ldiena.lt Open in urlscan Pro
62.210.189.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ldiena.lt/
Effective URL:
https://ldiena.lt/
Submission: On August 06 via manual (August 6th 2023, 9:30:56 pm UTC) — Scanned from FR

Summary HTTP 430 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 62 IPs in 10 countries across 49 domains to perform 430 HTTP transactions. The main IP is 62.210.189.174, located in France and belongs to Online SAS, FR. The main domain is ldiena.lt.
TLS certificate: Issued by R3 on July 20th 2023. Valid for: 3 months.

This is the only time ldiena.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 60	62.210.189.174 62.210.189.174	12876 (Online SAS) (Online SAS)
5	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e0:... 2606:4700:e0::ac40:670b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
23	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
4	162.19.88.68 162.19.88.68	16276 (OVH) (OVH)
1 2	2.21.20.151 2.21.20.151	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.48.23.143 23.48.23.143	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	185.12.127.178 185.12.127.178	50214 (QWARTA) (QWARTA)
6	95.163.114.203 95.163.114.203	12695 (DINET-AS) (DINET-AS)
5	185.134.203.247 185.134.203.247	203444 (MAPMAKERS...) (MAPMAKERSGROUP)
2	193.16.47.245 193.16.47.245	1820 (WNET) (WNET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	82.151.106.131 82.151.106.131	29456 (BELSVYAZ-AS) (BELSVYAZ-AS)
1	109.235.67.100 109.235.67.100	62282 (RACKRAY U...) (RACKRAY UAB Rakrejus)
2	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a03:2880:f27... 2a03:2880:f276:d2:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f27... 2a03:2880:f276:e8:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
2 10	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
2	2a03:2880:f05... 2a03:2880:f058:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1 52	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
11	23.48.23.157 23.48.23.157	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	193.108.153.23 193.108.153.23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.48.23.159 23.48.23.159	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	23.32.238.51 23.32.238.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	193.108.153.29 193.108.153.29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
9	146.75.122.113 146.75.122.113	54113 (FASTLY) (FASTLY)
7 8	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
8	104.126.37.162 104.126.37.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	139.177.230.161 139.177.230.161	396986 (BYTEDANCE) (BYTEDANCE)
2	2.16.1.26 2.16.1.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.126.37.168 104.126.37.168	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	193.108.153.24 193.108.153.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	193.108.153.21 193.108.153.21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	92.63.192.10 92.63.192.10	29182 (RU-JSCIOT) (RU-JSCIOT)
1	62.109.6.15 62.109.6.15	29182 (RU-JSCIOT) (RU-JSCIOT)
1	217.197.112.80 217.197.112.80	20655 (E-STYLEIS...) (E-STYLEISP-AS)
2 28	23.210.122.250 23.210.122.250	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.210.123.5 23.210.123.5	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	47.246.146.202 47.246.146.202	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
2	104.126.37.179 104.126.37.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	47.246.48.252 47.246.48.252	() ()
1	2a02:26f0:350... 2a02:26f0:3500:12::1730:1791	() ()
1	87.240.137.164 87.240.137.164	() ()
430	62

60 62.210.189.174 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 62-210-189-174.rev.poneytelecom.eu

ldiena.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
evaizdai.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ldiena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.88.68 (France)

ASN16276 (OVH, FR)
PTR: ns3221377.ip-162-19-88.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.151 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-151.deploy.static.akamaitechnologies.com

www.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.48.23.143 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-143.deploy.static.akamaitechnologies.com

lf16-tiktok-web.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.12.127.178 (Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.163.114.203 (Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.134.203.247 (Russian Federation)

ASN203444 (MAPMAKERSGROUP, RU)

ost1.gismeteo.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.16.47.245 (Krakow, Poland)

ASN1820 (WNET, US)

www.gismeteo.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ekspertai.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.151.106.131 (Belgorod, Russian Federation)

ASN29456 (BELSVYAZ-AS, RU)

b1.culture.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.235.67.100 (Lithuania)

ASN62282 (RACKRAY UAB Rakrejus, LT)
PTR: server.hey.lt

www.hey.lt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f276:d2:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f276:e8:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f058:f:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)

scontent-lhr8-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.48.23.157 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-157.deploy.static.akamaitechnologies.com

sf16-website-login.neutral.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-23.deploy.static.akamaitechnologies.com

sf16-secsdk.ttwstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.159 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-159.deploy.static.akamaitechnologies.com

p16-sign-va.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 23.32.238.51 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-51.deploy.static.akamaitechnologies.com

p16-sign-useast2a.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-29.deploy.static.akamaitechnologies.com

sf16-short-va.bytedapm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 146.75.122.113 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

v19-web-newkey.tiktokcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 7 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.126.37.162 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-162.deploy.static.akamaitechnologies.com

mcs-va-useast2a.tiktokv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.177.230.161 (Paris, France)

ASN396986 (BYTEDANCE, US)

mon-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.1.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-26.deploy.static.akamaitechnologies.com

vmweb-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.37.168 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-168.deploy.static.akamaitechnologies.com

mssdk-va.byteoversea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.108.153.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com

mon.tiktokv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.108.153.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-21.deploy.static.akamaitechnologies.com

lf16-tiktok-common.ibytedtos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.63.192.10 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1023.ru

checkersync.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.6.15 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1024.ru

supraneet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.197.112.80 (Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: seopult.ru

af.click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 23.210.122.250 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-122-250.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
best.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.123.5 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-123-5.deploy.static.akamaitechnologies.com

sale.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.146.202 (United States) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

fr.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.37.179 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-179.deploy.static.akamaitechnologies.com

mssdk-va.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 47.246.48.252 (None, )

ASN- ()

ae01.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:12::1730:1791 (None, )

ASN- ()

time-ae.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.137.164 (None, )

ASN- ()

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	1 MB
44	alicdn.com i.alicdn.com assets.alicdn.com ae01.alicdn.com	1 MB
37	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 115	358 KB
36	ldiena.com ldiena.com	1 MB
28	tiktokcdn.com p16-sign-va.tiktokcdn.com — Cisco Umbrella Rank: 1128 p16-sign-useast2a.tiktokcdn.com — Cisco Umbrella Rank: 1486 v19-web-newkey.tiktokcdn.com — Cisco Umbrella Rank: 28761	2 MB
23	ldiena.lt 1 redirects ldiena.lt	377 KB
21	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	273 KB
20	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 726 scontent-lhr8-1.xx.fbcdn.net — Cisco Umbrella Rank: 10299	345 KB
15	byteoversea.com mon-va.byteoversea.com — Cisco Umbrella Rank: 5029 vmweb-va.byteoversea.com — Cisco Umbrella Rank: 25473 mssdk-va.byteoversea.com — Cisco Umbrella Rank: 32057	10 KB
15	ttwstatic.com lf16-tiktok-web.ttwstatic.com — Cisco Umbrella Rank: 16072 sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 6359 sf16-secsdk.ttwstatic.com — Cisco Umbrella Rank: 39673	955 KB
12	tiktokv.com mcs-va-useast2a.tiktokv.com — Cisco Umbrella Rank: 30068 mon.tiktokv.com — Cisco Umbrella Rank: 3038	3 KB
11	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4014	136 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	562 KB
10	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 107	31 KB
9	google.com 7 redirects apis.google.com — Cisco Umbrella Rank: 185 www.google.com — Cisco Umbrella Rank: 3	23 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55 region1.google-analytics.com — Cisco Umbrella Rank: 1869	43 KB
7	gismeteo.lt ost1.gismeteo.lt www.gismeteo.lt — Cisco Umbrella Rank: 715457	6 KB
6	aliexpress.com 4 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 26326 sale.aliexpress.com — Cisco Umbrella Rank: 46501 www.aliexpress.com — Cisco Umbrella Rank: 22705 fr.aliexpress.com — Cisco Umbrella Rank: 213167 best.aliexpress.com — Cisco Umbrella Rank: 75019	15 KB
6	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 178625	20 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	259 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	3 KB
4	youtube.com img.youtube.com — Cisco Umbrella Rank: 3472	74 KB
4	tiktok.com 1 redirects www.tiktok.com — Cisco Umbrella Rank: 3452 mssdk-va.tiktok.com — Cisco Umbrella Rank: 19525	24 KB
4	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 16590	1 MB
3	ibytedtos.com lf16-tiktok-common.ibytedtos.com — Cisco Umbrella Rank: 6250	171 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1003 syndication.twitter.com — Cisco Umbrella Rank: 1212	132 KB
3	instagram.com 2 redirects platform.instagram.com — Cisco Umbrella Rank: 8348 www.instagram.com — Cisco Umbrella Rank: 1519	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	218 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1165	14 KB
2	bytedapm.com sf16-short-va.bytedapm.com — Cisco Umbrella Rank: 16776	25 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 16217 c.statcounter.com — Cisco Umbrella Rank: 9737	15 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2748	32 KB
1	vk.com vk.com	577 B
1	akamaized.net time-ae.akamaized.net	116 B
1	click.ru af.click.ru — Cisco Umbrella Rank: 272518	1 KB
1	supraneet.ru supraneet.ru — Cisco Umbrella Rank: 269573	319 B
1	checkersync.ru checkersync.ru — Cisco Umbrella Rank: 269701	7 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192	600 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	33 KB
1	hey.lt www.hey.lt — Cisco Umbrella Rank: 571894	1 KB
1	culture.ru b1.culture.ru	30 KB
1	ekspertai.eu ekspertai.eu	199 KB
1	evaizdai.lt evaizdai.lt	99 KB
1	sape.ru cdn-rtb.sape.ru — Cisco Umbrella Rank: 77316	419 B
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2334	560 B
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 418	8 KB
0	tmall.ru Failed login.tmall.ru Failed
0	aliexpress.ru Failed login.aliexpress.ru Failed
0	mmstat.com Failed ae.mmstat.com Failed
430	49

