URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Submission: On November 22 via api from US — Scanned from DE

Summary

This website contacted 31 IPs in 5 countries across 21 domains to perform 111 HTTP transactions. The main IP is 35.244.140.185, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.lrt.lt.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 9th 2021. Valid for: a year.
This is the only time www.lrt.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 35.244.140.185 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.207.10 16509 (AMAZON-02)
1 6 79.137.68.143 16276 (OVH)
1 2600:9000:205... 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
7 142.250.186.98 15169 (GOOGLE)
2 34.253.27.153 16509 (AMAZON-02)
1 18.208.50.180 14618 (AMAZON-AES)
3 2a03:2880:f11... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 146.59.30.108 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2 2620:119:50e7... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
111 31
Domain Requested by
31 www.lrt.lt www.lrt.lt
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
6 galt.hit.gemius.pl 1 redirects www.lrt.lt
galt.hit.gemius.pl
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 www.google.com www.lrt.lt
www.gstatic.com
tpc.googlesyndication.com
www.google.com
5 tpc.googlesyndication.com 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 s0.2mdn.net 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
s0.2mdn.net
4 connect.facebook.net www.lrt.lt
connect.facebook.net
4 static.mailerlite.com www.lrt.lt
static.mailerlite.com
2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.facebook.com www.lrt.lt
3 www.googletagservices.com www.lrt.lt
2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
2 fonts.gstatic.com www.google.com
2 px.ads.linkedin.com 2 redirects
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 www.googletagmanager.com www.lrt.lt
www.googletagmanager.com
2 pipe-collect.ebu.io peach-static.ebu.io
2 cdn.mailerlite.com static.mailerlite.com
2 track.mailerlite.com www.lrt.lt
2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
2 bucket.mlcdn.com www.lrt.lt
2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
1 www.google.de
1 consentcdn.cookiebot.com consent.cookiebot.com
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.lrt.lt
1 ls.hit.gemius.pl galt.hit.gemius.pl
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 ping.chartbeat.net www.lrt.lt
1 static.chartbeat.com www.lrt.lt
1 peach-static.ebu.io www.lrt.lt
111 34
Subject Issuer Validity Valid
*.lrt.lt
Sectigo RSA Domain Validation Secure Server CA
2021-07-09 -
2022-08-09
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-30 -
2022-06-29
a year crt.sh
mailerlite.com
Cloudflare Inc ECC CA-3
2021-07-30 -
2022-07-29
a year crt.sh
*.ebu.io
Gandi Standard SSL CA 2
2020-03-16 -
2022-04-02
2 years crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2021-09-08 -
2022-09-25
a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2021-05-20 -
2022-06-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-08-31 -
2021-11-29
3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2020-12-01 -
2021-12-30
a year crt.sh
*.google.de
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
consent.cookiebot.com
DigiCert ECC Extended Validation Server CA
2020-06-11 -
2022-06-11
2 years crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-07-15 -
2022-07-20
a year crt.sh
*.cookiebot.com
DigiCert SHA2 Secure Server CA
2021-07-05 -
2022-07-13
a year crt.sh
www.google.de
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh

This page contains 11 frames:

Primary Page: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Frame ID: 5141C4FAF5BC2205CC044D60FF1B26A8
Requests: 76 HTTP requests in this frame

Frame: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7EF40F3EC823682E8F8CCCCDB09D7FDE
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 18300843B171C5E3B0CD717693EC70BC
Requests: 1 HTTP requests in this frame

Frame: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F66B96A23D4EC697303638BE0F679C9C
Requests: 8 HTTP requests in this frame

Frame: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6CF8D74955501F0831BF9EC6AC9C720B
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1783495/5092517171/1637059725003/1200x250.html
Frame ID: 5A1260F2E878CE5911886D2554AF9A32
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcThNcUAAAAABDTmIZlL_eA5BLeCrP3J6gkzEem&co=aHR0cHM6Ly93d3cubHJ0Lmx0OjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pbdw9qfkky8r
Frame ID: 7CE6A445C2EB40F5C778BA8631F783F6
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E0CABCEBD4F3CC7DA9D05503211DAF2D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C50E78BAD3D043B80AB64E4005F4861
Requests: 2 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Frame ID: 05D671E0358371781AB07FD116AD0805
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 09BA2504D5AD92A34F400519E75CA1E0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Belarus state-backed hackers target Lithuania – report - LRT

Page Statistics

111
Requests

98 %
HTTPS

75 %
IPv6

21
Domains

34
Subdomains

31
IPs

5
Countries

2895 kB
Transfer

7938 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://galt.hit.gemius.pl/_1637583458039/rexdot.js?l=100&id=.X1F.W7YfbCXbxjdU_sbZLcf.fM8IC_wGI5oEaX38pP.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=128&lsdata=epxrCHpqxrl6shQnSI2xZBnJshUZin4n8wvggxp.w73.57V7vUskJkllkUQE88QEcEvT4_gXX3V7rJOtyDApUaXJcvYw/pMfA0Z1gupIq_/&fpdata=B.dlbR35TgUSHVTsZe1xQlEPKoDQmhOY7gvxWydrCq..D7&vis=1&fpcap= HTTP 301
  • https://galt.hit.gemius.pl/__/_1637583458039/rexdot.js?l=100&id=.X1F.W7YfbCXbxjdU_sbZLcf.fM8IC_wGI5oEaX38pP.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=128&lsdata=epxrCHpqxrl6shQnSI2xZBnJshUZin4n8wvggxp.w73.57V7vUskJkllkUQE88QEcEvT4_gXX3V7rJOtyDApUaXJcvYw/pMfA0Z1gupIq_/&fpdata=B.dlbR35TgUSHVTsZe1xQlEPKoDQmhOY7gvxWydrCq..D7&vis=1&fpcap=
Request Chain 92
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3108402&time=1637583458043&url=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3108402%26time%3D1637583458043%26url%3Dhttps%253A%252F%252Fwww.lrt.lt%252Fen%252Fnews-in-english%252F19%252F1543240%252Fbelarus-state-backed-hackers-target-lithuania-report%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3108402&time=1637583458043&url=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3108402&time=1637583458043&url=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&liSync=true&e_ipv6=AQI1RP1NEp9cEQAAAX1HlJIPhXNrokUGu6JFTN4dy6pWt5Roi9QbW4vSCPTPTOv0gwdvadLdoA

111 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request belarus-state-backed-hackers-target-lithuania-report
www.lrt.lt/en/news-in-english/19/1543240/
106 KB
20 KB
Document
General
Full URL
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
c6121e078ae78d8b8fbaa54ac75b28995320322d04b0cf3e05a0497cbeb8840c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
shield
date
Mon, 22 Nov 2021 12:17:36 GMT
content-type
text/html
content-length
19994
vary
Accept-Encoding
charset
utf-8
content-encoding
gzip
x-varnish
712395694 713101840
age
116
x-cache
HIT
x-cache-hits
1
pragma
public
cache-control
public, max-age=15
x-shield-request-id
58868b86b138f94b01f1bc7c63681fc0
accept-ranges
bytes
via
1.1 varnish (Varnish/5.2), 1.1 google
alt-svc
clear
app.js
www.lrt.lt/js/
852 KB
279 KB
Script
General
Full URL
https://www.lrt.lt/js/app.js?v=493
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
77995b3a3d09c72d66e7f6ba4b51553202ac882a5338be908b17a09ce1f11351

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
0
x-cache
HIT
x-cache-hits
1
alt-svc
clear
content-length
284596
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Mon, 08 Nov 2021 19:44:39 GMT
server
shield
etag
W/"61897e27-d5184"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
700195845 700195843
x-shield-request-id
5ff5da942290ae22c72268b9a69482cd
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Mon, 21 Nov 2022 14:56:16 GMT
jquery-3.4.1.min.js
www.lrt.lt/js/jquery/
86 KB
33 KB
Script
General
Full URL
https://www.lrt.lt/js/jquery/jquery-3.4.1.min.js
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
0
x-cache
HIT
x-cache-hits
1
alt-svc
clear
content-length
33738
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
shield
etag
"5cca0c33-15851"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
451183426 454099405
x-shield-request-id
0e03a139bdc4444316903a24b05f61f9
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 17 Nov 2022 16:44:58 GMT
iconFont10.woff2
www.lrt.lt/fonts/SvgIconFont/
5 KB
6 KB
Font
General
Full URL
https://www.lrt.lt/fonts/SvgIconFont/iconFont10.woff2?v=493
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
5d284de8bbb671ca93bd8f784d9ea7d82a5b3c451b304a8773690777b017d5ce

Request headers

Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
0
x-cache
HIT
alt-svc
clear
content-length
5464
pragma
public
access-control-allow-origin
*
expires
Mon, 21 Nov 2022 14:56:16 GMT
last-modified
Thu, 17 Jun 2021 20:19:59 GMT
server
shield
etag
"60cbae6f-1558"
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
699332807 699875398
x-shield-request-id
ed3ea4c4ac50d97a2d848c2e871fb525
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/font-woff2
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
PlayfairDisplay-Regular.ttf
www.lrt.lt/fonts/PlayfairDisplay/
205 KB
98 KB
Font
General
Full URL
https://www.lrt.lt/fonts/PlayfairDisplay/PlayfairDisplay-Regular.ttf?v=493
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
844b4c3b02e307318abb61d8ebd55bfb8e19304515075fd8af06af099480191e

Request headers

Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
0
x-cache
HIT
x-cache-hits
1
alt-svc
clear
content-length
99737
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 20:19:59 GMT
server
shield
etag
W/"60cbae6f-33520"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
699652846 699037520
x-shield-request-id
975455080a0ec926d1ed9edd9dbc42d3
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/x-font-ttf
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Mon, 21 Nov 2022 14:56:16 GMT
SourceSansPro-SemiBold.ttf
www.lrt.lt/fonts/SourceSansPro/
285 KB
133 KB
Font
General
Full URL
https://www.lrt.lt/fonts/SourceSansPro/SourceSansPro-SemiBold.ttf?v=493
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
1abd7bd14daea0c793865e0df0e17b3f07ec1cbf22855676c4716726b930f17e

