7996791854f66e94ba9b82
09c18fb24c1ab3dd627ce3d6c8bd6ac13e7531a1fa9bd554747c8b6bbeff5980
0a4d5497c35d905a11c33e131e72ed0aee10fa28b258bb5ae8a813c130955a72
0a4e2bc9aab60ed6d79dce51d9497b00f20ba2626de58981188931e10d4b8a30
0b4d27af1817d4f0e0bdae3c777259e7a36fa2e9c2a6e5fed8efa53442172ac4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e76dc3506cb6cc5b6990aee36bbb0b8ee6d3dc2ec178776c20809dfba47640e
0e9019ccb6873ec8c8fc35dea4f692774101c4d7b6b71631dc837e1b367dfd0d
0f0d14e678c7dd5f443e5810048090a0a12ac42e474c478b948a8d44c7f6a4d1
1085ca7b96d9f287bf35a440569948a42787e6a6b94144936149dee077b22277
10bdf4ea2e568a69a0c35be2e27934855159dbc3189c335aa5115048a5ee401d
125d5fa613eec3bc5949a3fc0cb2019787014e171063f31e66bd2eca1cd95aff
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
167b257107cabdb59f856f00b9f9947ccea131594fda5897adb27503126a6a69
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a4b2c54c117337f422afbaaff66c2f30cff7cba3d0d0901f8fd6fb88a0430fb
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1aeb766ac924a2d17e1ad98235f2a050e20502b398905537837541a9ccfd6ed3
1c20d7a4bec0164ba7be92f9315dd71f8f0571be1b4094dc2c96aa3850433ed3
1d3582a0f5ff7ffc827325d585d1f40db57f2cb82ade993a2ec5764429d818a8
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fba9c137973a10da57f6fb5a99315f47821bb085e7632378943dd6650fb11ff
215ab645453e03febd3fd2d6f5c7d6f9c9db5e70e0ebfeeb8ce68c95b60c86f2
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
29d3f486006b57de9e7da9a589c31236493d8b6530b4be8c3730110f1308d31b
2b5891da4d090300d67d26bfbbe8c6bb84048d767a942644214a2903bfc1e07f
2bfd2f06c30b3b82aa3c931d2d72cb136fad148c0d8ad245cbdaf57f70565b73
2e59e11845d0bb2a6aef1777b9a763f0970e609a16f4967614451b84913556eb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3764732a890dd9e6c62383df3f62a2ae406b66b3ebfc04db762ef9811a5bd2d8
397850bc917afaa87d5ffce333fd3db75d324bb3a76249ab53cfd9e60197742b
39bf4b0526001d82bd85bb655c49d93522bd920d05c29f5da24330a519b208bf
4271be75b6549727b2f6b020a48a3df7d47a7e97f70371379935d25d52dbdd2a
43ae125a3fdb80425e831e218a5bf5a7e862f05ac87824a03a6f0aaadb010db0
448325b3d1e07ef378bbab4e97738da742d873e22e84c82b75585ac3fa6bd748
458af683b8dbd6454c2ab93f5d228801d4c9edb8a8a8930c28563c6406a849f3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
49877ef274b96707b12cf48388f3ba01b787402b7eedd4d9bfa9b02f699f333b
4a56d8d0fbe3945bf34ba1a22a9aefd459047fe57a6a4182854aef492a94bec8
4a709de0e1f32a1feee31a046987a53229bc53f43cc37c2c4c40846053846c83
4aba04370354f21eb09970b87c1d5b51a2ea71753978705386219b4821ba3b37
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cde83a35570898773b44b04f85ad40ff64641abc02194b8901b2e3801ee8d78
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4db911ac3e415c6ca9f805d69f8109e7256893d71418eddd325436fb8fd64fea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
523489f9e3d44cb42f1eced6c1d82424fe8a22fec67829c4c4c6d3b073b95b9b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
59800a8e9074505b17b07c2642b748e0af86c7cadbbd89900d7a88a9f73be4a2
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5de1270d2557350968918b123be25f62091d74ab0b4ffce7aaab50e043e4ac1b
5f805f444ebaefc343935db22815a0fe404e7b266ec1c076d65b1bffbf30d90e
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
6164e56cbfc489dda1e1e8be7c3ec2d7a47f77bfade1a367609197c99a069f6c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68287dc702e37fa57ad91175274ac856c9273acb0813d98e1bd74004d59bb51c
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656
6c6a5968665c64515444f54dd4e14318f66239a95d11c01f36ddbcadb22e501e
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
707615bad80a3b7ddc8b04051c8dd5f5eaa5fbc37020e5628bd0442a893d35f3
73ed0e65cdace58a090069188df31d194b8c81ac33ff696b52beab4e0d8b861a
74cd04f60065b6e31e98e97a89b616b2f46ac40ea2533bba749515688b4b8047
78998a79528c9af036acd2d6cc5638c0b3b0d338fd42bb2cb6f2a7bc8b676623
795b2a01caf325aef8ed9aa0165bfb2a06d6bbea388aa84d5be120e289396688
7c66ee5d05eb732bf9eee25a58b37e0f78e88eb5555aef985c221713fd578881
7c90fbb486219001049b8d878dcecbd06bcc799518896416df9dfe2918b62c26
7f7bfc542aafccfcfd218da96d3474ef580038d1903341e4b30e4ee23c8a10c4
80003f2a47d9ea059497c2bf2290c45376dec5ae871c3e7fb6b75a42976457eb
8002a945f5b52c6a4012321dfed057486e0cb2cf37773cc204567ed6347eef8b
80042a2ba4be8704e8b41ec93c8e81a2c6df1f2b4176b272fefa2611a5af30b5