	Domain	Requested by
52	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
36	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ldiena.lt
36	ldiena.com	ldiena.lt
23	ldiena.lt	1 redirects ldiena.lt
20	pagead2.googlesyndication.com	ldiena.lt pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
19	ae01.alicdn.com	sale.aliexpress.com assets.alicdn.com
19	i.alicdn.com	sale.aliexpress.com i.alicdn.com
18	p16-sign-useast2a.tiktokcdn.com	www.tiktok.com ldiena.lt
18	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
12	mon-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
11	sf16-website-login.neutral.ttwstatic.com	www.tiktok.com sf16-website-login.neutral.ttwstatic.com sf16-secsdk.ttwstatic.com ldiena.lt
11	mc.yandex.ru	1 redirects ldiena.lt w.uptolike.com mc.yandex.ru
10	www.googletagservices.com	googleads.g.doubleclick.net
10	www.facebook.com	2 redirects ldiena.lt connect.facebook.net sale.aliexpress.com
9	v19-web-newkey.tiktokcdn.com	www.tiktok.com
9	www.gstatic.com	googleads.g.doubleclick.net
8	mcs-va-useast2a.tiktokv.com	sf16-website-login.neutral.ttwstatic.com
8	www.google.com	7 redirects tpc.googlesyndication.com
7	fonts.gstatic.com	googleads.g.doubleclick.net fonts.googleapis.com
6	assets.alicdn.com	sale.aliexpress.com assets.alicdn.com
6	w.uptolike.com	ldiena.lt w.uptolike.com
5	www.google-analytics.com	ldiena.lt www.google-analytics.com assets.alicdn.com
5	ost1.gismeteo.lt	ldiena.lt
5	connect.facebook.net	ldiena.lt connect.facebook.net assets.alicdn.com
4	mon.tiktokv.com	sf16-website-login.neutral.ttwstatic.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	img.youtube.com	ldiena.lt
4	i.postimg.cc	ldiena.lt
3	lf16-tiktok-common.ibytedtos.com	ldiena.lt
3	lf16-tiktok-web.ttwstatic.com	ldiena.lt www.tiktok.com
3	www.googletagmanager.com	ldiena.lt www.googletagmanager.com www.google-analytics.com
3	use.fontawesome.com	ldiena.lt
2	mssdk-va.tiktok.com	sf16-website-login.neutral.ttwstatic.com
2	sale.aliexpress.com	1 redirects checkersync.ru
2	vmweb-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	sf16-short-va.bytedapm.com	www.tiktok.com sf16-short-va.bytedapm.com
2	scontent-lhr8-1.xx.fbcdn.net	www.facebook.com
2	region1.google-analytics.com	www.googletagmanager.com
2	platform.twitter.com	ldiena.lt platform.twitter.com
2	www.instagram.com	1 redirects ldiena.lt
2	www.gismeteo.lt	ldiena.lt
2	www.tiktok.com	1 redirects lf16-tiktok-web.ttwstatic.com
2	stackpath.bootstrapcdn.com	ldiena.lt
1	vk.com	sale.aliexpress.com
1	time-ae.akamaized.net	i.alicdn.com
1	best.aliexpress.com	checkersync.ru
1	fr.aliexpress.com	1 redirects
1	www.aliexpress.com	1 redirects
1	s.click.aliexpress.com	1 redirects
1	af.click.ru	w.uptolike.com
1	supraneet.ru	w.uptolike.com
1	checkersync.ru	w.uptolike.com
1	mssdk-va.byteoversea.com	sf16-website-login.neutral.ttwstatic.com
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	p16-sign-va.tiktokcdn.com	www.tiktok.com
1	sf16-secsdk.ttwstatic.com	www.tiktok.com
1	syndication.twitter.com	platform.twitter.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.statcounter.com	www.statcounter.com
1	code.jquery.com	ldiena.lt
1	platform.instagram.com	1 redirects
1	www.statcounter.com	ldiena.lt
1	www.hey.lt	ldiena.lt
1	b1.culture.ru	ldiena.lt
1	ekspertai.eu	ldiena.lt
1	evaizdai.lt	ldiena.lt
1	cdn-rtb.sape.ru	ldiena.lt
1	www.paypalobjects.com	ldiena.lt
1	cdn.ampproject.org	ldiena.lt
1	apis.google.com	ldiena.lt
0	login.tmall.ru Failed	assets.alicdn.com
0	login.aliexpress.ru Failed	assets.alicdn.com
0	ae.mmstat.com Failed	ldiena.lt
430	76

This site contains links to these domains. Also see Links.

Domain
www.patreon.com
www.paypal.me
stalin.lt
www.gismeteo.lt
torentai.lt
ekspertai.eu
maksimasgorkis.wordpress.com
alexa.com
alkas.lt
bukimevieningi.lt
kibirkstis.blogspot.lt
laisvavisuomene.lt
minfo.lt
propatria.lt
sputniknews.lt
seimairnamai.eu
versijos.lt
jonaskovalskis.com
lebionka.blogspot.com
petrasdargis.lt
cont.ws
riss.ru
risstv.ru
www.rubaltic.ru
citydog.by
kyky.org
www.the-village.me
kaktutzhit.by
binkl.by
34mag.net
hrodna.life
www.hey.lt
www.statcounter.com

Subject Issuer	Validity	Valid
ldiena.lt R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-16` - `2023-08-14`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
postimg.cc R3	`2023-06-24` - `2023-09-22`	3 months	crt.sh
*.sape.ru R3	`2023-06-10` - `2023-09-08`	3 months	crt.sh
uptolike.com R3	`2023-06-28` - `2023-09-26`	3 months	crt.sh
evaizdai.lt R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gismeteo.lt AlphaSSL CA - SHA256 - G4	`2023-06-16` - `2024-07-17`	a year	crt.sh
ekspertai.eu GTS CA 1P5	`2023-07-22` - `2023-10-20`	3 months	crt.sh
*.culture.ru AlphaSSL CA - SHA256 - G4	`2023-04-24` - `2024-05-25`	a year	crt.sh
hey.lt Sectigo RSA Domain Validation Secure Server CA	`2023-03-06` - `2024-04-05`	a year	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
ldiena.com R3	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-11` - `2023-12-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.neutral.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-06-30` - `2024-07-30`	a year	crt.sh
*.tiktokcdn.com RapidSSL ECC CA 2018	`2023-07-13` - `2024-08-12`	a year	crt.sh
*.bytedapm.com RapidSSL ECC CA 2018	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.tiktokv.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-12` - `2023-09-12`	a year	crt.sh
*.byteoversea.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-23` - `2023-08-23`	a year	crt.sh
*.ibytedtos.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
checkersync.ru R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
supraneet.ru R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
*.click.ru R3	`2023-05-15` - `2023-08-13`	3 months	crt.sh
ru.aliexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-14` - `2023-12-19`	6 months	crt.sh
www.aliexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-14` - `2023-12-20`	6 months	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3	`2023-06-29` - `2024-07-30`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh

This page contains 46 frames:

Primary Page: https://ldiena.lt/
Frame ID: 29A64FB25B3F7CDB54CE6A949F810E3F
Requests: 133 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Frame ID: 4429F1CE56D4DD192000D568598B9FD2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2257426144babc%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=376&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true
Frame ID: 409D3E53F087CE24C5F678D7780AF03A
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D538838000066851%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df29472b448b0b4%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff27d2f1b14abb1%2526relation%253Dparent.parent%26container_width%3D370%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width
Frame ID: 8D56C5FFD7016C3258B48FE3A49C1D88
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fldiena.lt
Frame ID: 69C617B6CB88C65817E7AD63A8538A39
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&adk=1812271804&adf=3025194257&lmt=1691357426&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fldiena.lt%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425797&bpp=8&bdt=408&idt=283&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5387892940746&frm=20&pv=2&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333
Frame ID: 8527A822A50030D30EA041506F9B08B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=280&slotname=8060429809&adk=3505500867&adf=449793871&pi=t.ma~as.8060429809&w=1150&fwrn=4&fwrnh=100&lmt=1691357426&rafmt=12&format=1150x280&url=https%3A%2F%2Fldiena.lt%2F&ea=0&fwr=0&fwrattr=true&rh=280&rw=1150&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425805&bpp=2&bdt=416&idt=348&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=354
Frame ID: B870BF3C668E8AF82EC3B7FF2365D649
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425807&bpp=2&bdt=418&idt=381&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=387
Frame ID: 7A7DBDB94B5E7DC1FF8A0D2352D62CEA
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427
Frame ID: D3F584CAFAA29A4FA8BF9C92B154319E
Requests: 11 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Frame ID: CB2D62A115CBE0C3CA4E399E58F5B50D
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522
Frame ID: 83BF0BE874EA80247C7D7A6B4BEC40C3
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684
Frame ID: E5FC2C738DD31968B71BD7FC39DB437F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=4203825702&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=687&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=4&fsb=1&dtd=691
Frame ID: A2ED91E08D0B23DE05991CE60497C217
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=2029996184&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425817&bpp=1&bdt=428&idt=692&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=5&fsb=1&dtd=695
Frame ID: 4821B2BF3CD8E37F44B19BC0B5BAEAA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=1190019031&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425817&bpp=1&bdt=428&idt=699&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=4476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=15&uci=a!f&btvi=6&fsb=1&dtd=702
Frame ID: 6820B9AE4BC27C93BAEDEB8D1169332D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true
Frame ID: 8C38776B17F06C168A6B8CA163B37B55
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D538838000066851%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df83d5b673fb944%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff27d2f1b14abb1%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width
Frame ID: 7DEC3397028C354719B778E74736FB62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A28868CA429BED2DC2BB9CC448079EB2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6F23A3A302AB53C69E370B38A6C52F64
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A5C2674F070C3B40CB9EF8F0D54A37B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D758B650B20BB813BC8081655A7A7EF7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4AF20D027EC1FE97E83E71C172998AAE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1691357427&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425818&bpp=1&bdt=429&idt=706&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=4764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&psts=AOrYGsnKCRAjV0XF-MCTIw9WPkH9Rri2EBlYTgNdPBN_Ua6hSYp_X7DZ6qiZGCCAwLtd6cvwWhp8mOMYGJv7ebmjuiwWNw%2CAOrYGskkhyz-2LVqY7VuOy-cFqWVDIhYJzKLTNfEKIaleHRy8QhjyUs2zBVFuArRJsYhywppDZleXRb2ZuL99jlFPF0m2Q%2CAOrYGskf9FhqwoTvjS_KdX14ivaD41r9R3yFKxT84Bdk5LqN5HKVPSZz2QGKapDyIPklZ_jVLfdWbkh0_vTc7YI0JPgI8Q&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&dtd=1896
Frame ID: 5F82BBC22D6706CDEAD9541E5958CF36
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: 1539C9F863102A4477A23217699B908E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: C851DA076D89D4ADD63E0FDCD3581B69
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: 504FCDB9E7CA7695A98C7A105C0F9D8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html
Frame ID: 7B7DE7D6E2EAB7E1347CD62631F6E6A6
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html
Frame ID: C9F658A9EF9F69D9E0C0C0A8522D2302
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html
Frame ID: 896CE06C558BCDB0C66B9B696156757E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html
Frame ID: 2222EF1E5687CD96C537CB6F700465D5
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: 0DDE0EE086CD977531C4D3C553CA1241
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: ABCE2E91E7A7B672EB8854E4BD1B8166
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: EA07A6A215653E3BD39EE2696779515D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 40656C42307DBC7B17C0825C7878CEA1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3A10BD86BA4D8391FEC5617D2C5D57FA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D9C8D81F37AE0C2AF806C31A053F18B2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: A0CC764FD3CCEAB7A3B1BBA50B157418
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: F04B90E8A24A91F0D75BC1E5E2D0BFDA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: 86349172BAD2EDFA14C5F3D5A3A94A83
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Frame ID: 0C4AC963EA6352736E97890623CB126E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: B8E691C272087FC50126B3FDA14FAC4D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E568A783FF0DE0A24DC7F38F2DEC790C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E8AE60ECB0D2240324AB9C977013A42
Requests: 2 HTTP requests in this frame

Frame: https://best.aliexpress.com/?lan=fr&aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&sk=_DB8znJH&aff_trace_key=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&terminal_id=4eee4f43226e49e4b9b2209796ac5da3&gatewayAdapt=glo2fra
Frame ID: 63880677434E9EAC4219DBD63AAAD194
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: 21774BBF5D80E8ED6599F7D7B3B3B6B7
Requests: 1 HTTP requests in this frame

Frame: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm
Frame ID: 7F5379B4E0266F7114E51EF473F859C2
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LDiena.lt Žinios

Page URL History Show full URLs

http://ldiena.lt/ HTTP 301
https://ldiena.lt/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

430
Requests

98 %
HTTPS

44 %
IPv6

49
Domains

76
Subdomains

62
IPs

10
Countries

11037 kB
Transfer

34375 kB
Size

37
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.patreon.com/bePatron?u=14904194

Search URL Search Domain Scan URL

URL: https://www.paypal.me/ragelskis
Title: Paremk LDieną per Paypal!