Request headers

Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
0
x-cache
HIT
x-cache-hits
1
alt-svc
clear
content-length
135836
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 20:19:59 GMT
server
shield
etag
W/"60cbae6f-47418"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
699332805 699875404
x-shield-request-id
94c24b504f4e0fb10d3766d267359b0b
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/x-font-ttf
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Mon, 21 Nov 2022 14:56:16 GMT
SourceSansPro-Regular.ttf
www.lrt.lt/fonts/SourceSansPro/
287 KB
134 KB
Font
General
Full URL
https://www.lrt.lt/fonts/SourceSansPro/SourceSansPro-Regular.ttf?v=493
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
71d10a86b4c54a5a9c0c8b467e53ac67d79edb96c956e4e9f65a7074dfb9992a

Request headers

Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
0
x-cache
HIT
x-cache-hits
1
alt-svc
clear
content-length
136496
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 20:19:59 GMT
server
shield
etag
W/"60cbae6f-47a8c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
700618439 700454129
x-shield-request-id
28bb4b5562f25ce60e2bd48f317b8722
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/x-font-ttf
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Mon, 21 Nov 2022 14:56:16 GMT
SourceSansPro-LightItalic.ttf
www.lrt.lt/fonts/SourceSansPro/
102 KB
54 KB
Font
General
Full URL
https://www.lrt.lt/fonts/SourceSansPro/SourceSansPro-LightItalic.ttf?v=493
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
93ed5542962715b40b4a63779206cd099d1ca865f0ee096a5cddce265be0c356

Request headers

Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
0
x-cache
HIT
x-cache-hits
1
alt-svc
clear
content-length
55587
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 20:19:59 GMT
server
shield
etag
W/"60cbae6f-196dc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
700618437 700812154
x-shield-request-id
a2927747de4fda29d00c9a8c47d1eee1
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/x-font-ttf
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Mon, 21 Nov 2022 14:56:16 GMT
app.css
www.lrt.lt/css/
891 KB
120 KB
Stylesheet
General
Full URL
https://www.lrt.lt/css/app.css?v=493
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
a51dac3d4e0cd24078369a282ba59486759bf0996c244a81fbaec0235a55af1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
0
x-cache
HIT
x-cache-hits
1
alt-svc
clear
content-length
122644
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Sun, 21 Nov 2021 14:55:52 GMT
server
shield
etag
W/"619a5df8-dedc8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
699875424 700745449
x-shield-request-id
2c3a87e307c5ce3d115f0d93c9af7644
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Mon, 21 Nov 2022 14:56:16 GMT
app.head.js
www.lrt.lt/js/
4 KB
2 KB
Script
General
Full URL
https://www.lrt.lt/js/app.head.js?v=493
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
d2ffdfbbb66a95b15a9d73abd2c7f8a41b0e1f1a6adcef88b46127d9d5404ba2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
0
x-cache
HIT
x-cache-hits
3
alt-svc
clear
content-length
1508
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Mon, 08 Nov 2021 19:44:39 GMT
server
shield
etag
W/"61897e27-ed2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
699875445 700423772
x-shield-request-id
35c7344733e66dd6c167e54135dbe57e
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Mon, 21 Nov 2022 14:56:17 GMT
gpt.js
www.googletagservices.com/tag/js/
77 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1051 / 436 of 1000 / last-modified: 1637582729"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26883
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 Nov 2021 12:17:37 GMT
logo-english.svg
www.lrt.lt/images/logo/
10 KB
4 KB
Image
General
Full URL
https://www.lrt.lt/images/logo/logo-english.svg?v=493
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
376a038489b4ddf6f472e2f87c2a75a01e588d56e3fcc9b490e465b3ff69ddfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
641
x-cache
HIT
x-cache-hits
1
alt-svc
clear
content-length
4178
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Fri, 14 May 2021 09:22:24 GMT
server
shield
etag
"609e4150-29c6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
707791126 707822021
x-shield-request-id
9b2353db0587886a4ffc054b067a8ff5
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Tue, 22 Nov 2022 03:39:43 GMT
969169-73154-756x425.jpg
www.lrt.lt/img/2021/05/14/
31 KB
31 KB
Image
General
Full URL
https://www.lrt.lt/img/2021/05/14/969169-73154-756x425.jpg
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
2f31edf5227a313db60ed4e3a55fc01880336263ec9f3e6b4d6073d039d09a63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
0
x-cache
MISS
alt-svc
clear
content-length
31417
pragma
public
last-modified
Fri, 14 May 2021 15:48:56 GMT
server
shield
etag
"609e9be8-7ab9"
x-varnish
711588785
x-shield-request-id
dae60486978fd82375d78aa1194facef
expires
Tue, 22 Nov 2022 11:30:19 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
0
5dcc95ea35753170c2955994a6fea7c948ffb283.png
bucket.mlcdn.com/a/1239/1239192/templates/39/39540/
3 KB
3 KB
Image
General
Full URL
https://bucket.mlcdn.com/a/1239/1239192/templates/39/39540/5dcc95ea35753170c2955994a6fea7c948ffb283.png
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912b5cc286400ff7896b5f8d61268987af954c1ca352bb2f1f2f3cac40c8cede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
cf-cache-status
HIT
age
6008
cf-polished
origFmt=png, origSize=3874
cf-ray
6b22187f69cd3742-MXP
content-disposition
inline; filename="5dcc95ea35753170c2955994a6fea7c948ffb283.webp"
content-length
2998
x-amz-id-2
AaaqossjVFMuSDTy5GEq80t49g9OZ/DK+lM+kjK4Rq1dm69xrzf76MG6AzQXQHGJo283NjhZUGw=
last-modified
Mon, 10 Jun 2019 06:54:51 GMT
server
cloudflare
etag
"03c8552d0f0c99514b5b3999fafaff9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
CDJ4TBW494P19EK0
cache-control
max-age=691200
x-amz-version-id
null
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
i0s8k2
track.mailerlite.com/webforms/o/1612938/
43 B
259 B
Image
General
Full URL
https://track.mailerlite.com/webforms/o/1612938/i0s8k2?v4a60e9ef938a7fa0240ac9ba567062cb
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:39f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b22187f6d513747-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/gif
webforms.min.js
static.mailerlite.com/js/w/
8 KB
2 KB
Script
General
Full URL
https://static.mailerlite.com/js/w/webforms.min.js?v4a60e9ef938a7fa0240ac9ba567062cb
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:29f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e2a7a2ade753679e8f8c4fd4eae75a99ccb4e87dfc3c91577db453812e9a8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray
6b22187f381759c5-MXP
date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 17 Nov 2021 12:43:24 GMT
server
cloudflare
age
558
etag
W/"6194f8ec-209f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=432000
strict-transport-security
max-age=63072000
content-encoding
br
expires
Sat, 27 Nov 2021 12:17:37 GMT
pxl.gif
www.lrt.lt/images/
43 B
239 B
Image
General
Full URL
https://www.lrt.lt/images/pxl.gif
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
199
x-cache
HIT
alt-svc
clear
content-length
43
pragma
public
access-control-allow-origin
*
expires
Thu, 17 Nov 2022 16:47:20 GMT
last-modified
Mon, 28 Sep 2015 12:52:44 GMT
server
shield
etag
"5609381c-2b"
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
445778548 443253507
x-shield-request-id
f35eb04c7350f6773fc619ae55034596
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/gif
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
2
peach-collector-1.x.min.js
peach-static.ebu.io/
36 KB
37 KB
Script
General
Full URL
https://peach-static.ebu.io/peach-collector-1.x.min.js
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-10.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fc44ca6f42bab7f2ba9e2b902c5dde018249448d25cd2e2185b9f441bb2e975

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 03:19:52 GMT
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 07:48:37 GMT
server
AmazonS3
age
34266
etag
"62122692a3e101365ccead6f9d70cb3f"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
37121
x-amz-cf-id
gzFSCJCKuyblXy3UKxm0fx-xj115brBHQuhmDgH4wBbzoGFKrMkc9g==
gplayer.js
galt.hit.gemius.pl/
22 KB
6 KB
Script
General
Full URL
https://galt.hit.gemius.pl/gplayer.js
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx2.host.hit.gemius.pl
Software
GHC /
Resource Hash
f3510b72652f0c4e4a324901bb4cb5aae73fdd76c1e6135a67187f6f14fe2a7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 10:11:55 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
5965
expires
Tue, 23 Nov 2021 00:17:37 GMT
SourceSansPro-Regular.ttf
www.lrt.lt/fonts/SourceSansPro/
287 KB
134 KB
Font
General
Full URL
https://www.lrt.lt/fonts/SourceSansPro/SourceSansPro-Regular.ttf
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/css/app.css?v=493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
71d10a86b4c54a5a9c0c8b467e53ac67d79edb96c956e4e9f65a7074dfb9992a

Request headers

Referer
https://www.lrt.lt/css/app.css?v=493
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
156
x-cache
HIT
x-cache-hits
2
alt-svc
clear
content-length
136496
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 20:19:59 GMT
server
shield
etag
"60cbae6f-47a8c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
445778679 448627392
x-shield-request-id
cc8c0dc428479b17b22e6c5a58cbf28c
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/x-font-ttf
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 17 Nov 2022 16:47:28 GMT
iconFont10.woff2
www.lrt.lt/fonts/SvgIconFont/
5 KB
5 KB
Font
General
Full URL
https://www.lrt.lt/fonts/SvgIconFont/iconFont10.woff2
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/css/app.css?v=493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
5d284de8bbb671ca93bd8f784d9ea7d82a5b3c451b304a8773690777b017d5ce