8091feb8ae351ea191f02af60b6c3caf882df14011ce872d8dba382e3509c7b4
81513c47c34d4e92f81cd03f2e2a1fff11b5a7547fe9e60551e3c448798f2fb8
8a2b0af78d1e0476fd280d54a68747c7b35b87b406d48f63a61bceb74c987eb4
8ca69fa9bfc47273b071c515d04661647f3d55e6100438e265d507f09e75ba97
8cb00b3db2e68ae430cd96730d426b74a42cd138f3f2475564861aa1fdda0888
8fe202abf53bad9d94579af8970df45a80825ce2f107db690c1d71278826d157
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
9153ccda62a4b93f9fcb6788ca17fd4c167eb45a30ef0cddfbd952479015afda
950d5d7051895580bfa7c5e177edc65342cb4f469358aa23c8c24bc689486421
95eec40f7573a24dc0074edd15e434f990788f3a3db29039a20066e568a25a1b
973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde
97df1d15bca156612589d032dd9f81cc0f2b0b5e6a7f15bd4fc6e867b091bcd8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c3831008ad854d2f21411dfe50befcd29bdeaa5a0ba90c5de30c9701eebee4
a764c6458cc83d892f1ae7caa0b260b238cf9000d11db1e9ba6d505af0e06c94
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
a8e169e7c9e27f69e39f6c9e8bb9b7283db3b9485e5fcef4b815b3aaf64284f2
adce49a4a3049319e0952dc4b316f74a1a3e51bb7f4a0d9409eabcaabd326a3c
ae3fd39aed1f80c650f72ec55e002c64a78e9dff21e43858b9cd03b40660a2e1
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af6bd3f9ee669bc57d0d63d5a767677c9f40032def06b4a33626f8de637e7106
b02f486747f04bb352700e442fe821f20b481e66063db8661851308bafde3ba8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a657586b22addb8accb2d4699c03c24a8bb812c8bf87401bd49767e77682ea
b36d18262c665dc0425d093d2ea9ad977b9d3e9354c87d80652e1f1bb0d10dbd
b4f1ff793b9ae11982096cb0c049cd0a0cee90b9cddfe72c35b33b370f743865
b5e736f3989ea6c896689924676f07a15702d2000e730452dc37afedb996ecb5
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b8fe215d68eba760ee1d1f705630caa34e71b503cd1f8a137207200b475ba837
bac819a5bc970cd6cb39e39cfcba3cdd94646474eb9085eeb5a25d62d23313c2
bc225d7702bb26b5bb402e0c5cd5f8fa1a426755eea6146744645c13d52becdf
bd80a95b5885f96220ff2b87e97ea9bdbcaaab4b42a9df0a3850c696b7cd09ba
be1d882665dbe8315c44ea23b1ef040acee463dbc2df107f77909afa4ec72142
be7cf0def7deb05e739d9866c290df220818f11d361aab9ae2b8c80315f33c57
c071fd7b17918e8823cfbe1d5bb3c5d2f5ce9f47ac501d8fdc5249b0e88198ab
c0ca1ee8e7221cbaa76f12f6f33a78cbf395b69bca401c3e651ae5794bde7be3
c10ae1f077570131a120fe65c3e73f38274137c6dc06557625be9eb02ad8f187
c3a99a60005eebfda6bff6539fef6a3667c8f490d826b9e8133b5b4564fb2223
c4d58e72dd5abb163be649075719ec3c04f7debf325c316399967df418be8c10
c8fe5c3091752b8a97d9e3217744f408187f8a7cebcdfd04cde3283bcf2885a4
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca1ddda835e8de26d788269124b8afbcbd129bc33068cec16feee0ea4067e43d
cb3f20872ae1f1a7c92266646845b7184b62e779cc4f30b8d350f7fa4876563c
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d412cffd4efa8babc5ab9c766ddf02558ff109c15732a3be109ecc1133fe2bde
d4918b43694447e6cdfcdd335b9791ef508b83172a77e53f4e73b268f72ed5cf
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e175863cdf068316ac40542c5d502fa7aecb97e2444a16ae4bed7c9c073605aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7f035b47da981f01e9f8291473c0aa416f7d24ee8f530b7d702e8545f3c3bf
eab8d9a62dd51ac089cff79945988543cfef7365d9140bd3852fe87138f64d46
eb8709dcdf61f0d4e056e80e61413357bd0f4dd0ff4ccf8114e50932556e31a1
ede7f841f9d4e60068660bb18ee1142fac73ccfe3ddc20235f6d2ef36e6a202c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31210e21886d78cd5e904606d37dae653e9cd277274864ba467b8335d26a4e6
f4b6c0f03ad372fc341258a5b4a268126f42d13b05ee4ee927ce49dcf5c3a19a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68786eac283b5f393a57aa12cac5b3c55f26b3b226de98c6dc9afc252767ab6
f90ad760bc07c15b5e0fbf6fb592c64976e9d3a9c83bbf23540ad463fe164fb6
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

lemzspb.ru Open in urlscan Pro 95.217.100.0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

217 Requests

88 %HTTPS

51 %IPv6

35 Domains

49 Subdomains

35 IPs

9 Countries

5728 kBTransfer

10523 kBSize

34 Cookies

0 Outgoing links

Page URL History

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lemzspb.ru Open in urlscan Pro
95.217.100.0 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

88 %
HTTPS

51 %
IPv6

35
Domains

49
Subdomains

35
IPs

9
Countries

5728 kB
Transfer

10523 kB
Size

34
Cookies

217 HTTP transactions
19 data transactions