Search URL Search Domain Scan URL

URL: https://stalin.lt/lt/algirdas-paleckis/50-antrankiai-minciai-algirdas-paleckis.html
Title: Tik 14,99 euro!

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/weather-vilnius-4230/

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/weather-vilnius-4230/2-weeks/

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/weather-kaunas-4202/

Search URL Search Domain Scan URL

URL: https://www.gismeteo.lt/weather-kaunas-4202/2-weeks/

Search URL Search Domain Scan URL

URL: http://torentai.lt/

Search URL Search Domain Scan URL

URL: http://ekspertai.eu/static/uploads/2014/01/vytautas_petkevicius_durniu_laivas.pdf

Search URL Search Domain Scan URL

URL: https://maksimasgorkis.wordpress.com/
Title: 150 metų Maksimui Gorkiui! Pilnas raštų rinkinys lietuviškai

Search URL Search Domain Scan URL

URL: http://alexa.com/siteinfo/ldiena.lt
Title: Reitingas

Search URL Search Domain Scan URL

URL: http://alkas.lt/
Title: Alkas.lt

Search URL Search Domain Scan URL

URL: http://bukimevieningi.lt/
Title: BūkimeVieningi.lt

Search URL Search Domain Scan URL

URL: http://ekspertai.eu/
Title: Ekspertai.eu

Search URL Search Domain Scan URL

URL: http://kibirkstis.blogspot.lt/
Title: Kibirkštis

Search URL Search Domain Scan URL

URL: http://laisvavisuomene.lt/
Title: Laisvos visuomenės institutas

Search URL Search Domain Scan URL

URL: http://minfo.lt/
Title: mInfo.lt

Search URL Search Domain Scan URL

URL: http://propatria.lt/
Title: ProPatria.lt

Search URL Search Domain Scan URL

URL: http://sputniknews.lt/
Title: SputnikNews.lt

Search URL Search Domain Scan URL

URL: http://seimairnamai.eu/
Title: ŠeimaIrNamai.eu

Search URL Search Domain Scan URL

URL: http://versijos.lt/
Title: Versijos.lt

Search URL Search Domain Scan URL

URL: http://jonaskovalskis.com/
Title: Jonas Kovalskis

Search URL Search Domain Scan URL

URL: http://lebionka.blogspot.com/
Title: Algimantas Lebionka

Search URL Search Domain Scan URL

URL: http://petrasdargis.lt/
Title: Petras Dargis

Search URL Search Domain Scan URL

URL: http://cont.ws/
Title: Cont.ws

Search URL Search Domain Scan URL

URL: http://riss.ru/
Title: РИСИ

Search URL Search Domain Scan URL

URL: http://risstv.ru/
Title: РИСИ ТВ

Search URL Search Domain Scan URL

URL: https://www.rubaltic.ru/articles/
Title: Rubaltic.ru vertimai

Search URL Search Domain Scan URL

URL: https://citydog.by/
Title: CityDog.by

Search URL Search Domain Scan URL

URL: http://kyky.org/
Title: KyKy.org

Search URL Search Domain Scan URL

URL: http://www.the-village.me/
Title: The-Village.me

Search URL Search Domain Scan URL

URL: http://kaktutzhit.by/
Title: KakTutZhit.by

Search URL Search Domain Scan URL

URL: http://binkl.by/
Title: Binkl.by

Search URL Search Domain Scan URL

URL: https://34mag.net/
Title: 34mag.net

Search URL Search Domain Scan URL

URL: http://hrodna.life/
Title: Hrodna.life

Search URL Search Domain Scan URL

URL: https://www.hey.lt/details.php?id=ldiena

Search URL Search Domain Scan URL

URL: https://www.statcounter.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ldiena.lt/ HTTP 301
https://ldiena.lt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.tiktok.com/embed.js HTTP 302
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

Request Chain 50

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js

Request Chain 105

https://www.facebook.com/v4.0/plugins/page.php?adapt_container_width=true&app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29472b448b0b4%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=370&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FLDienaNaujienos&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=&width= HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D538838000066851%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df29472b448b0b4%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff27d2f1b14abb1%2526relation%253Dparent.parent%26container_width%3D370%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width

Request Chain 136

https://mc.yandex.ru/watch/55595281?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A477%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A814690505249%3Ahid%3A736256544%3Az%3A0%3Ai%3A20230806213026%3Aet%3A1691357426%3Ac%3A1%3Arn%3A63686618%3Arqn%3A1%3Au%3A1691357426208157105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C38%2C67%2C17%2C156%2C0%2C%2C550%2C9%2C%2C%2C%2C828%3Aco%3A0%3Acpf%3A1%3Ans%3A1691357425124%3Arqnl%3A1%3Ast%3A1691357426%3At%3ALDiena.lt%20%C5%BDinios&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/55595281/1?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A477%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A814690505249%3Ahid%3A736256544%3Az%3A0%3Ai%3A20230806213026%3Aet%3A1691357426%3Ac%3A1%3Arn%3A63686618%3Arqn%3A1%3Au%3A1691357426208157105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C38%2C67%2C17%2C156%2C0%2C%2C550%2C9%2C%2C%2C%2C828%3Aco%3A0%3Acpf%3A1%3Ans%3A1691357425124%3Arqnl%3A1%3Ast%3A1691357426%3At%3ALDiena.lt%20%C5%BDinios&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 145

https://www.facebook.com/v4.0/plugins/page.php?adapt_container_width=true&app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df83d5b673fb944%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FLDienaNaujienos&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=&width= HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D538838000066851%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df83d5b673fb944%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff27d2f1b14abb1%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width

Request Chain 206

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrjuOmQhCABBiAATII4aOiCD_YKNA HTTP 301
https://tpc.googlesyndication.com/simgad/13331317672056765402

Request Chain 249

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 250

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 259

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 261

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 263

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 339

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 340

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 364

https://s.click.aliexpress.com/e/_DB8znJH HTTP 302
https://sale.aliexpress.com/September_fashion_new_lianmeng.htm?aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&sk=_DB8znJH&aff_trace_key=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&terminal_id=4eee4f43226e49e4b9b2209796ac5da3 HTTP 302
https://www.aliexpress.com/?aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&sk=_DB8znJH&aff_trace_key=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&terminal_id=4eee4f43226e49e4b9b2209796ac5da3 HTTP 302
https://fr.aliexpress.com/?aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&sk=_DB8znJH&aff_trace_key=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&terminal_id=4eee4f43226e49e4b9b2209796ac5da3&gatewayAdapt=glo2fra HTTP 302
https://best.aliexpress.com/?lan=fr&aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&sk=_DB8znJH&aff_trace_key=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&terminal_id=4eee4f43226e49e4b9b2209796ac5da3&gatewayAdapt=glo2fra

430 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ldiena.lt/
Redirect Chain

http://ldiena.lt/
https://ldiena.lt/

98 KB
15 KB

105ms
67ms

Document
text/html

62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: e452b75f3f02ecc9b8f97d126400a9525edc251069151928d97eef1026055727

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate public, no-transform, must-revalidate
content-encoding: gzip
content-length: 14517
content-type: text/html; charset=UTF-8
date: Sun, 06 Aug 2023 21:30:25 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 285
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 06 Aug 2023 21:30:25 GMT
Location: https://ldiena.lt/
Server: Apache

GET
H2 200 platform.js Show response
apis.google.com/js/ 57 KB
22 KB 113ms
32ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e5e5df1d130dd028db61bd811eaed4705eaff95034fe3f8a86ba6a85e77af5f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22287
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "e59798e8fe3fa64d"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:25 GMT

GET
H2 200 straipsnis.css
ldiena.lt/css/ 6 KB
2 KB 19ms
18ms Stylesheet
text/css 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/css/straipsnis.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 593ddd828505463163d4765f4d9ba067ddeba59ef91f4383f4fe0ab8cc5f2fbf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 09:12:57 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 1768
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
20 KB 84ms
30ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1074
age: 13205899
cdn-cachedat: 12/25/2022 15:19:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7f89537eaf606bff49f5cc1a7c24dbca"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 986d939b1775942f725c370c90ac6ee7
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 7f2a61851d44008a-CDG
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.css
ldiena.lt/assets/68c14a9b/css/ 143 KB
21 KB 22ms
21ms Stylesheet
text/css 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/assets/68c14a9b/css/bootstrap.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 20:11:13 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 21330
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 site.css
ldiena.lt/css/ 7 KB
2 KB 19ms
18ms Stylesheet
text/css 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/css/site.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 1c37842faf2d35dbed89fab63f431a9ae1f4ed14ce20152f11f5167ffd5b0335

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Wed, 01 Feb 2023 08:31:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 2178
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 regular.css
use.fontawesome.com/releases/v5.8.1/css/ 675 B
733 B 85ms
31ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/regular.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c0638f9077740737ec996407194737b6170db3ef1d736632df0fe2fc71f8ae

Request headers

Referer: https://ldiena.lt/
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WJBSHCMMR9D2H9FZ
age: 656375
alt-svc: h3=":443"; ma=86400
x-amz-id-2: b5Z4FV4GPmGw2WCqy6wM8ZwJEBEDkTS+pLi6c7XiRN/hwnwG1Dix0m4RzrL4YnPsJDJ9mkgrFsoOyjAFCHXlrm2twnlEQECiry6JsQIc3YE=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"b7c0350118f1465ba68e3b7c93fcc360"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYO9ADg0nD8IerNF14oln6bzMKg%2BiOQuhJQ%2Bg%2B%2F%2FwbJfHm%2FqmVlyxJnCMTkAfgp0rARitodOwVl8FxDAMZniIeOhP431RzG%2Ffdw8SSBMtaSKS%2FNIHrmcksmZmkJbZmJiuSUWTtM9hYHWqU8V7RdSOaDg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7f2a61851d76769d-LHR