Request headers

Referer
https://www.lrt.lt/css/app.css?v=493
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
180
x-cache
HIT
alt-svc
clear
content-length
5464
pragma
public
access-control-allow-origin
*
expires
Thu, 17 Nov 2022 16:47:28 GMT
last-modified
Thu, 17 Jun 2021 20:19:59 GMT
server
shield
etag
"60cbae6f-1558"
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
448889653 437192052
x-shield-request-id
4b6b6ce051b7bbe9806ba8f0c1cb8809
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/font-woff2
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits
1
SourceSansPro-SemiBold.ttf
www.lrt.lt/fonts/SourceSansPro/
285 KB
133 KB
Font
General
Full URL
https://www.lrt.lt/fonts/SourceSansPro/SourceSansPro-SemiBold.ttf
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/css/app.css?v=493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
1abd7bd14daea0c793865e0df0e17b3f07ec1cbf22855676c4716726b930f17e

Request headers

Referer
https://www.lrt.lt/css/app.css?v=493
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
50
x-cache
HIT
x-cache-hits
2
alt-svc
clear
content-length
135836
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 20:19:59 GMT
server
shield
etag
"60cbae6f-47418"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
443353155 452329758
x-shield-request-id
199c764818aa78111f617d6fab111204
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/x-font-ttf
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 17 Nov 2022 16:44:56 GMT
chartbeat.js
static.chartbeat.com/js/
36 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 10:47:43 GMT
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 00:27:20 GMT
server
nginx
age
5394
etag
W/"6179ee68-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
swKpld6JUlvhHg31a2DlvF6opXkNjYzYZfRMOljfkBO7RDOAA7z4OQ==
expires
Mon, 22 Nov 2021 12:47:43 GMT
sdk.js
connect.facebook.net/en_EN/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_EN/sdk.js
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c7ead3280b587256c34a562f03d328f1ea3c042fe24bef25266f25fd689b6523
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
CqcthzFgTTgZQAE4WPKYlw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1684
x-fb-rlafr
0
x-fb-debug
RYYhcYJWTKIYDximjGjZIEXC1bjR81xVERXBjKFAu8BTj7a96Pdi66MqcIsGcadatoVFwF9oDsRu8hhqYacUZg==
x-fb-trip-id
2050670934
x-fb-content-md5
d1d2e6f8e5a838972d63e6f5e7065b9e
x-frame-options
DENY
date
Mon, 22 Nov 2021 12:17:37 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"6fc1186c17c29761babad8df3145bff4"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 22 Nov 2021 12:31:28 GMT
PlayfairDisplay-Regular.ttf
www.lrt.lt/fonts/PlayfairDisplay/
205 KB
98 KB
Font
General
Full URL
https://www.lrt.lt/fonts/PlayfairDisplay/PlayfairDisplay-Regular.ttf
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/css/app.css?v=493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
844b4c3b02e307318abb61d8ebd55bfb8e19304515075fd8af06af099480191e

Request headers

Referer
https://www.lrt.lt/css/app.css?v=493
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
13
x-cache
HIT
x-cache-hits
1
alt-svc
clear
content-length
99737
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 20:19:59 GMT
server
shield
etag
"60cbae6f-33520"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
445778872 447120439
x-shield-request-id
2adae76b94e3946ac6eb7a0ddd3f7a90
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/x-font-ttf
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 17 Nov 2022 16:47:53 GMT
SourceSansPro-Italic.ttf
www.lrt.lt/fonts/SourceSansPro/
93 KB
49 KB
Font
General
Full URL
https://www.lrt.lt/fonts/SourceSansPro/SourceSansPro-Italic.ttf
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/css/app.css?v=493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
1b78bc1c8104348e13fcc043331926f818ce290556350b1a90a735fe038c73d4

Request headers

Referer
https://www.lrt.lt/css/app.css?v=493
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
7
x-cache
HIT
x-cache-hits
2
alt-svc
clear
content-length
49566
via
1.1 varnish (Varnish/5.2), 1.1 google
pragma
public
access-control-allow-origin
*
last-modified
Thu, 17 Jun 2021 20:19:59 GMT
server
shield
etag
"60cbae6f-17260"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-varnish
448627450 437192345
x-shield-request-id
8e6281f2b902bc0b3af075abc355c509
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/x-font-ttf
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 17 Nov 2022 16:45:00 GMT
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/
344 KB
116 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 Nov 2021 12:17:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
60 B
705 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.lrt.lt
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2a4d9ca7cb0fe2ccf0eaa34d5a0274fd1490e4f6de8b2b8b443bfc8fe046fc1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69
x-xss-protection
0
expires
Mon, 22 Nov 2021 12:17:37 GMT
jquery.min.js
cdn.mailerlite.com/ajax/libs/jquery/1.8.3/
91 KB
34 KB
Script
General
Full URL
https://cdn.mailerlite.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v4a60e9ef938a7fa0240ac9ba567062cb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:39f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5541
last-modified
Wed, 06 Oct 2021 11:38:32 GMT
server
cloudflare
etag
W/"615d8ab8-16dc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=432000
cf-ray
6b22187fee973747-MXP
expires
Sat, 27 Nov 2021 12:17:37 GMT
collect
pipe-collect.ebu.io/v3/
2 B
459 B
XHR
General
Full URL
https://pipe-collect.ebu.io/v3/collect?s=ltlrt00000000050
Requested by
Host: peach-static.ebu.io
URL: https://peach-static.ebu.io/peach-collector-1.x.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.27.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-27-153.eu-west-1.compute.amazonaws.com
Software
Python/3.9 aiohttp/3.8.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.lrt.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 22 Nov 2021 12:17:37 GMT
server
Python/3.9 aiohttp/3.8.0
content-length
2
content-type
application/json; charset=utf-8
collect
pipe-collect.ebu.io/v3/ Frame
0
0
Preflight
General
Full URL
https://pipe-collect.ebu.io/v3/collect?s=ltlrt00000000050
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.27.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-27-153.eu-west-1.compute.amazonaws.com
Software
Python/3.9 aiohttp/3.8.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.lrt.lt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
access-control-allow-headers
Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
server
Python/3.9 aiohttp/3.8.0
sdk.js
connect.facebook.net/en_US/
290 KB
82 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=9eaf0db4fcdcf167339d07f8cbca5ec9
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_EN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
753566f45ae52e8012048ed19dd61eeeccad1ec46173bf47bc887b052e9d4591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.lrt.lt/
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
shT1khbyShNfuKoUIeokUA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
84313
x-fb-rlafr
0
x-fb-debug
xT3ZM1T/rs8EL2Q5z8VzAtccph2Wfd2jN+4ivjstXyVJM3Piq3NwcuElqBqEH7L2NTgRkCxECgcxDz90WvXDeg==
x-fb-content-md5
d3ad2d4768b2fd94a870d4046e694aa1
x-frame-options
DENY
date
Mon, 22 Nov 2021 12:17:37 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"e0d12d4f75010255b6a99ebab9ff86bd"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 22 Nov 2022 12:11:28 GMT
/
www.lrt.lt/servisai/orai/
234 B
505 B
XHR
General
Full URL
https://www.lrt.lt/servisai/orai/?code=vilnius
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/js/app.js?v=493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield / PHP/7.2.27
Resource Hash
c4995aa22bbb6ed7208c5da6f317c4f69248094e3c1b60e2f10b00040b658d98

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-path
old
access-control-allow-origin
*
x-powered-by
PHP/7.2.27
x-php-path
orai
alt-svc
clear
via
1.1 google
server
shield
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json;charset=utf-8
x-shield-request-id
57cd95c828c605796902b55f9cbc0742
cache-control
max-age=60, public, must-revalidate, proxy-revalidate, no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
counter
www.lrt.lt/api/
43 B
203 B
Image
General
Full URL
https://www.lrt.lt/api/counter?id=1543240
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
public
date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
server
shield
age
0
x-cache
MISS
x-varnish
712395702
x-shield-request-id
c93b44dc7dac85371f59a79a7f949fd6
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, public, max-age=15
accept-ranges
bytes
content-type
image/gif
alt-svc
clear
content-length
43
x-cache-hits
0
1543240
www.lrt.lt/servisai/lrt-article-similar/
695 B
537 B
XHR
General
Full URL
https://www.lrt.lt/servisai/lrt-article-similar/1543240
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/js/jquery/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
f297fa7564c5555ad9c0825cf6f1d33cc395122b6cdb830702a82a297a9326da

Request headers

Accept
*/*
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
server
shield
vary
Accept-Encoding
content-type
application/json
x-shield-request-id
9c26b16b5f5524b97fabaa4070daec56
x-path
old
cache-control
no-cache
alt-svc
clear
via
1.1 google
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=lrt.lt&p=%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&u=D65AJiBXHFXPB2LC0Q&d=lrt.lt&g=65978&g0=News%2Cnaujienos&g1=RFE%2FRL&g4=news_article&n=1&f=00001&c=0&x=0&m=0&y=6218&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=624&t=CWVA1zCITU6IvRDb_CZBFSRQd-5H&V=129&i=Belarus%20state-backed%20hackers%20target%20Lithuania%20%E2%80%93%20report%20-%20LRT&tz=0&sn=1&sv=LQIsLCJ90hoCg5ppkDutiJUBsrYLQ&sd=1&im=067b0fff&_
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.50.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-50-180.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 12:17:37 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
gemiuslib.js
galt.hit.gemius.pl/
38 KB
10 KB
Script
General
Full URL
https://galt.hit.gemius.pl/gemiuslib.js
Requested by
Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/gplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx2.host.hit.gemius.pl
Software
GHC /
Resource Hash
6cd5c62afebde0aee13f7d3892484422016eacf590893ce200b31f86789b8497