GET
H2 200 brands.css
use.fontawesome.com/releases/v5.8.1/css/ 660 B
1012 B 82ms
29ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/brands.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdec02a79a6c4f929cf12c9b215492a5530c489ad27487f84887466831115493

Request headers

Referer: https://ldiena.lt/
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3TJW1YW8TR4A0KG7
age: 834008
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Vr4RGcGsnQDBjgqpuzFY/4sBZ4C3xF0+VpjDJ2EUoCF2W98q/rBstWA68E7EXnuN5X5eYiB8txE=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"c9fcdfd0e53dec8552f9dd3b40f75973"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyiXD1fm4FgGgGb8Em6%2B%2BJMTztBK5DW%2BIXSCSlaiQy2R8ekfVrbl50HDRZfwcIzRK3gmMnwUwbnIfrlxCNG1QJhXMxOUBkxhNagaX5ff10mfapy8ubRic7vpiKvhmzvSylGgoyWC%2FV0mTfrxQRQM896d"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7f2a61851d7b769d-LHR

GET
H2 200 fontawesome.css
use.fontawesome.com/releases/v5.8.1/css/ 52 KB
12 KB 83ms
30ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/fontawesome.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9837ae513cb80aecf3f53691f460a2206303e8ee8ffde87a955c11fb950dcc5

Request headers

Referer: https://ldiena.lt/
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3TJG0898MKSC7AXE
age: 834008
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rmAwunR4hGSr/UgmIpaobMmpQuvUlPCsiXs7h0nh9xwJa9G5Sj/uUQCVjMWudcws4aO/y6zpNdo=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"f87b6becf6c4595d38a59016c2460a0b"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Omu9hcQvSWdnngJymMDyKsrcDNCOYjQKwnLSOjVflQEPysBNq9of8LMjk3UhFr6cxrsiExoMsTbw6mNGy4ZKQiCffQ%2FuKck1A7m%2BFzDtb2BxNYeNtp1sHr%2Bd3Kdn2jQfVgtZOStoSyOznug0lPHat9DV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7f2a61851d7d769d-LHR

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 171ms
90ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55f46a924667d16baad3bb093821df7634ffee17a7cb1c9c9b8fa9a8ea6e92d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50597
x-xss-protection: 0
server: cafe
etag: 4039594386455215677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:25 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 134ms
33ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c22797992dd1d24b0a0ca26c91d8db543627e90afcc35db9e65416373888359b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7620
x-xss-protection: 0
server: sffe
etag: "8b05dcb7f07f21a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 06 Aug 2023 21:30:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
65 KB 115ms
37ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11131269-2

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae57b3957a9c77fa496a3822499ac9317a3d05d16e45a788b327e1dd28adffe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66598
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Aug 2023 21:30:25 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 82ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29a3026ef5317f7817c03732d8a39565b42ba8dbc731450565bc5d2eb65d081b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ldiena.lt/
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:25 GMT
content-md5: xDQYbfD8YWyY6qp/K3DiQQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: Aqm9imupqWUx/lkyAjz9IIRg008oeWZxxu7AjaSQ+cLNOCQ1KKw3SkubsbntTyRvAVLjNpFD9JBUdMWMxMZ/VQ==
x-fb-content-md5: 6ca83293b5560ccc8c65c31289eb58e6
cross-origin-opener-policy: same-origin-allow-popups
etag: "28f916e650cc7e46447e8e0d2092c43b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:32:50 GMT

GET
H2 200 ldiena.lt_logo.png
ldiena.lt/img/ 2 KB
2 KB 27ms
20ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/ldiena.lt_logo.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 849f4f58df22077189f77b312aeb1bc0642288c911d346b7fa80111d1408de9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 10 Mar 2022 12:21:00 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 2026
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 ldiena.lt_logo_xs.png
ldiena.lt/img/ 568 B
694 B 26ms
19ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/ldiena.lt_logo_xs.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 1c19fd6f94185384a2bb6bd132bd1c3446c1f24e54e3899dc4e4f16f7a67e509

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 568
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 siauliu_bankas.png
ldiena.lt/img/ 4 KB
4 KB 27ms
20ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/siauliu_bankas.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 15669ee5ed8e7be020a4f5239730fd0141fae0874b9ca3e374c6cf850a318ff5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 3645
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 btn_donateCC_LG.gif
ldiena.lt/img/ 3 KB
3 KB 28ms
21ms Image
image/gif 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/btn_donateCC_LG.gif
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 02 May 2020 14:00:37 GMT
server: Apache
content-type: image/gif
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 2993
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 42 B
560 B 92ms
21ms Image
image/gif 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 57a76f7c3a2e4
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10078-SJC, cache-lcy-eglc8600026-LCY
traceparent: 00-000000000000000000057a76f7c3a2e4-250be50741178b6d-01
x-timer: S1691357426.587959,VS0,VE0
etag: "EMKH4Lmcv0jpPecX1lsuI9JDUC4i6ZE+vkcq+Tq/75s"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 23, 6974

GET
H2 200 2_eurai.png
ldiena.lt/img/ 10 KB
10 KB 29ms
23ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/2_eurai.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 099baa18a1a63c26de3d955f810e8198c982e27995be08802257d5a879df084c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 02 May 2020 14:00:37 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 10613
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 5_eurai.png
ldiena.lt/img/ 10 KB
11 KB 29ms
22ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/5_eurai.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: b26d0ff11c4773969989c4774c870b2e6bb60d510d3f8c29e3e69c02528a54ec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 02 May 2020 14:00:37 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 10733
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 10_euru.png
ldiena.lt/img/ 9 KB
9 KB 29ms
23ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/10_euru.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: a0d2a65319ca8743b05f15bc9f030945320201de8b44faacab6cd924951b1987

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 02 May 2020 14:00:37 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 8737
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 patreon_ldiena.png
ldiena.lt/img/ 4 KB
4 KB 46ms
40ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/patreon_ldiena.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 5ced7d22e43f831fe94c260885cd2254494d5a3714ec694c08befa54703f57d1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 3933
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 video_icon.png
ldiena.lt/img/ 3 KB
3 KB 46ms
40ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/video_icon.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 774b0b3fa78d445153630480c76c1eebe2903b8d4fb2bd861aa85510c0ca2784

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Wed, 22 Jun 2022 17:51:09 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 3500
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 patreon-logo.webp
ldiena.lt/img/ 33 KB
33 KB 64ms
59ms Image
image/webp 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/patreon-logo.webp
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 34c6c1bb0a5a0bf9bab65f4f347106505abcd0fab729a9dbe4b1567190ee8fcf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 05:39:50 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 33258
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 paypal-logo.webp
ldiena.lt/img/ 22 KB
23 KB 64ms
58ms Image
image/webp 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/paypal-logo.webp
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: f32ad5e5838597651b666edf629cd85d4d92df6b64c01c7055d9ae30ecd5d256

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 05:48:21 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 22991
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 antrankiai-minciai.png
i.postimg.cc/kgZ5RHsT/ 510 KB
510 KB 66ms
17ms Image
image/png 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/kgZ5RHsT/antrankiai-minciai.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 9281bfcec216c374f08ddbf9f465471dff58bc37feb097efd4e074495e824f49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Mon, 13 Feb 2023 11:07:14 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 521742
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

embed_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/
Redirect Chain

https://www.tiktok.com/embed.js
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js

46 KB
15 KB

122ms
26ms

Script
application/javascript

23.48.23.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Server: 23.48.23.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-143.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: e586b7f
date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: a2mC7RA9gA0jSaiCieTPqA==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a23-48-22-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=6
content-length: 14603
x-tos-request-id: e346a4b65506338163b65506-af4dbf3
x-tos-response-time: Thu, 05 Jan 2023 04:41:42 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 20230106021717BB187F0E208875031434
etag: CPXr0NbkkPsCEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1028875
access-control-allow-credentials: false
x-tt-trace-host: 01547d8c993fb94b68da2c12473f72d274285eb2ad2d0568369172edecd883ef3a7c18d54775c85f9e8146096e5418e695b1ea362992b91a4e3374205e2d9a2f53cfa9c16bc96c9a547b977dc1cdc2364c9bd137220575b2c780da6ee30f96c5a4bea8035ba124b44bd02db8b1080823f2984cfafebf44b484c278835293fc1848
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

x-akamai-request-id: 1ced549b.8d08092f
date: Sun, 06 Aug 2023 21:30:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-206-213-23.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-parent-response-time: 89,23.206.213.23
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=2
content-length: 138
pragma: no-cache
server: nginx
x-tt-logid: 20230806213024888393D5A5D1A381ED61
x-cache-remote: TCP_MISS from a23-218-219-45.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
content-type: text/html
location: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,23.218.219.45
x-tt-trace-host: 01f0438ee55b2de7a90593cf520df7fd13fc5d2c84dd117f8cc0ee9de3630f3a6b2d3f91be984e05711c7123d07931e7609a2ab514dd311b047adf58d360de3935357d17d5a3925c3a9749457766492e45
expires: Sun, 06 Aug 2023 21:30:25 GMT

GET
H2 200 7895.js Show response
cdn-rtb.sape.ru/teasers/js/895/2/ 0
419 B 192ms
62ms Script
application/javascript 185.12.127.178
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/teasers/js/895/2/7895.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.12.127.178 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 1778A020177FCAB6
x-cache-status: REVALIDATED
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Mar 2023 08:52:14 GMT
server: openresty
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
expires: Sun, 06 Aug 2023 22:30:25 GMT

GET
H/1.1 200
OK zp.js Show response
w.uptolike.com/widgets/v1/ 44 KB
12 KB 243ms
113ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf386255911078ae2c99dc3b095b1684c9ebce7cc6
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e0e934022f9db437d7376661b2125d8b394cc02bd369e1ef8410d0dd94bf903a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 21:30:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31556926
Connection: keep-alive

GET
H2 200 katyte.gif
ldiena.lt/img/ 109 KB
110 KB 44ms
39ms Image
image/gif 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/katyte.gif
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 311bece61c46caaee7c7ffe7fb9ea30388b35aa3d4d1d18eabd4613286c0d09f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/gif
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 111487
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 phpVeDulD.jpg
evaizdai.lt/di/FBUX/ 100 KB
99 KB 170ms
73ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evaizdai.lt/di/FBUX/phpVeDulD.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 6d347c7d562215adf1e5153e0edbe60e2ecfce0a4f0614a2b1bf6ad5ffe8d847

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Sat, 05 Aug 2023 19:01:50 GMT
server: Apache
vary: Accept-Encoding
content-type: image/jpeg
cache-control: maxage=1209600, public
expires: Sun, 04 Aug 2024 19:01:50 GMT

GET
H2 200 photo-2023-03-22-20-20-19.jpg
i.postimg.cc/y6b7QgZk/ 109 KB
110 KB 47ms
47ms Image
image/jpeg 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/y6b7QgZk/photo-2023-03-22-20-20-19.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: a52e43e9967dcf34817bc5419b2721b6c739a1df023c74b38de46a3853c95e20

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 03 Aug 2023 13:37:19 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 112088
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 extremists.jpg
i.postimg.cc/X7ZnnJR0/ 122 KB
122 KB 48ms
47ms Image
image/jpeg 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/X7ZnnJR0/extremists.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: bf3d25421e9696d4356b3f9a93946c353fe1256207d8d69777aa6a1b5fbb55d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Wed, 02 Aug 2023 11:09:59 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 125035
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2023-07-29-14-52-23.png
i.postimg.cc/Fz6Ztt19/ 626 KB
627 KB 49ms
48ms Image
image/png 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Fz6Ztt19/2023-07-29-14-52-23.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 026656870f084aad6b8f609358cdcd30a773ec94b67caef4efe0096c4f70277b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 29 Jul 2023 11:54:06 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 640712
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/T_2I5zs0Bz8/ 7 KB
7 KB 131ms
46ms Image
image/jpeg 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/T_2I5zs0Bz8/hqdefault.jpg

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44566ebe2b3c8736d69cfa1aeb2c4d07136d5dd938ad38cafe0d2f30c2d71455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 20:54:36 GMT
x-content-type-options: nosniff
age: 2149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7005
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 06 Aug 2023 22:54:36 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/ySLc8gZ3oEc/ 22 KB
22 KB 114ms
29ms Image
image/jpeg 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ySLc8gZ3oEc/hqdefault.jpg

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9ee46b4ec120f6fc3528a4bb190300e3d03f86047239f83c7fdeb3c572c79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 20:56:52 GMT
x-content-type-options: nosniff
age: 2013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22370
x-xss-protection: 0
server: sffe
etag: "1454705309"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 06 Aug 2023 22:56:52 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/Dko8PT5kD5g/ 27 KB
27 KB 127ms
52ms Image
image/jpeg 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Dko8PT5kD5g/hqdefault.jpg

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87953a199ac20eb6fb6adb024007fa9437e65847bc69fa241ce494694494d8ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 20:03:42 GMT
x-content-type-options: nosniff
age: 5203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27320
x-xss-protection: 0
server: sffe
etag: "1537147939"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 06 Aug 2023 22:03:42 GMT

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/wYaN6I0w_gk/ 17 KB
18 KB 111ms
72ms Image
image/jpeg 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/wYaN6I0w_gk/hqdefault.jpg

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b0e8b6b1aeb8070aac3af01805fb563ca90e17cc892ac31c048ca801911924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 20:08:12 GMT
x-content-type-options: nosniff
age: 4933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17918
x-xss-protection: 0
server: sffe
etag: "1436102200"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 06 Aug 2023 22:08:12 GMT

GET
H2 200 informer.min.css
ost1.gismeteo.lt/assets/flat-ui/legacy/css/ 8 KB
2 KB 218ms
61ms Stylesheet
text/css 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/legacy/css/informer.min.css
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 4ef9c6b37d1a2e918d9a48f2f127d030212e05e1ee55d10d133df3656d6b87d8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Mon, 05 Jun 2023 11:11:09 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: W/"647dc2cd-2019"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800, public
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 gisloader.svg
ost1.gismeteo.lt/assets/flat-ui/img/ 2 KB
1 KB 68ms
63ms Image
image/svg+xml 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/gisloader.svg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 48f37cd5ef021b85d18fa40080c3b03a175d05465d9933552e37a67a2c68aa10

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 10:43:09 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: W/"614865bd-8a0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, public
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 logo-mini2.png
ost1.gismeteo.lt/assets/flat-ui/img/ 680 B
892 B 69ms
64ms Image
image/png 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/logo-mini2.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 0e291004f1e270cff8a48e17f0aa7d09707fcd3a2d6bb154c88242cabf4d9c4d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Mon, 20 Sep 2021 10:43:09 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: "614865bd-2a8"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 680
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 gismeteo.svg
ost1.gismeteo.lt/assets/flat-ui/img/informer/ 189 B
404 B 70ms
64ms Image
image/svg+xml 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/informer/gismeteo.svg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: 454aa60a57242adb6bc98f0b09517c5fa2a3d75f7d11e09e3b82ab9b505033c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Mon, 20 Sep 2021 10:43:09 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: "614865bd-bd"
content-type: image/svg+xml
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 189
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 forecast-2weeks.lt.svg
ost1.gismeteo.lt/assets/flat-ui/img/informer/ 205 B
420 B 70ms
65ms Image
image/svg+xml 185.134.203.247
MAPMAKERSGROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ost1.gismeteo.lt/assets/flat-ui/img/informer/forecast-2weeks.lt.svg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.134.203.247 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software: gis /
Resource Hash: e87df039a2e7c3d2700a2f5cc28a152c0e9b0e77b9b98c08d2f60695b0c0b2ca

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Mon, 20 Sep 2021 10:43:09 GMT
server: gis
x-dc: ost.stat-ru-ost02
etag: "614865bd-cd"
content-type: image/svg+xml
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 205
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 / Show response
www.gismeteo.lt/api/informer/getinformer/ 0
528 B 280ms
161ms Script
application/javascript 193.16.47.245
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.lt/api/informer/getinformer/?hash=EWr00nUiAM2573

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.245 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-encoding: gzip
server: gis
x-dc: pl.router-cdn-pl01
x-decepticon: 0
vary: Accept-Encoding, Accept-Encoding, Accept, User-Agent
content-type: application/javascript; charset=UTF-8;
access-control-allow-origin: *
x-ssi: 11
cache-control: no-cache, must-revalidate, no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: Sun, 06 Aug 2023 21:54:39 GMT

GET
H2 200 / Show response
www.gismeteo.lt/api/informer/getinformer/ 0
527 B 231ms
163ms Script
application/javascript 193.16.47.245
WNET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gismeteo.lt/api/informer/getinformer/?hash=g8kk41AQyMArsT

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.16.47.245 Krakow, Poland, ASN1820 (WNET, US),

Reverse DNS

Software

gis /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-encoding: gzip
server: gis
x-dc: pl.router-cdn-pl01
x-decepticon: 0
vary: Accept-Encoding, Accept-Encoding, Accept, User-Agent
content-type: application/javascript; charset=UTF-8;
access-control-allow-origin: *
x-ssi: 106
cache-control: no-cache, must-revalidate, no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
expires: Sun, 06 Aug 2023 21:53:37 GMT

GET
H2 200 torentai_logo_mazas.png
ldiena.lt/img/ 12 KB
12 KB 44ms
40ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/torentai_logo_mazas.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 57034146eeb6626976bc238d640836e5580c921fbb33a51f0b4ae500226a4005

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 12380
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 durnlaiv.png
ekspertai.eu/static/uploads/2014/ 198 KB
199 KB 115ms
58ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ekspertai.eu/static/uploads/2014/durnlaiv.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22eb537ab9a4652390b1dd727b804cea08fdbc75ff1063c7cfc46f5abfe6f4be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
cf-cache-status: HIT
last-modified: Sun, 18 Mar 2018 08:10:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "31835-567ab60f08fc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gElAhefoYIdE2Ml%2BQYvQd5Ik%2B%2FoZD8S3vEEN%2FnWbdWc3ZiGP%2FkQT6ijk4DoPTWaVrsCpJ7dXHfi6YIPff34M1nzcR3iuHPxSQ%2FyRFARKH7m%2FzJOVngSFAbynnWioH2xdgViddnnCBrtOyQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 7f2a61873f7cd6ae-CDG
alt-svc: h3=":443"; ma=86400
content-length: 202805

GET
H2 200 270024.550xp.jpg
b1.culture.ru/c/ 30 KB
30 KB 563ms
156ms Image
image/jpeg 82.151.106.131
BELSVYAZ-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1.culture.ru/c/270024.550xp.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.151.106.131 Belgorod, Russian Federation, ASN29456 (BELSVYAZ-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 303791692bb0264fcf09d5e66ae5aa438066b6004e7a46a5a86ad0f3224cf6b3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
last-modified: Thu, 10 Dec 2015 09:45:24 GMT
server: nginx/1.20.1
etag: "776f-25iDcOjLIpC/ukW3SDvuLg"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400, private, no-transform
content-length: 30575

GET
H2 200 taupykle.png
ldiena.lt/img/ 14 KB
15 KB 44ms
40ms Image
image/png 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.lt/img/taupykle.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: fb7563dea75e6b91358d0ef891f7ed4f9b24ef905d6daf3135b4efea111cbaa4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 02 May 2020 14:00:38 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 14757
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H/1.1 200
OK count.php
www.hey.lt/ 465 B
1 KB 148ms
46ms Image
image/png 109.235.67.100
RACKRAY UAB Rakrejus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hey.lt/count.php?id=ldiena

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

109.235.67.100 , Lithuania, ASN62282 (RACKRAY UAB Rakrejus, LT),

Reverse DNS

server.hey.lt

Software

Apache /

Resource Hash

03432786f87a79db2089b73ec93a6687a64f02bfc3fa9c7ec3f989abbb9215c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 21:30:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: Apache
Content-Security-Policy: frame-ancestors 'self'
X-Frame-Options: SAMEORIGIN
P3P: CP="NID"
Content-Type: image/png
Cache-Control: max-age=604800
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: close
Content-Length: 465
Expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 38 KB
14 KB 93ms
36ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90bfd2a150346405da0d1599565c6fd43302b2efc9ec46155acc01d6c16f9250

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Jul 2023 20:58:06 GMT
server: cloudflare
age: 34238
etag: W/"64c188de-9835"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7f2a6185de56d6ae-CDG
expires: Sun, 06 Aug 2023 23:59:47 GMT

GET
H2

200

/ Show response
www.instagram.com/accounts/login/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js

0
0

243ms
242ms

Script
text/html

2a03:2880:f276:e8:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Server: 2a03:2880:f276:e8:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

content-security-policy: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com www.gstatic.com *.fbsbx.com android-webview-video-poster: *.giphy.com www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk *.teststagram.com *.igsonar.com *.google-analytics.com *.whatsapp.net;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com *.giphy.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: www.googleadservices.com *.doubleclick.net *.google.com *.google.co.uk https://paywithmybank.com facebook.dlocal.com *.boku.com integration-facebook.payu.in;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:26 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' *.teststagram.com *.instagram.com static.cdninstagram.com *.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com *.instagram.com *.teststagram.com static.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* ws://localhost:* blob: *.instagram.com *.cdninstagram.com wss://*.instagram.com:* 'self' *.teststagram.com wss://edge-chat.instagram.com connect.facebook.net;font-src *.facebook.com data: fonts.gstatic.com *.fbcdn.net *.instagram.com *.teststagram.com static.cdninstagram.com *.intern.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: blob: *.cdninstagram.com *.fbsbx.com android-webview-video-poster: *.giphy.com *.teststagram.com *.igsonar.com *.google-analytics.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data: https://paywithmybank.com facebook.dlocal.com *.boku.com integration-facebook.payu.in;worker-src *.instagram.com *.teststagram.com static.cdninstagram.com *.google-analytics.com *.google.com;block-all-mixed-content;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: ZRGWrJXBRfZJQRYdnE1PNemqHYBoMcfQgirF3ub4mJQyT1JuSTruFxjl3WAfk8dyi8ReO4/xzmrWun7ichuNvQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
location: https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fembed.js
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 91ms
35ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-17b8b"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1691357425.cdn4-pxy222-cdg02.pa1.evs,1691357425.cds233.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 33738