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 10:11:55 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10489
expires
Tue, 23 Nov 2021 00:17:37 GMT
1126241-173216-393x221.jpg
www.lrt.lt/img/2021/11/20/
29 KB
29 KB
Image
General
Full URL
https://www.lrt.lt/img/2021/11/20/1126241-173216-393x221.jpg
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
111e41190ee1a870349921f8ad1fe7d722fcc17f8d7cccfe9089ba0851f76eae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
42
x-cache
HIT
alt-svc
clear
content-length
29989
pragma
public
last-modified
Mon, 22 Nov 2021 09:22:04 GMT
server
shield
etag
"619b613c-7525"
x-varnish
707847000 707233743
x-shield-request-id
12410b733c07d39eb4a11a6a946ade95
expires
Tue, 22 Nov 2022 09:23:54 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1
851225-345414-393x221.jpg
www.lrt.lt/img/2021/03/24/
14 KB
14 KB
Image
General
Full URL
https://www.lrt.lt/img/2021/03/24/851225-345414-393x221.jpg
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
fe338c6ff92c36650313fce6601694fed79cfc1c65ced5b6a9e209e6aa3a15c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
51
x-cache
HIT
alt-svc
clear
content-length
14411
pragma
public
last-modified
Thu, 25 Mar 2021 19:08:56 GMT
server
shield
etag
"605cdfc8-384b"
x-varnish
707954257 705047925
x-shield-request-id
a5e61fb0214c7237e0892328f551b779
expires
Tue, 22 Nov 2022 06:53:44 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1
1128344-618111-393x221.jpg
www.lrt.lt/img/2021/11/21/
21 KB
21 KB
Image
General
Full URL
https://www.lrt.lt/img/2021/11/21/1128344-618111-393x221.jpg
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
c37250fa44b6a219fdcf7c1dcfc3a7f1f03b45532aac744fff2bc840d73a2ef0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
47
x-cache
HIT
alt-svc
clear
content-length
21702
pragma
public
last-modified
Mon, 22 Nov 2021 03:31:01 GMT
server
shield
etag
"619b0ef5-54c6"
x-varnish
662830874 687866713
x-shield-request-id
1983f972837f0c325b9a13f69705fd5e
expires
Tue, 22 Nov 2022 03:37:21 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1
1127574-789785-393x221.jpg
www.lrt.lt/img/2021/11/21/
13 KB
13 KB
Image
General
Full URL
https://www.lrt.lt/img/2021/11/21/1127574-789785-393x221.jpg
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
353aac3b230054bcda81a1ab1b23f049c0e548bdd74dcc05d0296720cb140877