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
11 KB 36ms
28ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 947
age: 13201237
cdn-cachedat: 11/22/2022 18:29:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1ad47c7e656a5f55b3e8e5e23b37597c
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 7f2a61858da9008a-CDG
cdn-requestpullsuccess: True

GET
H2 200 jquery.js Show response
ldiena.lt/assets/1579e573/ 252 KB
75 KB 36ms
27ms Script
application/javascript 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/assets/1579e573/jquery.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 20:11:13 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 all.js Show response
ldiena.lt/js/ 2 KB
556 B 27ms
19ms Script
application/javascript 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/js/all.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: d9edb58e7cb61cb239c80d45483f65e9eda75e25d3158eca05b6344bd94ea0ce

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Sat, 02 May 2020 14:00:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 482
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 yii.js Show response
ldiena.lt/assets/bc89529c/ 19 KB
5 KB 29ms
21ms Script
application/javascript 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/assets/bc89529c/yii.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 70f06515e47160b02727a63c493c438e94c83be804116ae7fdeb656b3c3a5df6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 20:11:13 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 5526
expires: Sun, 13 Aug 2023 21:30:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 91ms
24ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 19:49:45 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6040
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 06 Aug 2023 21:49:45 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 216 KB
74 KB 261ms
120ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

27735786662c0d84226430a5acd5cfeac63b593e39351fd28321091cafed725e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 03 Aug 2023 07:54:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64cb3322-126d5"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 75477
expires: Sun, 06 Aug 2023 22:30:25 GMT

GET
H2 200 28882.jpg
ldiena.com/uploads/str/lg/ 9 KB
9 KB 269ms
18ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28882.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: c249fdc27dd8280a4e7365018373de5f21bcee4c68203fd6ad1678951ea2fe58

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 21:03:18 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 9422
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 404 28881.jpg
ldiena.com/uploads/str/lg/ 0
0 339ms
89ms Image
text/html 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28881.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 28880.jpg
ldiena.com/uploads/str/lg/ 39 KB
39 KB 269ms
19ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28880.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: d9c4b57832a955a704d0f0ba0ee4af219889cdfff1468d08d3411625a8f969cf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 20:05:14 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 39735
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28879.jpg
ldiena.com/uploads/str/lg/ 70 KB
70 KB 269ms
19ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28879.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 8fbba3e7d45edac067fbb61500a2b24d08ec11d9da151f68c64d405cef63a321

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 07:33:24 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 71444
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28878.jpg
ldiena.com/uploads/str/lg/ 84 KB
84 KB 64ms
61ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28878.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 727262b046756a4e8c0d4458294aabc01482a29f08482151d94efb91d89bff09

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 03:59:27 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 85872
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28877.jpg
ldiena.com/uploads/str/lg/ 34 KB
34 KB 65ms
61ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/lg/28877.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: d6d44b64b8036d08a423ab41c2754625ccf14371d74a9eb7d10b47b607e6c910

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 05:35:09 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 34814
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28876.jpg
ldiena.com/uploads/str/md/ 34 KB
34 KB 64ms
60ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28876.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 657c0f3bcb0b824ef7e44e98057ea1a4830317ee4e6cafc5c7234070c23336a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 03:17:43 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 34632
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28875.jpg
ldiena.com/uploads/str/md/ 22 KB
23 KB 65ms
61ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28875.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: d75d41880bdba497be796c37a8ce7cd16b1c02c5076072925de932e50fd2b44e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 07:24:57 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 22884
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28874.jpg
ldiena.com/uploads/str/md/ 14 KB
14 KB 64ms
61ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28874.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 7327cbe00b68bd0c52043a2117ac12af02ab7ce74c70995f5bd95755d61ad946

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 07:26:50 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 14125
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28873.jpg
ldiena.com/uploads/str/md/ 32 KB
32 KB 65ms
62ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28873.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: b04d0648407bd9997f98f380d4d3c3e762b2d27b1b5f8fcd8ef757267248a47b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 07:29:59 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 32980
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28872.jpg
ldiena.com/uploads/str/md/ 45 KB
45 KB 69ms
66ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28872.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 4d0cdf4636bcc2d9006a56942c473997c99518baad1737debc1ad0f0a9343c67

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 07:30:51 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 45821
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28871.jpg
ldiena.com/uploads/str/md/ 51 KB
52 KB 70ms
67ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28871.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 69a20ee0767a760b72d2285f1a49d3ebc2254f1a09f4a92176526e99aab67ee1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 05 Aug 2023 07:02:41 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 52677
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28870.jpg
ldiena.com/uploads/str/md/ 27 KB
27 KB 83ms
80ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28870.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: daa1ae9bfcbd9f2bdaf7a008651a9ae00f3e4d26ea3cc3608481ecb1c653391f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 05 Aug 2023 03:50:41 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 27681
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28869.jpg
ldiena.com/uploads/str/md/ 38 KB
38 KB 70ms
66ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28869.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 2c6f05eaae17efc970b1b61dbfb4d203ba2178bd0b67fe06842fbce69585af18

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 05 Aug 2023 03:48:39 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 38698
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28868.jpg
ldiena.com/uploads/str/md/ 41 KB
41 KB 69ms
66ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28868.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 984524e29d973d514acf58c3130594adb031a5c2c89caab4619c29dcb20523a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Fri, 04 Aug 2023 13:33:03 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 41755
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28867.jpg
ldiena.com/uploads/str/md/ 31 KB
31 KB 70ms
67ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28867.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 0ed9efdb5b9dbd4cc2b257e8eda560c836f46848cd02620c6d0ff4865479926c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 05 Aug 2023 08:08:17 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 31267
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28866.jpg
ldiena.com/uploads/str/md/ 28 KB
28 KB 80ms
77ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28866.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 6cfc6e1a3c159e27b8143820ea6cda8ee427d528462cb11d557350187ddb6089

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 05 Aug 2023 06:11:35 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 28168
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28865.jpg
ldiena.com/uploads/str/md/ 33 KB
33 KB 84ms
81ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28865.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: e1a75076d7bdcd36a8f6a12ab6c4b6b264c444d05475225d09dd58b11259364e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Fri, 04 Aug 2023 16:34:11 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 33762
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28864.jpg
ldiena.com/uploads/str/md/ 19 KB
19 KB 80ms
77ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28864.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: f40f73a944d4d4afb060fb91dd1258826148ce5998c1908be6037d6b8c19cead

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 15:18:53 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 19393
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28863.jpg
ldiena.com/uploads/str/md/ 14 KB
14 KB 81ms
78ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28863.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: bec3cb16212c9c09bfae569f7df7817c38b1dd96c15b632e733f45660ec4fd5f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Fri, 04 Aug 2023 12:04:36 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 13932
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28862.jpg
ldiena.com/uploads/str/md/ 31 KB
31 KB 81ms
78ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28862.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 4e79e61b0934ab0b567ad6c34de73e2551dd37bad562d9dba1c6b91efa6a2728

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 03 Aug 2023 17:34:38 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 31509
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28861.jpg
ldiena.com/uploads/str/md/ 12 KB
12 KB 80ms
77ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28861.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 5051441dfb45e3716e56201a81ca575048f474deaa1439917c896bab96a8e16a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Fri, 04 Aug 2023 07:43:33 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 12274
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28860.jpg
ldiena.com/uploads/str/md/ 17 KB
17 KB 81ms
78ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28860.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 87b5594b8f70577e8b1597c9143865322455fc9d0bfefbddd5f85720f978b5e9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sun, 06 Aug 2023 08:40:31 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 17138
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28859.jpg
ldiena.com/uploads/str/md/ 25 KB
25 KB 81ms
78ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28859.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 8d50e2d1e73219e3afa25c40642f690693e8d222095422b7b565ec35879a78ec

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 03 Aug 2023 17:36:47 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 25832
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28858.jpg
ldiena.com/uploads/str/md/ 16 KB
16 KB 82ms
79ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28858.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: c69425a628e39d9e2300a47a24724bfee416e64367b97aacd6d0f9a454777f47

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Fri, 04 Aug 2023 12:13:24 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 16592
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28857.jpg
ldiena.com/uploads/str/md/ 32 KB
32 KB 82ms
78ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28857.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: a655855de8d988d1b8c656e63dd0e9cf1f7d7d61529cadfa5220e1ee39d7f757

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 03 Aug 2023 17:39:17 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 32847
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28856.jpg
ldiena.com/uploads/str/md/ 23 KB
23 KB 82ms
79ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28856.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: d80a7e5351c9e8b78c9932feaceadab5812c3a25ee9b84cc509dc9bbec81f735

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Fri, 04 Aug 2023 04:04:24 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 23267
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28855.jpg
ldiena.com/uploads/str/md/ 11 KB
11 KB 82ms
79ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28855.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: c69b2673337a216884b799066692c542b8d0cd57b2cdddc63853ea2400920a16