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
1794
x-cache
HIT
alt-svc
clear
content-length
13031
pragma
public
last-modified
Sun, 21 Nov 2021 11:32:09 GMT
server
shield
etag
"619a2e39-32e7"
x-varnish
707416857 703592788
x-shield-request-id
b9cd76061eeaa4ba23959e2c20523f46
expires
Tue, 22 Nov 2022 06:04:48 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1
964001-876239-393x221.jpg
www.lrt.lt/img/2021/05/07/
17 KB
17 KB
Image
General
Full URL
https://www.lrt.lt/img/2021/05/07/964001-876239-393x221.jpg
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
73b380295d3b05124e8a42480fc348b0b699189efd3ebd4036cf7109f7bd10b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
3388
x-cache
HIT
alt-svc
clear
content-length
17392
pragma
public
last-modified
Sun, 23 May 2021 01:12:46 GMT
server
shield
etag
"60a9ac0e-43f0"
x-varnish
709398449 708756102
x-shield-request-id
c81812e788299637258922ec8506a3a2
expires
Tue, 22 Nov 2022 06:55:24 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1
1050601-572923-393x221.jpg
www.lrt.lt/img/2021/09/09/
19 KB
19 KB
Image
General
Full URL
https://www.lrt.lt/img/2021/09/09/1050601-572923-393x221.jpg
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
e9e327ee8f5c71a86b38a312a98ebf7d929ac552b629374504c2784d50763bba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
2206
x-cache
HIT
alt-svc
clear
content-length
19450
pragma
public
last-modified
Thu, 09 Sep 2021 12:16:34 GMT
server
shield
etag
"6139fb22-4bfa"
x-varnish
707405897 708349953
x-shield-request-id
bc309866de27a19670d11710837c369e
expires
Tue, 22 Nov 2022 04:32:54 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
2
1123552-227414-393x221.jpg
www.lrt.lt/img/2021/11/19/
18 KB
18 KB
Image
General
Full URL
https://www.lrt.lt/img/2021/11/19/1123552-227414-393x221.jpg
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
71ebde52c615f8c3ef5edb135d364b2534535742c57d5426a9a562052a7dd8b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
964
x-cache
HIT
alt-svc
clear
content-length
18703
pragma
public
last-modified
Fri, 19 Nov 2021 09:54:50 GMT
server
shield
etag
"6197746a-490f"
x-varnish
707505908 708679172
x-shield-request-id
e98728d094dfe23277f68ee2b57c8fc9
expires
Tue, 22 Nov 2022 04:45:25 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1
414044-895815-393x221.jpg
www.lrt.lt/img/2019/04/19/
22 KB
22 KB
Image
General
Full URL
https://www.lrt.lt/img/2019/04/19/414044-895815-393x221.jpg
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
464f1a14384b48eb7212f82462d2006a1fc22c7ed5d548882ec7bb1b4b434b4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
1829
x-cache
HIT
alt-svc
clear
content-length
22461
pragma
public
last-modified
Fri, 19 Apr 2019 13:42:44 GMT
server
shield
etag
"5cb9d054-57bd"
x-varnish
707138652 706440523
x-shield-request-id
cbd5c0b9bd827a0d90fcd5b198dc92a0
expires
Tue, 22 Nov 2022 04:32:54 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1
780034-516719-393x221.jpg
www.lrt.lt/img/2020/11/24/
20 KB
21 KB
Image
General
Full URL
https://www.lrt.lt/img/2020/11/24/780034-516719-393x221.jpg
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
79597591b02310159ee0a6bbaa71a613c18d676aae6fb965322be43f26429e10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 varnish (Varnish/5.2), 1.1 google
age
201
x-cache
HIT
alt-svc
clear
content-length
20878
pragma
public
last-modified
Tue, 24 Nov 2020 13:59:48 GMT
server
shield
etag
"5fbd11d4-518e"
x-varnish
688001057 691174136
x-shield-request-id
bd8b2beee38e7be276c611d52f41f3a6
expires
Tue, 22 Nov 2022 04:56:19 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1
ml_jQuery.inputmask.bundle.min.js
static.mailerlite.com/js/w/
69 KB
21 KB
Script
General
Full URL
https://static.mailerlite.com/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1
Requested by
Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v4a60e9ef938a7fa0240ac9ba567062cb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:29f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray
6b2218809b7f59c5-MXP
date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 17 Nov 2021 12:43:24 GMT
server
cloudflare
age
5722
etag
W/"6194f8ec-1153a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=432000
strict-transport-security
max-age=63072000
content-encoding
br
expires
Sat, 27 Nov 2021 12:17:37 GMT
/
www.facebook.com/tr/
44 B
407 B
Image
General
Full URL
https://www.facebook.com/tr/?id=470743216272990&ev=fb_page_view&dl=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&rl=&if=false&ts=1637583457377&sw=1600&sh=1200&at=
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 22 Nov 2021 12:17:37 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lrt.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lrt.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
49 KB
18 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1070715641770427&correlator=2502261385803527&output=ldjh&impl=fifs&eid=21068031&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211122&iu_parts=21713852842%2CEnglish_1200x250_1%2CEnglish_300x600_1%2CEnglish_300x250_text_1%2CEnglish_300x250_text_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1200x250%7C1024x120%7C970x250%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%2C300x600%7C300x250%2C300x250%2C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1637583457&dt=1637583457413&dlt=1637583456999&idt=384&frm=20&biw=1600&bih=1200&oid=2&adxs=140%2C1040%2C170%2C170&adys=210%2C260%2C1771%2C3004&adks=3972353004%2C1443132858%2C3502202330%2C1601815142&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x0%7C359x0%7C300x40%7C300x40&msz=1320x0%7C359x0%7C300x0%7C300x0&ga_vid=669667427.1637583457&ga_sid=1637583457&ga_hid=837041523&ga_fc=false&fws=4%2C4%2C4%2C4&ohw=1320%2C359%2C300%2C300&btvi=0%7C0%7C1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a902f61b44a477edd8f8489e492bc374ffac80afcc69e6d661fe743e5bca9e0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18461
x-xss-protection
0
google-lineitem-id
5836510996,-2,5398963436,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138371538372,-2,138272952613,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lrt.lt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7EF4
6 KB
4 KB
Document
General
Full URL
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 22 Nov 2021 12:17:37 GMT
expires
Tue, 22 Nov 2022 12:17:37 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fpdata.js
galt.hit.gemius.pl/
275 B
389 B
Script
General
Full URL
https://galt.hit.gemius.pl/fpdata.js?href=www.lrt.lt
Requested by
Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx2.host.hit.gemius.pl
Software
GHC /
Resource Hash
fa120b5915bd5d27c11fb691ea11fa92bfa751da659b09d9fbdc0a3ee9c0568d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
275
expires
Wed, 22 Dec 2021 12:17:37 GMT
lsget.html
ls.hit.gemius.pl/ Frame 1830
5 KB
3 KB
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/gemiuslib.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS
ip108.ip-146-59-30.eu
Software
GHC /
Resource Hash
7f4ac534f6b7fc130ff62b935b8dcbc61b2495ac99011356de16a8805d0513f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
expires
Wed, 22 Dec 2021 12:17:37 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2718
content-encoding
gzip
container.html
2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F66B
6 KB
3 KB
Document
General
Full URL
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 22 Nov 2021 12:17:37 GMT
expires
Tue, 22 Nov 2022 12:17:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6CF8
6 KB
3 KB
Document
General
Full URL
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 22 Nov 2021 12:17:37 GMT
expires
Tue, 22 Nov 2022 12:17:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame F66B
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
server
cafe
etag
9525834815172239946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Dec 2021 12:15:25 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F66B
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 11:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 22 Nov 2022 11:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F66B
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Nov 2021 12:17:37 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6CF8
22 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 11:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 22 Nov 2022 11:48:44 GMT
5dcc95ea35753170c2955994a6fea7c948ffb283.png
bucket.mlcdn.com/a/1239/1239192/templates/39/39540/ Frame 6CF8
3 KB
3 KB
Image
General
Full URL
https://bucket.mlcdn.com/a/1239/1239192/templates/39/39540/5dcc95ea35753170c2955994a6fea7c948ffb283.png
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912b5cc286400ff7896b5f8d61268987af954c1ca352bb2f1f2f3cac40c8cede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
cf-cache-status
HIT
age
6008
cf-polished
origFmt=png, origSize=3874
cf-ray
6b221881ffba3742-MXP
content-disposition
inline; filename="5dcc95ea35753170c2955994a6fea7c948ffb283.webp"
content-length
2998
x-amz-id-2
AaaqossjVFMuSDTy5GEq80t49g9OZ/DK+lM+kjK4Rq1dm69xrzf76MG6AzQXQHGJo283NjhZUGw=
last-modified
Mon, 10 Jun 2019 06:54:51 GMT
server
cloudflare
etag
"03c8552d0f0c99514b5b3999fafaff9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
CDJ4TBW494P19EK0
cache-control
max-age=691200
x-amz-version-id
null
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
c1n5l9
track.mailerlite.com/webforms/o/1352738/ Frame 6CF8
43 B
95 B
Image
General
Full URL
https://track.mailerlite.com/webforms/o/1352738/c1n5l9?vd890ed88b3a28c805acc70e1a88fa27c
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:39f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6b221881fb283747-MXP
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/gif
webforms.min.js
static.mailerlite.com/js/w/ Frame 6CF8
8 KB
2 KB
Script
General
Full URL
https://static.mailerlite.com/js/w/webforms.min.js?vd890ed88b3a28c805acc70e1a88fa27c
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:29f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e2a7a2ade753679e8f8c4fd4eae75a99ccb4e87dfc3c91577db453812e9a8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray
6b221881ff2159c5-MXP
date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 17 Nov 2021 12:43:24 GMT
server
cloudflare
age
1158
etag
W/"6194f8ec-209f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=432000
strict-transport-security
max-age=63072000
content-encoding
br
expires
Sat, 27 Nov 2021 12:17:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6CF8
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Nov 2021 12:17:37 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame F66B
109 KB
38 KB
Script
General
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
Origin
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 15:59:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Nov 2021 15:59:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6CF8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSR_2Tyqto23gGoID7P8comi4_s9SI5QG1f8O49d1ceXTJc2aWdIQdakQu2BgWE9A-0isOYaU1lQ80nFTCimJUloYuheaoKyEGdWWHJ_E6ghdSJF4dbBK5njSj3GG4VcYRq4pstCt8GsmTvSMVm648dzjKKfGgIy0dvwLkWOS67knU9XVE7kNcWUSMuoTqNvE5X38ch5Ps2KDqWkOFwkxQdY1QrDhgHBDV5Yw8mmhfH1gg9c3_j-3gwySc2JRckUPAhEfURR0GB9cxMHqcqK-_s8JssU7fTOLF6ThwQDn0E4BJgZpbLhElTkBcHAW20zM&sai=AMfl-YSSX-MLCfUsGwRV_iLlbuAARePBgcrpU9w-C004M9GqHqF4aQRd1igzXvf090tmnbuaxn8Y76O8rtWf1y6Svv8hHrEhPIF5VEFhe5xTI5l_0HNc5GXS0eFwaqN-UXk&sig=Cg0ArKJSzJeBJzYc-MrtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 12:17:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 22 Nov 2021 12:17:37 GMT
jquery.min.js
cdn.mailerlite.com/ajax/libs/jquery/1.8.3/ Frame 6CF8
91 KB
34 KB
Script
General
Full URL
https://cdn.mailerlite.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?vd890ed88b3a28c805acc70e1a88fa27c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:39f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5541
last-modified
Wed, 06 Oct 2021 11:38:32 GMT
server
cloudflare
etag
W/"615d8ab8-16dc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=432000
cf-ray
6b2218825c463747-MXP
expires
Sat, 27 Nov 2021 12:17:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6CF8
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEQ0HGvmAT1OYMCnCGXhoaziAKBMxLxM79ouEA4Y-bGbptyFtE9Bnawd_srUBIxWRXw4crjXtB-uiGN-PzFCom8XkG4zdW9jGxe18RWHvcQnPHj6Q76o28RamaqX7qGA5jqVlOVHp6kNBpUgh3bPA2_BPLS_d1NdaX9l4ijybSJByju9piNbquqr7wW47OMfeIK71B17uT69jJ2GVAMblAJ5RJcuny8940VBVTjYo6BEw8p6UUR8zQMfal5gxXridmSG6itzpLlRwgYg00NBS6L4eZpF9PgoNLR20N6b5PNtBhpBIbZ7dPlE0py2Td8FU5rg&sai=AMfl-YTIDJfcP0vwwNhlbE6rsBnCfndPYTYXz9WqR9-5veQ1MlU4QtyP_jyaj4dZkib9gblMOt9GBBPl85DCS33T0ct6S7tXoDrL5jvV5-4sktqr-rVdDmWuS-0qCY-SOSI&sig=Cg0ArKJSzJX07X3iE2dbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 12:17:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 22 Nov 2021 12:17:37 GMT
truncated
/ Frame 6CF8
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afca830465512d8cf3a82ee6547839916376555086354a9ba1ec315c9608483c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
1200x250.html
s0.2mdn.net/dfp/1783495/5092517171/1637059725003/ Frame 5A12
5 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/dfp/1783495/5092517171/1637059725003/1200x250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b235807306b0443becdef29b6a84c023a79410bb8b4d8030c5f2ec540bf0d3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2133
date
Mon, 22 Nov 2021 07:04:42 GMT
expires
Tue, 23 Nov 2021 07:04:42 GMT
last-modified
Tue, 16 Nov 2021 10:48:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
18775
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame F66B
0
23 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8C8cybpnn9ZkafL12s6KhYVOxz1-83OY-Y0zaLBRG6ou-QFHWttrM2Wf8p10vSAZAZpF9bTOseZns-NOjaPBJVZSMBi--8hoFqH7IdBKvK4bl1Ivs--RvfVM6_yaynDnfwIVEtw5tKArAqRWOsDIoH98nlr44qzY1YnMqnux8JfYbVkSgJxaeAvqgDkTgnLzR-ZPJljnbTWRiXr3nxq4a3MGamW-0pA81B2z46ruSy9kc59RIaio8DdZBmHBGWr6bUiduoUhpBg5SaDUES_ZGZ11b_E83Wnz3sp8oPVfauI_tYOhhe3R2YTc2Dg&sai=AMfl-YT5Hw0mK61li1UvWyZ9hObPZloC5D4p8jw9Sai83FJmHxSz11oknfIriBN45KT4sJvNoFSJKm78k546jxAJQjIJp4MU0bMGQ0DXjPgIrOmLv1wRzb4nozL1JQVicFk&sig=Cg0ArKJSzGbZJ9sz2zraEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
URL: https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 12:17:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ml_jQuery.inputmask.bundle.min.js
static.mailerlite.com/js/w/ Frame 6CF8
69 KB
21 KB
Script
General
Full URL
https://static.mailerlite.com/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1
Requested by
Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?vd890ed88b3a28c805acc70e1a88fa27c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:29f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray
6b221882f97d59c5-MXP
date
Mon, 22 Nov 2021 12:17:37 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 17 Nov 2021 12:43:24 GMT
server
cloudflare
age
5722
etag
W/"6194f8ec-1153a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=432000
strict-transport-security
max-age=63072000
content-encoding
br
expires
Sat, 27 Nov 2021 12:17:37 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5A12
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1783495/5092517171/1637059725003/1200x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/1783495/5092517171/1637059725003/1200x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Nov 2021 12:17:37 GMT
1200x250.js
s0.2mdn.net/dfp/1783495/5092517171/1637059725003/ Frame 5A12
86 KB
18 KB
Script
General
Full URL
https://s0.2mdn.net/dfp/1783495/5092517171/1637059725003/1200x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1783495/5092517171/1637059725003/1200x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e641ae81d8c77f392b4a33a8106d42b7c8b7567b5d985f75566c82113a0daa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/1783495/5092517171/1637059725003/1200x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 17:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17900
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 10:48:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 Nov 2021 17:14:26 GMT
similar
www.lrt.lt/api/article/
7 KB
2 KB
XHR
General
Full URL
https://www.lrt.lt/api/article/similar?ids=1490359%2C1489046%2C1485453%2C1153504%2C1470451%2C1383234%2C1164188%2C1539707%2C1538374%2C1154117&lang=en&count=3
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/js/jquery/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.140.185 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
185.140.244.35.bc.googleusercontent.com
Software
shield /
Resource Hash
cfc8ce26f87d1574a7cfa0bf393c1771d57edf7278a9e74afa5c9b9d3e5edef6

Request headers

Accept
*/*
Referer
https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
age
2166
x-cache
HIT
x-shield-request-id
0ba275b97cd9cbc26627fe7a0cab38f8
alt-svc
clear
content-length
1539
pragma
public
server
shield
vary
Accept-Encoding
x-varnish
713070458 712442241
via
1.1 varnish (Varnish/5.2), 1.1 google
charset
utf-8
cache-control
public, max-age=15
accept-ranges
bytes
content-type
application/json
x-cache-hits
1
view
securepubads.g.doubleclick.net/pcs/ Frame F66B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssudiAnYJcq15_dlaI5ExWS0D2Q37JU4inrNXyd-mLpnkICSM-2sQupr0a-EE9YSz4KZu8Jfa4W6-9m8RBwGP0rbsOymAeb0bYxZc5S9NYn2El-QccBR8AUKlKBnEHh8niE7_p2lfEouN0Cv6Iw6BP7lV4WwZ6bXjlfoGLMlu64UCeu5jabprz6cYZ6V_zuRBx8QUmv2nxe5AjTRJSQTJWQ2T-AaaLcJMQ2HvWkFZU4tYj2TsZB0X3rk7nkD6QhaXsi_e3Pewnds6_DPZtZL71FoTrdQHirky73IN9pAJepHw47EnbRJn2r9tSGTnG1&sai=AMfl-YSsLHhblMJ-LGL9IVbAnj1_v5u4A18GSil5YHILgfDYIW8hyhf7BjVcYaXHX9hKUnIn_FMteqQzq8h3wi1FSyppmRIzNeF5b60OrMH2vzAMlHDv0d0RTdkXIwMSpJA&sig=Cg0ArKJSzPL50N8O-0GyEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 12:17:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 22 Nov 2021 12:17:37 GMT
gtm.js
www.googletagmanager.com/
154 KB
55 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNQ95HK
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
582ce2e18b29e0581669b38d40edcc1f7a0b6a2b9f8e6f43f3d52725a28bf8e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55676
x-xss-protection
0
last-modified
Mon, 22 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Nov 2021 12:17:37 GMT
api.js
www.google.com/recaptcha/
884 B
999 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LcThNcUAAAAABDTmIZlL_eA5BLeCrP3J6gkzEem
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/js/app.js?v=493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7ebc1b710ee70be8045e365811722ab074a83ba861cff48c4a3076adb109a712
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 12:17:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/
12 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34e4c250f17c68c84d35e8d1bb53b8a2bf80a060a5c29d115e169605c2ad4406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9362
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/
347 KB
136 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcThNcUAAAAABDTmIZlL_eA5BLeCrP3J6gkzEem
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lrt.lt/
Origin
https://www.lrt.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138691
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Tue, 22 Nov 2022 12:06:05 GMT
js
www.googletagmanager.com/gtag/
163 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0HK3QSMV3W&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNQ95HK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
778b391aeb33c77998e214983e5a69a9bfd61235c83840eee904e159502ce37a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61761
x-xss-protection
0
expires
Mon, 22 Nov 2021 12:17:37 GMT
uc.js
consent.cookiebot.com/
90 KB
20 KB
Script
General
Full URL
https://consent.cookiebot.com/uc.js?cbid=e0ca2892-4a24-423b-a9ab-7bee8a6197ac
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNQ95HK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c0404de34dcf6c1a11bee30014d03a955005654582dd1b1799a924bad7b56428

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 12:26:28 GMT
server
Microsoft-IIS/10.0
etag
"0b2898277dcd71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=389
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges
bytes
content-length
20067
expires
Mon, 22 Nov 2021 12:24:06 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNQ95HK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4590
date
Mon, 22 Nov 2021 11:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 22 Nov 2021 13:01:07 GMT
fbevents.js
connect.facebook.net/en_US/
98 KB
25 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
5iD3d2URIUHhQMiGVjJl/24fqxdcwQsLqwiG82LVKvQ+gmZblzUIn/1mfPfsCXZb8tULYGdf7ZQsX7NQLAVrmw==
x-frame-options
DENY
date
Mon, 22 Nov 2021 12:17:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
xgemius.js
galt.hit.gemius.pl/
40 KB
11 KB
Script
General
Full URL
https://galt.hit.gemius.pl/xgemius.js
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx2.host.hit.gemius.pl
Software
GHC /
Resource Hash
0f94f262142bd783259bfd6292bd3f2691b725489e5c5aea82903dc1c4e75f17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 10:11:55 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Tue, 23 Nov 2021 00:17:37 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
5 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.lrt.lt
URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 12:17:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=31667
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 22 Nov 2021 12:17:37 GMT
585570225148573
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/585570225148573?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb742c4fa4303e148268cfce5806949fbea858903970f056152b426ff96dab66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88989
x-xss-protection
0
pragma
public
x-fb-debug
emTkTvyLmkEFaVkZ2Z5jLjBsA7F+z2S1Cu2pRnEEyBvIzU+H23xam1Tz3OWRVq8p/yS5RVXF/iqVxTcEotmLyg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 22 Nov 2021 12:17:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7CE6
39 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcThNcUAAAAABDTmIZlL_eA5BLeCrP3J6gkzEem&co=aHR0cHM6Ly93d3cubHJ0Lmx0OjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pbdw9qfkky8r
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7a922ee9de1fa7fe2cf6250132913f72a66ed0498ac78fffb15455568ee83c4e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FK9MU+c/oworvGB8oToQlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 22 Nov 2021 12:17:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-FK9MU+c/oworvGB8oToQlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20251
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=837041523&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&ul=en-us&de=UTF-8&dt=Belarus%20state-backed%20hackers%20target%20Lithuania%20%E2%80%93%20report%20-%20LRT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1698332985&gjid=306493772&cid=669667427.1637583457&tid=UA-32330301-1&_gid=1562871892.1637583458&_r=1&gtm=2wgba1NNQ95HK&z=2085614349
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lrt.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 12:17:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lrt.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E0CA
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 22 Nov 2021 11:49:25 GMT
expires
Tue, 22 Nov 2022 11:49:25 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9C50
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
38e738af2a800d2acb2acca84572627e9b89a810bc779b5662c57ffa408a5489
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pcY10mwEE2PwffOR9/CAQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 22 Nov 2021 12:17:38 GMT
date
Mon, 22 Nov 2021 12:17:38 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-pcY10mwEE2PwffOR9/CAQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rexdot.js
galt.hit.gemius.pl/__/_1637583458039/
Redirect Chain
  • https://galt.hit.gemius.pl/_1637583458039/rexdot.js?l=100&id=.X1F.W7YfbCXbxjdU_sbZLcf.fM8IC_wGI5oEaX38pP.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.lrt.lt%...
  • https://galt.hit.gemius.pl/__/_1637583458039/rexdot.js?l=100&id=.X1F.W7YfbCXbxjdU_sbZLcf.fM8IC_wGI5oEaX38pP.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.lrt....
167 B
423 B
Script
General
Full URL
https://galt.hit.gemius.pl/__/_1637583458039/rexdot.js?l=100&id=.X1F.W7YfbCXbxjdU_sbZLcf.fM8IC_wGI5oEaX38pP.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=128&lsdata=epxrCHpqxrl6shQnSI2xZBnJshUZin4n8wvggxp.w73.57V7vUskJkllkUQE88QEcEvT4_gXX3V7rJOtyDApUaXJcvYw/pMfA0Z1gupIq_/&fpdata=B.dlbR35TgUSHVTsZe1xQlEPKoDQmhOY7gvxWydrCq..D7&vis=1&fpcap=
Protocol
H2
Server
79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx2.host.hit.gemius.pl
Software
GHC /
Resource Hash
7a834a826f0d0563bbcd6c66b9c2fddc9dde5e4fcb93708fcc7b997d93d2a7ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 12:17:38 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
167
expires
Sun, 21 Nov 2021 12:17:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Nov 2021 12:17:38 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1637583458039/rexdot.js?l=100&id=.X1F.W7YfbCXbxjdU_sbZLcf.fM8IC_wGI5oEaX38pP.o7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=128&lsdata=epxrCHpqxrl6shQnSI2xZBnJshUZin4n8wvggxp.w73.57V7vUskJkllkUQE88QEcEvT4_gXX3V7rJOtyDApUaXJcvYw/pMfA0Z1gupIq_/&fpdata=B.dlbR35TgUSHVTsZe1xQlEPKoDQmhOY7gvxWydrCq..D7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sun, 21 Nov 2021 12:17:38 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3108402&time=1637583458043&url=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3108402%26time%3D1637583458043%26url%3Dhttps%253A%252F%252Fwww.lrt.lt%252Fen%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3108402&time=1637583458043&url=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-repo...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3108402&time=1637583458043&url=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-rep...
0
371 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3108402&time=1637583458043&url=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&liSync=true&e_ipv6=AQI1RP1NEp9cEQAAAX1HlJIPhXNrokUGu6JFTN4dy6pWt5Roi9QbW4vSCPTPTOv0gwdvadLdoA
Protocol
H2
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:39 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-lva1
content-type
application/javascript
content-length
0
x-li-uuid
0WJx1XrduRbgtA3FdSsAAA==