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 05 Aug 2023 03:55:45 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 11292
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28854.jpg
ldiena.com/uploads/str/md/ 23 KB
23 KB 82ms
79ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28854.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: bfd1c127f5e5d29a99beb95a57b5c4045e78f19d776dbe3e6f05525fa901d6d6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Fri, 04 Aug 2023 15:40:06 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 23750
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28853.jpg
ldiena.com/uploads/str/md/ 47 KB
47 KB 82ms
79ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28853.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: a5125b780f0eca91b5012fc474ef44553951196d1fe114ea0b54cfe97085ad87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 03 Aug 2023 17:42:47 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 48095
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28852.jpg
ldiena.com/uploads/str/md/ 19 KB
19 KB 83ms
80ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28852.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: abf7d0c96a78e82f0d9360b156b45bbad399a33cf5942b0aca8e1cfd7191e5d0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 03 Aug 2023 17:43:20 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 19141
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28850.jpg
ldiena.com/uploads/str/md/ 27 KB
28 KB 83ms
81ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28850.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 108bda49c59526dec79b0384df0768cc5ef91735772a60acfef24322fc743a9e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 03 Aug 2023 17:43:39 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 28051
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28849.jpg
ldiena.com/uploads/str/md/ 38 KB
39 KB 83ms
80ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28849.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 1e70204c1ff4e4a480bfd16f40c8ab3062f720ccf6e5a358ac861a7fc937f8a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 03 Aug 2023 17:45:51 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 39386
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28848.jpg
ldiena.com/uploads/str/md/ 13 KB
14 KB 83ms
80ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28848.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 53d82404c5b0e9d6e365013d7510d2895ff86dd2e5668412a396f2d0b3762cf1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 03 Aug 2023 17:48:40 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 13738
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28847.jpg
ldiena.com/uploads/str/md/ 15 KB
15 KB 84ms
81ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28847.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 5c660f15c14fe5b35cd60cdcd493bc6bd5b4787833fe6bed172c9596b7cd34d7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Sat, 05 Aug 2023 07:24:52 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 15397
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 28846.jpg
ldiena.com/uploads/str/md/ 23 KB
23 KB 84ms
81ms Image
image/jpeg 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ldiena.com/uploads/str/md/28846.jpg
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: b2836f1dd05f4d195cf08ac0bf80beaf0eb0774d2659a4828d5284598811017d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
last-modified: Thu, 03 Aug 2023 17:52:41 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 23685
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
ldiena.lt/assets/68c14a9b/fonts/ 18 KB
18 KB 39ms
37ms Font
font/woff2 62.210.189.174
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://ldiena.lt/assets/68c14a9b/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/assets/68c14a9b/css/bootstrap.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.210.189.174 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 62-210-189-174.rev.poneytelecom.eu
Software: Apache /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://ldiena.lt/assets/68c14a9b/css/bootstrap.css
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 20:11:13 GMT
server: Apache
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2592000, public, no-transform, must-revalidate
accept-ranges: bytes
content-length: 18030
expires: Tue, 05 Sep 2023 21:30:25 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 29ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6f43dc5cf941e8d447d49bb59e9a34f1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80061c30b8049a21a43ffc44b06bde34c0039c64e83f49d2c93234ba7984c727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ldiena.lt/
Origin: https://ldiena.lt
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:25 GMT
content-md5: Mo5/+P0pym1fI8KR0hySWA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87214
x-fb-debug: YoWaWQghhEsZWcGefgCjSN1K80tdcB3IANXmRDzgZEYoPsgAiHyckL8A907NGKTsT6sGF0mwRbmo1XKj4s/rMA==
x-fb-content-md5: ca23493aac0da997d4db02282ae21bed
cross-origin-opener-policy: same-origin-allow-popups
etag: "91271656b068184161cdbf0d9381678a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 05 Aug 2024 19:40:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
74 KB 51ms
48ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B41L423S6L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11131269-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

991897ec1a2534e95755be260bdeea1f20e290c7740fc1cb08cbcd76d82d6f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76134
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 06 Aug 2023 21:30:25 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 356 B
701 B 156ms
146ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=10241118&u1=E862F7665E774F18DEBA6570EB0D7C8D&java=1&security=08b3b12a&sc_snum=1&sess=TEST&sc_rum_e_s=612&sc_rum_e_e=622&sc_rum_f_s=0&sc_rum_f_e=480&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//ldiena.lt/&t=LDiena.lt%20%C5%BDinios&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e24f0966b67b9fa4c1d0f24d6ea96c9b07f65bcd29101ea283316549a2676e8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://ldiena.lt
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 7f2a61870f48d6ae-CDG
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 52ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29a3026ef5317f7817c03732d8a39565b42ba8dbc731450565bc5d2eb65d081b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:25 GMT
content-md5: xDQYbfD8YWyY6qp/K3DiQQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: Aqm9imupqWUx/lkyAjz9IIRg008oeWZxxu7AjaSQ+cLNOCQ1KKw3SkubsbntTyRvAVLjNpFD9JBUdMWMxMZ/VQ==
x-fb-content-md5: 6ca83293b5560ccc8c65c31289eb58e6
cross-origin-opener-policy: same-origin-allow-popups
etag: "28f916e650cc7e46447e8e0d2092c43b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 06 Aug 2023 21:32:50 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 104ms
18ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FB1) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 21:30:25 GMT
Content-Encoding: gzip
Age: 1346
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (pab/6FB1)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ 371 KB
125 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1942844261147734&plah=ldiena.lt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d12f4f5cc39b7a851228492557b83c0a470b8bb96d3f55750c4163b4d4309d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128126
x-xss-protection: 0
server: cafe
etag: 16273490997931741144
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/ Frame 4429 10 KB
5 KB 42ms
27ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 10558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 18:34:27 GMT
etag: 12368291122986407432
expires: Sun, 20 Aug 2023 18:34:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 88ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=538838000066851&ev=fb_page_view&dl=https%3A%2F%2Fldiena.lt%2F&rl=&if=false&ts=1691357425883&sw=1600&sh=1200&at=

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 06 Aug 2023 21:30:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 89ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=538838000066851&ev=fb_page_view&dl=https%3A%2F%2Fldiena.lt%2F&rl=&if=false&ts=1691357425884&sw=1600&sh=1200&at=

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 06 Aug 2023 21:30:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 group.php Show response
www.facebook.com/v4.0/plugins/ Frame 409D 40 KB
14 KB 234ms
233ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2257426144babc%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=376&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6f43dc5cf941e8d447d49bb59e9a34f1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fc842b253bc1e27239eff8010e53eabf09fb275ae94eea24e12c21dbb49b68c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Sun, 06 Aug 2023 21:30:26 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v11.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: dG46XElXTcRix6++BnWOdEzhroMD6+6YjGtSfpoESHMlZl08Mm5CEUGyGQZKwcIjqdJYj1cHAEt5xfKKRq0DtQ==
x-xss-protection: 0

GET
H2

200

/
www.facebook.com/login/ Frame 8D56
Redirect Chain

https://www.facebook.com/v4.0/plugins/page.php?adapt_container_width=true&app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df294...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D538838000066851%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

189ms
188ms

Document
text/html

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D538838000066851%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df29472b448b0b4%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff27d2f1b14abb1%2526relation%253Dparent.parent%26container_width%3D370%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6f43dc5cf941e8d447d49bb59e9a34f1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Aug 2023 21:30:26 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ekUFiyXVJ7ynlgE7qPHrzHnarrNIaPBdhbLnGuYQDyofPwjJZqrdx78LT5CXUeOc7Eq8Pr6kJqf/IAhlexdxEQ==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:26 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v11.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D538838000066851%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df29472b448b0b4%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff27d2f1b14abb1%2526relation%253Dparent.parent%26container_width%3D370%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: OFZLrlj/08GP3CUIr0lsF2bmgEwR1NWGM36ofO5rGc2B+3DQOFIRaHYG9+eV27OYTrTpiV/XYz8sszOLJDL1FA==
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5025f312f21469ace9e674723495440a3b01e4a2881dc54a3c081737fcd032d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 168 KB
59 KB 182ms
182ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf386255911078ae2c99dc3b095b1684c9ebce7cc6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

54de913295caddd62057113241fd1869e9eed6c21dee5a01d3881446888d8f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 03 Aug 2023 07:54:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64cb3322-eb7b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 60283
expires: Sun, 06 Aug 2023 22:30:26 GMT

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 69 B
843 B 58ms
58ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_169135742601441
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf386255911078ae2c99dc3b095b1684c9ebce7cc6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8e68adadbe29431374f400a49aacef939d00c2e08bcb60cc2e5089b6265e360d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 21:30:26 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Wed, 19 Jul 2023 17:32:58 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 79ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B41L423S6L&gtm=45je3820&_p=1293457872&cid=653081757.1691357426&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1691357426&sct=1&seg=0&dl=https%3A%2F%2Fldiena.lt%2F&dt=LDiena.lt%20%C5%BDinios&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B41L423S6L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ldiena.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
216 B 32ms
31ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1293457872&t=pageview&_s=1&dl=https%3A%2F%2Fldiena.lt%2F&ul=en-us&de=UTF-8&dt=LDiena.lt%20%C5%BDinios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=392307855&gjid=476929070&cid=653081757.1691357426&tid=UA-57355035-1&_gid=321989847.1691357426&_r=1&_slc=1&z=1714476920

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9baec4686ba1b31781d7d2aa19c900b9cea210b7a14ab41b35bede7c66f8851a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ldiena.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 32ms
32ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1293457872&t=pageview&_s=1&dl=https%3A%2F%2Fldiena.lt%2F&ul=en-us&de=UTF-8&dt=LDiena.lt%20%C5%BDinios&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1390376010&gjid=14288811&cid=653081757.1691357426&tid=UA-11131269-2&_gid=321989847.1691357426&_r=1&gtm=457e3820&jsscut=1&z=1228299329

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ldiena.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 69C6 320 KB
104 KB 19ms
19ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fldiena.lt
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FA6) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 310448
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Sun, 06 Aug 2023 21:30:26 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (pab/6FA6)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embed_lib_v1.0.11.css
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 4 KB
2 KB 27ms
26ms Stylesheet
text/css 23.48.23.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.css
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-143.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: e586e16
date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: zJ2Nyh55L+w+3gi0qlc5pw==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a23-48-22-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=6
content-length: 1200
x-tos-request-id: c80d2b7781c5d7563b7781c-af5401d
x-tos-response-time: Fri, 06 Jan 2023 01:23:40 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 20230107061032FCAFA6E2D2EF8DF08B9E
etag: CP6J0dbkkPsCEAE=
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=1567212
access-control-allow-credentials: false
x-tt-trace-host: 01594559d62bd879d677ada348aa64fc43c24b220477d22236e1c4a58f8f84d70a5d31cd967b9c88ada99120b212aca227f3c1281cfd94501acbf6942f8b01fd171d6c78841c1adea7a2cb4a6ddf788ab88b8bfcad8d2a75395769b8311f383c12cc8a5c39a127789d2406983f5186e5cd6b416d5fe11d2a5c41ec314855bdb067
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 embed_lib_v1.0.11.js Show response
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 15 KB
6 KB 26ms
26ms Script
application/javascript 23.48.23.143
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.143 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-143.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: e586e17
date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
gzip-server: KFC
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: 6f9KK8Y3c/2Yh2WZTLuA2Q==
x-check-cacheable: YES
x-cache: TCP_MEM_HIT from a23-48-22-143.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 5147
x-tos-request-id: 5015e4c03a65172563c03a65-af54412
x-tos-response-time: Thu, 12 Jan 2023 16:50:45 GMT
last-modified: Thu, 03 Nov 2022 00:46:48 GMT
server: nginx
x-tt-logid: 2023011313295432AB13B660278BF688A8
etag: CNX5z9bkkPsCEAE=
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=1873400
access-control-allow-credentials: false
x-tt-trace-host: 016bbbde7ba25c584111056193f8c6017b3d2308526089f6e155025cf27f53c6229a7a1bcf8983572cd5a06f828ab0641bf253be0ac38b79c39fc3b27164b874fc3c3d34fc789eafbe8eb893c83f3774c46a138bd3629f3b6806dc2c8e4e00a13c4cf4528ad095eb966ec05618f59f0522f404b1e0de88ee311ba3b530232b7d9d
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
600 B 107ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ldiena.lt&callback=_gfp_s_&client=ca-pub-1942844261147734