Redirect headers

date
Mon, 22 Nov 2021 12:17:38 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3108402&time=1637583458043&url=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&liSync=true&e_ipv6=AQI1RP1NEp9cEQAAAX1HlJIPhXNrokUGu6JFTN4dy6pWt5Roi9QbW4vSCPTPTOv0gwdvadLdoA
x-li-proto
http/2
x-li-pop
prod-lor1
content-length
0
x-li-uuid
QjMJwXrduRZQjQjS3SoAAA==
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=585570225148573&ev=PageView&dl=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&rl=&if=false&ts=1637583458062&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637583458061.101030147&it=1637583457950&coo=false&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 22 Nov 2021 12:17:38 GMT
collect
stats.g.doubleclick.net/j/
4 B
439 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-32330301-1&cid=669667427.1637583457&jid=1698332985&gjid=306493772&_gid=1562871892.1637583458&_u=YAhAAEAAAAAAAC~&z=874291846
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lrt.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 22 Nov 2021 12:17:38 GMT
content-type
text/plain
access-control-allow-origin
https://www.lrt.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
bc-v3.min.html
consentcdn.cookiebot.com/sdk/ Frame 05D6
2 KB
1 KB
Document
General
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v3.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=e0ca2892-4a24-423b-a9ab-7bee8a6197ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:281::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"b10de1f5f615a79259ac9e34f470ce1d:1615283706.572935"
last-modified
Tue, 09 Mar 2021 09:55:06 GMT
server
AkamaiNetStorage
x-akamai-transformed
9 - 0 pmb=mRUM,1
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=31535736
expires
Tue, 22 Nov 2022 12:13:14 GMT
date
Mon, 22 Nov 2021 12:17:38 GMT
content-length
895
server-timing
cdn-cache; desc=HIT edge; dur=1
styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 7CE6
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcThNcUAAAAABDTmIZlL_eA5BLeCrP3J6gkzEem&co=aHR0cHM6Ly93d3cubHJ0Lmx0OjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pbdw9qfkky8r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 11:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24065
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Tue, 22 Nov 2022 11:26:39 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 7CE6
347 KB
135 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcThNcUAAAAABDTmIZlL_eA5BLeCrP3J6gkzEem&co=aHR0cHM6Ly93d3cubHJ0Lmx0OjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pbdw9qfkky8r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138691
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Tue, 22 Nov 2022 12:06:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9C50
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=1070715641770427&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame E0CA
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 21 Nov 2021 13:20:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
82633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 21 Nov 2022 13:20:25 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-32330301-1&cid=669667427.1637583457&jid=1698332985&_u=YAhAAEAAAAAAAC~&z=1030224438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 12:17:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-32330301-1&cid=669667427.1637583457&jid=1698332985&_u=YAhAAEAAAAAAAC~&z=1030224438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 12:17:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7CE6
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 03:05:30 GMT
x-content-type-options
nosniff
age
465128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 24 Nov 2021 03:05:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7CE6
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcThNcUAAAAABDTmIZlL_eA5BLeCrP3J6gkzEem&co=aHR0cHM6Ly93d3cubHJ0Lmx0OjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pbdw9qfkky8r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 17:06:41 GMT
x-content-type-options
nosniff
age
501057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7CE6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcThNcUAAAAABDTmIZlL_eA5BLeCrP3J6gkzEem&co=aHR0cHM6Ly93d3cubHJ0Lmx0OjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pbdw9qfkky8r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 14:17:54 GMT
x-content-type-options
nosniff
age
511184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 14:17:54 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7CE6
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcThNcUAAAAABDTmIZlL_eA5BLeCrP3J6gkzEem&co=aHR0cHM6Ly93d3cubHJ0Lmx0OjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pbdw9qfkky8r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcThNcUAAAAABDTmIZlL_eA5BLeCrP3J6gkzEem&co=aHR0cHM6Ly93d3cubHJ0Lmx0OjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pbdw9qfkky8r
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 12:17:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=1070715641770427&bg=!X1ylXBjNAAZQLpa_UC47ACkAdvg8WmO_qoncmDIqVUirqpyrs482Jx1tgwOR6ycJkedaRnW99OOb4gIAAADwUgAAAAtoAQcKALVL8r1mmbBhV_C37WGOfDvVQzm6W0I8rWLVCglitX3lVS7UQufLGV4NSXbS3R4tGqeNrI72Jp_gsQPZMLw_I8vg8DFNKNXB1l9AJ1h-NnHD7EEupZRh3x5dReT0fR8si2mROJMxHBVhzm33w2WXJsKImdlKW1VVuuXcV4HDM6SZb8eM2WZeTPZurHJJ2i6VVuYe47QSUyoQVGJzVWieKabcBNWlpQ2LOHvuyrJ967umU9SSUYssmQJuQ7nukpCm2-SXo5KPRF39VtHFP5EXycNPQWscJhP0q_5iXqh0Bju7qfs6bv35CTuzwdQdeoP9JQqULUTXTpwX6_wT9ZlBc-duPUgMKMWHVgIus41VQKANiqqfaWCURVTv-YllE0mjT1o6Qu0RmPRA1Tkpq8vwsGnsxiqxlcVrUBh-7b0b77EDAy6WM8CjPShtCwwYDjmPVuaE2NNARStFdA9aGo1Rgdp7DcYjMuCvfIiCxgcJbDZoVd6BFYzL0PiZXgj06BmNUzP7w97PSmyXdUM5o-Pl_PCOKRmjPwqXxfNAWXH1WyGec-h8ATmsgNuNlPCs4mME8Ib3D_0XqY-Wf2A2M_1MY5pHBHbSnVc3Pig9BBdarmVNngWJCVQfe54MFnAd1l_aWIv_4Awc8r1gXCKcwvpyEhGoGkyJUrJA93eKncSml3Zo2BbTfn6aegW1mJ7HAR3r8ql0i9xTqkfZhs7KakNIniWwU5cAh_hQCaU-U92JM5IAkcji1j91QjLw8Kyf_dz-iC3mTd9Cl3nZ126L4VYmO3PkLIxlEEJcULUZcRvk47l6Ms-ZaPIJQKrMQis7aZV4KGDLeWiYOxM-dIFpN8DV2x875zRT_ZXGp7EqUVCJffU7NrCbBumMeQHOXtvi09OKigaPFln4iMOQvCfYROaajq7-GeDAAhil-gTGTXzrhQpHG3HsSsD4z4SyyMs7vT1KexL3V6qv7uLqZz9U2_-Hc1m9I4fahmPTILwzydlfbfKqMgLh_3NbmYk_0xsoFXmnN5eLheOQWVKnOz2Nh5Y7ZbYDaUYKB06gGH2FU78pN241F0M05IaXYQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 12:17:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0HK3QSMV3W&gtm=2oeba1&_p=837041523&sr=1600x1200&gcs=G100&ul=en-us&cid=1840959344.1637583459&_s=1&dl=https%3A%2F%2Fwww.lrt.lt%2Fen%2Fnews-in-english%2F19%2F1543240%2Fbelarus-state-backed-hackers-target-lithuania-report&dt=Belarus%20state-backed%20hackers%20target%20Lithuania%20%E2%80%93%20report%20-%20LRT&sid=1637583457&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0HK3QSMV3W&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lrt.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 12:17:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.lrt.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 09BA
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.lrt.lt
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.lrt.lt
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Mon, 22 Nov 2021 12:17:38 GMT
cc.js
consent.cookiebot.com/e0ca2892-4a24-423b-a9ab-7bee8a6197ac/
210 KB
53 KB
Script
General
Full URL
https://consent.cookiebot.com/e0ca2892-4a24-423b-a9ab-7bee8a6197ac/cc.js?renew=false&referer=www.lrt.lt&dnt=false&forceshow=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=e0ca2892-4a24-423b-a9ab-7bee8a6197ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c01ea680e175751ba0f5e1c20def6833df4224c6478775dd0ef6c080f484b1e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lrt.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 12:17:38 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private, max-age=1
access-control-allow-headers
cache-control, expires, Access-Control-Allow-Headers, Origin, Pragma, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
53676
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
truncated
/
973 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4adf8f74f2ca917a12c9eb0909c20222d55350389a2f4269d307dfb22600069a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame F66B
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSAfQ3PYsvCffWTaf1wK96Bpi-6pdsAHOyvRfmKCE6sLv9ia52XOm2Fhz1A0qbIVHkmnjbc89JvKV_Aq7hsNZ_i56zpAWdDONvYtuLR5if3whgOaax&sig=Cg0ArKJSzKAF056rPtlMEAE&id=lidar2&mcvt=1001&p=210,200,460,1400&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3972353004&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637583457538&rpt=298&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Nov 2021 12:17:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| PeachCollectorLoaded object| googletag object| gptAdSlots undefined| parentURL function| gemius_player_pending function| GemiusPlayer object| _sf_async_config function| fbAsyncInit object| lrtPhotoGallery function| ml_webform_success_1612938 object| ggeac object| google_js_reporting_queue function| ml_guid function| PeachCollector object| _pc object| FB function| $ function| jQuery object| webpackJsonp object| regeneratorRuntime object| myConfig function| Dropzone function| setImmediate function| clearImmediate function| radioPlayer object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| gemius_pending object| GemiusPlayerVisibility undefined| data undefined| obj undefined| fun undefined| args undefined| nobj undefined| attrname function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| ml_jQuery undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gemius_cmpclient object| gemius_hcconn function| Inputmask object| ampInaboxIframes object| ampInaboxPendingMessages object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| pp_gemius_identifier string| _linkedin_partner_id object| _linkedin_data_partner_ids object| GoogleGcLKhOms object| recaptcha object| closure_lm_896088 object| gaplugins object| gaData function| onYouTubeIframeAPIReady number| pp_gemius_cnt function| lintrk boolean| _already_called_lintrk function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| CookieConsent object| CookieControl object| Cookiebot object| google_image_requests object| CookiebotDialog object| CookieConsentDialog object| cookieTable object| CookieDialogInitScrollPosition

26 Cookies

Domain/Path Name / Value
.lrt.lt/ Name: _pc_c
Value: ac4c70a6-cae1-11b3-fe6f-16207312ba3b
.lrt.lt/ Name: _pc_st
Value: 1637583457249
.lrt.lt/ Name: _pc_t
Value: tracking_enabled
.lrt.lt/ Name: _pc_lr
Value: 1637583457250
www.lrt.lt/ Name: _cb_ls
Value: 1
www.lrt.lt/ Name: _cb
Value: D65AJiBXHFXPB2LC0Q
www.lrt.lt/ Name: _chartbeat2
Value: .1637583457336.1637583457336.1.LQIsLCJ90hoCg5ppkDutiJUBsrYLQ.1
www.lrt.lt/ Name: _cb_svref
Value: null
.facebook.com/ Name: fr
Value: 0WTT2ZdCCfH7GQP5D..Bhm4ph...1.0.Bhm4ph.
.lrt.lt/ Name: __gfp_64b
Value: B.dlbR35TgUSHVTsZe1xQlEPKoDQmhOY7gvxWydrCq..D7|1637583457
.lrt.lt/ Name: __gads
Value: ID=4a654338e78ddb86-22e1673bf2cb0041:T=1637583457:S=ALNI_MYyzVjWHKNbnrhbGeLA1jn5w-7JMQ
.doubleclick.net/ Name: IDE
Value: AHWqTUltAZh6dpLqhed0uLBuUiEWUuU7xTnVD3omJRHcU-vcuoSxI6952PdynRDzzJY
.lrt.lt/ Name: _ga
Value: GA1.2.669667427.1637583457
.lrt.lt/ Name: _gid
Value: GA1.2.1562871892.1637583458
.lrt.lt/ Name: _gat_UA-32330301-1
Value: 1
.lrt.lt/ Name: _fbp
Value: fb.1.1637583458061.101030147
.hit.gemius.pl/ Name: Gtest
Value: KlSSIMGGQMQGttgJdS1YvnXissGMXP8c25nSG9isPrsRgA1isG..
.hit.gemius.pl/ Name: Gdyn
Value: KlQgURMGQMQGttgJdS1YvnXissGMXP8c25nSG9isPrsRgAMiGsRPIQlGvGQpSMg8SLS8RgTSFsCBI8l8MG..
.linkedin.com/ Name: UserMatchHistory
Value: AQIN5O0bfxU_MwAAAX1HlJCS8g9p3nBsP6O7GTlTiYmwS-LHE6JuQCNkL9E22e5UbqqilwSJvIV0oA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJmU5Bo5hMezQAAAX1HlJCSplkPCMcRWEFhLGR92V-KhDJeQ1Cuoz6kcWhdh4XmhnJ4GCTORup3s3wWQlduNg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&cea1d407-82d4-497a-8040-b24c46087aa6"
.linkedin.com/ Name: lidc
Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2177:u=1:x=1:i=1637583458:t=1637669858:v=2:sig=AQHaCdp7Lnawua8T6QcxnVpG0f9KUx1J"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202111221217385a8d2f1e-5962-45fc-861e-c322f0e32010AQFvPiAdD5qpo_kpJEmSEwLZNYYqSpCT"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Mzc1ODM0NTg7MjswMjGk/BGDa98qbJdmA62hM+BglgGA7JeDjOlS03J8+kPSpQ==

5 Console Messages

Source Level URL
Text
javascript warning URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Message:
The resource https://www.lrt.lt/fonts/SourceSansPro/SourceSansPro-Regular.ttf?v=493 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Message:
The resource https://www.lrt.lt/fonts/PlayfairDisplay/PlayfairDisplay-Regular.ttf?v=493 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Message:
The resource https://www.lrt.lt/fonts/SourceSansPro/SourceSansPro-LightItalic.ttf?v=493 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Message:
The resource https://www.lrt.lt/fonts/SourceSansPro/SourceSansPro-SemiBold.ttf?v=493 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.lrt.lt/en/news-in-english/19/1543240/belarus-state-backed-hackers-target-lithuania-report
Message:
The resource https://www.lrt.lt/fonts/SvgIconFont/iconFont10.woff2?v=493 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2c0f607ec72a0847ac5d9ff719b44280.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
bucket.mlcdn.com
cdn.mailerlite.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.gstatic.com
galt.hit.gemius.pl
ls.hit.gemius.pl
pagead2.googlesyndication.com
peach-static.ebu.io
ping.chartbeat.net
pipe-collect.ebu.io
px.ads.linkedin.com
px4.ads.linkedin.com
s0.2mdn.net
securepubads.g.doubleclick.net
snap.licdn.com
static.chartbeat.com
static.mailerlite.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.mailerlite.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.lrt.lt
108.174.10.14
142.250.186.98
143.204.207.10
146.59.30.108
18.208.50.180
2600:9000:2057:6e00:18:1fcd:34f:cdc1
2606:4700:10::6816:6cb
2606:4700::6812:29f
2606:4700::6812:39f
2620:119:50e7:101::9002:e05
2620:1ec:21::14
2a00:1450:4001:801::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9a
2a02:26f0:6c00:281::f09
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba83
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.253.27.153
35.244.140.185
79.137.68.143
0297ba54fff0a052c5761457790e80dc093b93b152edee473485af46c022ad75
02e2a7a2ade753679e8f8c4fd4eae75a99ccb4e87dfc3c91577db453812e9a8d
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0f94f262142bd783259bfd6292bd3f2691b725489e5c5aea82903dc1c4e75f17
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
111e41190ee1a870349921f8ad1fe7d722fcc17f8d7cccfe9089ba0851f76eae
1abd7bd14daea0c793865e0df0e17b3f07ec1cbf22855676c4716726b930f17e
1b78bc1c8104348e13fcc043331926f818ce290556350b1a90a735fe038c73d4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
2a4d9ca7cb0fe2ccf0eaa34d5a0274fd1490e4f6de8b2b8b443bfc8fe046fc1b
2f31edf5227a313db60ed4e3a55fc01880336263ec9f3e6b4d6073d039d09a63
34e4c250f17c68c84d35e8d1bb53b8a2bf80a060a5c29d115e169605c2ad4406
353aac3b230054bcda81a1ab1b23f049c0e548bdd74dcc05d0296720cb140877
376a038489b4ddf6f472e2f87c2a75a01e588d56e3fcc9b490e465b3ff69ddfc
38e738af2a800d2acb2acca84572627e9b89a810bc779b5662c57ffa408a5489
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464f1a14384b48eb7212f82462d2006a1fc22c7ed5d548882ec7bb1b4b434b4a
4adf8f74f2ca917a12c9eb0909c20222d55350389a2f4269d307dfb22600069a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
582ce2e18b29e0581669b38d40edcc1f7a0b6a2b9f8e6f43f3d52725a28bf8e7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d284de8bbb671ca93bd8f784d9ea7d82a5b3c451b304a8773690777b017d5ce
5fc44ca6f42bab7f2ba9e2b902c5dde018249448d25cd2e2185b9f441bb2e975
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6cd5c62afebde0aee13f7d3892484422016eacf590893ce200b31f86789b8497
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
71d10a86b4c54a5a9c0c8b467e53ac67d79edb96c956e4e9f65a7074dfb9992a
71ebde52c615f8c3ef5edb135d364b2534535742c57d5426a9a562052a7dd8b1
73b380295d3b05124e8a42480fc348b0b699189efd3ebd4036cf7109f7bd10b3
753566f45ae52e8012048ed19dd61eeeccad1ec46173bf47bc887b052e9d4591
778b391aeb33c77998e214983e5a69a9bfd61235c83840eee904e159502ce37a
77995b3a3d09c72d66e7f6ba4b51553202ac882a5338be908b17a09ce1f11351
79597591b02310159ee0a6bbaa71a613c18d676aae6fb965322be43f26429e10
7a834a826f0d0563bbcd6c66b9c2fddc9dde5e4fcb93708fcc7b997d93d2a7ac
7a922ee9de1fa7fe2cf6250132913f72a66ed0498ac78fffb15455568ee83c4e
7ebc1b710ee70be8045e365811722ab074a83ba861cff48c4a3076adb109a712
7f4ac534f6b7fc130ff62b935b8dcbc61b2495ac99011356de16a8805d0513f7
844b4c3b02e307318abb61d8ebd55bfb8e19304515075fd8af06af099480191e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8e641ae81d8c77f392b4a33a8106d42b7c8b7567b5d985f75566c82113a0daa5
912b5cc286400ff7896b5f8d61268987af954c1ca352bb2f1f2f3cac40c8cede
93ed5542962715b40b4a63779206cd099d1ca865f0ee096a5cddce265be0c356
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51dac3d4e0cd24078369a282ba59486759bf0996c244a81fbaec0235a55af1a
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a902f61b44a477edd8f8489e492bc374ffac80afcc69e6d661fe743e5bca9e0e
afca830465512d8cf3a82ee6547839916376555086354a9ba1ec315c9608483c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b235807306b0443becdef29b6a84c023a79410bb8b4d8030c5f2ec540bf0d3c2
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bb742c4fa4303e148268cfce5806949fbea858903970f056152b426ff96dab66
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c01ea680e175751ba0f5e1c20def6833df4224c6478775dd0ef6c080f484b1e5
c0404de34dcf6c1a11bee30014d03a955005654582dd1b1799a924bad7b56428
c37250fa44b6a219fdcf7c1dcfc3a7f1f03b45532aac744fff2bc840d73a2ef0
c4995aa22bbb6ed7208c5da6f317c4f69248094e3c1b60e2f10b00040b658d98
c6121e078ae78d8b8fbaa54ac75b28995320322d04b0cf3e05a0497cbeb8840c
c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae
c7ead3280b587256c34a562f03d328f1ea3c042fe24bef25266f25fd689b6523
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc8ce26f87d1574a7cfa0bf393c1771d57edf7278a9e74afa5c9b9d3e5edef6
d2ffdfbbb66a95b15a9d73abd2c7f8a41b0e1f1a6adcef88b46127d9d5404ba2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0d71e9e83d526a320cdee881361d1abcf386a92a21c116a31976690453bc75c
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e327ee8f5c71a86b38a312a98ebf7d929ac552b629374504c2784d50763bba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f297fa7564c5555ad9c0825cf6f1d33cc395122b6cdb830702a82a297a9326da
f3510b72652f0c4e4a324901bb4cb5aae73fdd76c1e6135a67187f6f14fe2a7e
fa120b5915bd5d27c11fb691ea11fa92bfa751da659b09d9fbdc0a3ee9c0568d
fe338c6ff92c36650313fce6601694fed79cfc1c65ced5b6a9e209e6aa3a15c6
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9