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1942844261147734&plah=ldiena.lt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87e4d4e8eee10572b621bb8536367909f45b178b2d67ff73c66f2bddc3d68a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8527 619 KB
103 KB 1133ms
1132ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&adk=1812271804&adf=3025194257&lmt=1691357426&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fldiena.lt%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425797&bpp=8&bdt=408&idt=283&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5387892940746&frm=20&pv=2&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9b633067350cbb286ebb09f863626effffbcc9be7c5dfae66b33a845116951a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 105539
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
expires: Sun, 06 Aug 2023 21:30:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0H5YV1RPSL&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11f57321918c52959cd47dfbc8a1adb476c69b428f64064e77d7f754ca421c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79776
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 06 Aug 2023 21:30:26 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B870 133 KB
41 KB 878ms
877ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=280&slotname=8060429809&adk=3505500867&adf=449793871&pi=t.ma~as.8060429809&w=1150&fwrn=4&fwrnh=100&lmt=1691357426&rafmt=12&format=1150x280&url=https%3A%2F%2Fldiena.lt%2F&ea=0&fwr=0&fwrattr=true&rh=280&rw=1150&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425805&bpp=2&bdt=416&idt=348&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=354

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

922ff506140a126dd19c8682f07013179dcec55b44ccad605dc205665e2717ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41694
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
expires: Sun, 06 Aug 2023 21:30:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
341 B 82ms
22ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-11131269-2&cid=653081757.1691357426&jid=1390376010&gjid=14288811&_gid=321989847.1691357426&_u=YADAAUABAAAAACAAI~&z=791773946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Aug 2023 21:30:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ldiena.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A7D 116 KB
40 KB 714ms
712ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425807&bpp=2&bdt=418&idt=381&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=387

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8a1a21276c1ae304f0214d509fa2795e466d9779148a3171be0f2e531d69656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40558
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:26 GMT
expires: Sun, 06 Aug 2023 21:30:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 69C6 869 B
657 B 166ms
111ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2f0e02cd06e8d9cbe541d9c5825675f4712c5fbb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fldiena.lt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time: 89
date: Sun, 06 Aug 2023 21:30:25 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sun, 06 Aug 2023 21:30:26 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 39ed4e7e92cc1bb0
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 534681f06b269752774190e2232b2017aa4c0d1ce605e72ca0742a67cdd78b88
content-length: 337

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3F5 116 KB
40 KB 763ms
763ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61363f1bed751d9a3278fb39e2fbeafa6f9d80d1fdd5688c246662f5d19b8aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40697
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:26 GMT
expires: Sun, 06 Aug 2023 21:30:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 oIIIwN5M55x.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ Frame 409D 25 KB
7 KB 27ms
24ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/oIIIwN5M55x.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2257426144babc%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=376&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab5c1098b94f23c5e8944f0875504f4d5d9a73eeb3ae8a5ca8b7fd46b6233285

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DEMBTGgkxcJVQBVv0iyZsQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6435
x-fb-debug: o/e40KjOs0cn1SmH+2Zl7qrse6O63wkdWFgFicOHbOp3lEnMnfW7aXwxjR7tJ7UpdDQtzrOxvYIRFbYa9RU7jA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 05 Aug 2024 16:18:56 GMT

GET
H2 200 chHmhcRIODF.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame 409D 4 KB
1 KB 27ms
25ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/chHmhcRIODF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b11312efbc28046e8edf002308146d238246db13ad6754f1b12b67e718e89d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Va0NXnD8ttgLjDkZm4X1xw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1215
x-fb-debug: ixsCd9sR4mU8MfNfRkSup7M+Qn6qDNp4wmht9ZOB+O6f3vktLJjFyVPkAinRNm9Le/JmS6BJZRR+KTvqhTqaHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 05 Aug 2024 16:26:38 GMT

GET
H2 200 HqXTgPxmRFM.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 409D 23 KB
6 KB 27ms
25ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/HqXTgPxmRFM.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0e151ebfe661d8b84a6f8584c3b8bdc858fed0af7672e0abf0c401e956e1b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: D3Jps7qLyFhkv+gHopaINg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5669
x-fb-debug: bPpEzhyz9MnORBGTUajEPPa3owFiUrx7kR2VtLMgpwquJ22wp2uMZGMM+3OGgk8hoMmkYE5pNUtx99gs7G/nMQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 05 Aug 2024 16:20:22 GMT

GET
H2 200 CNJWJb-rOZz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 409D 307 KB
82 KB 40ms
38ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/CNJWJb-rOZz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893752c8713ba6eee5b13fd785172edcf59eccb406d9c7f808ed374e1264a563

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: IB5qNABWxRIwsFYoaU6bRA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83460
x-fb-debug: QeBBIFwQVlBG+KVt+/gg1kW7i/yW817u124SKUtETnFLrhDXBbuBcbdVraFdC/TF8P1QVAxXG9jdd9JPqq4qMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 01 Aug 2024 00:01:11 GMT

GET
H2 200 fVkPju_sHv_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 409D 6 KB
2 KB 27ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/fVkPju_sHv_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d00ec75128d95246cc9f3018a378cce3c08381ccac54b72bdeeba28ade95ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vMEXTCReXNwazfvo07O3Uw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1755
x-fb-debug: tuPpMOvYIH7eWvglwr9DcgDTwEcxPofexfV21zwaa+kCc1Co5TvHy4RDhQK5/vLe4se/eCxjd405Ih5RjgDmeA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 01 Aug 2024 20:18:54 GMT

GET
H2 200 e2QXQ-W4nFm.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 409D 115 KB
33 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/e2QXQ-W4nFm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed3feedd3817486bdb2d8db80af4d1c788038564e3e544f80d49845fd917bfc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HSEV+svbMVDxCWu0E9KSFg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33412
x-fb-debug: Ib0H+fwBEylryZhU6SWGRKlIxIZjG2jp0/mANLRIj4jMMyMNtYLGlWHO6srcJXMOKsd1QCAyvQbZXaJDBpmm+g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:49:16 GMT

GET
H2 200 2y2CLTuyMDl.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 409D 2 KB
958 B 27ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/2y2CLTuyMDl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0eb985dec68adbbd8a8e5410806ceb817a23fd3e7d9a461c7691e085318dc986

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: c23r//2fX1THYuhRu74YhQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 766
x-fb-debug: Bfvtmyw0vbv23axDeykDSbWD4YbVsYJJJgtZLnchkgWZp9to7DVVz513XBaZ1T6jIl3G4JHn9A9q2KzZLkNYQQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 26 Jul 2024 18:25:13 GMT

GET
H2 200 64396626_110457996892326_8561687657246097408_n.jpg
scontent-lhr8-1.xx.fbcdn.net/v/t1.6435-9/ Frame 409D 13 KB
13 KB 67ms
23ms Image
image/jpeg 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-1.xx.fbcdn.net/v/t1.6435-9/64396626_110457996892326_8561687657246097408_n.jpg?stp=dst-jpg_p261x260&_nc_cat=107&ccb=1-7&_nc_sid=ac9ee4&_nc_ohc=9-unCtZSD_QAX-KBdrK&_nc_ht=scontent-lhr8-1.xx&edm=ADbjupsEAAAA&oh=00_AfC9Gj97g2NRByMVVkJhn6UlRIZY0d6XckxyzP3nLYFyHA&oe=64F773EA
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2257426144babc%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=376&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: bc81ef5f7ed1554029bd7db53f641f510de4ebc6486ebd73821baf7084caf7f5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-haystack-needlechecksum: 776711813
date: Sun, 06 Aug 2023 21:30:26 GMT
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 15 Jun 2019 14:27:30 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3654648221
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1877574305
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13308

GET
H3 200 huUKVraSeRU.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 409D 221 B
354 B 22ms
22ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/huUKVraSeRU.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef018cca916a53ab3f8b018a7abe7eef2199231c4354b4978874174a139e0748

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
x-content-type-options: nosniff
content-md5: FNy2AcQQ6Gl3ai7wI8ljBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 221
x-fb-debug: Gy1LA8eAzd75b0TupwNa3xsDCxWt/wvBm1KWZVFOJwdcsgzpXcvp2f/HPNjzaRGTtjpZMvQ99tnZBhNtI9kYVw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 04 Aug 2024 05:37:36 GMT

GET
H2 200 @ragelskis.laurynas Show response
www.tiktok.com/embed/ Frame CB2D 111 KB
20 KB 690ms
690ms Document
text/html 2.21.20.151
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Requested by: Host: lf16-tiktok-web.ttwstatic.com
URL: https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-151.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ea46b3a13262366e0f4a5afc21872139bcb36d62b293337b801f776b7bf40c55

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 06 Aug 2023 21:30:27 GMT
expires: Sun, 06 Aug 2023 21:30:27 GMT
pragma: no-cache
server: nginx
server-timing: inner; dur=568 cdn-cache; desc=MISS, edge; dur=1, origin; dur=657
x-akamai-request-id: 8d081259
x-cache: TCP_MISS from a23-206-213-23.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-origin-response-time: 658,23.206.213.23
x-tt-logid: 202308062130252D7E28BAA9F0A7877E24
x-tt-trace-host: 01f0438ee55b2de7a90593cf520df7fd13eed4696ad46a50424322a8769abbf3c218e5d40827b919550cccf8fc529dc878996f756a9cdcc94e3c654ec4d656967eb15f6494fd94f2cad7a1f9084ced1b73a57ed4188c0327d57f382c99dc11b0c5
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 83BF 116 KB
40 KB 658ms
658ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43f95a81b685143519c9aee4964e776038f87c97a03c6adf1eb8daa48d392678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40462
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:26 GMT
expires: Sun, 06 Aug 2023 21:30:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
114 B 61ms
61ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 03 Aug 2023 07:54:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64cb3322-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 06 Aug 2023 22:30:26 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/55595281/
Redirect Chain

https://mc.yandex.ru/watch/55595281?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A477%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.ru/watch/55595281/1?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A477%3Afu%3A0%3Aen%3Autf-8%3A...

482 B
518 B

67ms
65ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/55595281/1?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A477%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A814690505249%3Ahid%3A736256544%3Az%3A0%3Ai%3A20230806213026%3Aet%3A1691357426%3Ac%3A1%3Arn%3A63686618%3Arqn%3A1%3Au%3A1691357426208157105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C38%2C67%2C17%2C156%2C0%2C%2C550%2C9%2C%2C%2C%2C828%3Aco%3A0%3Acpf%3A1%3Ans%3A1691357425124%3Arqnl%3A1%3Ast%3A1691357426%3At%3ALDiena.lt%20%C5%BDinios&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d0b6c9e4702375367fa252a6c7da584984962bcabe2c87419ecd96486fb59a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 06-Aug-2023 21:30:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 482
x-xss-protection: 1; mode=block
expires: Sun, 06-Aug-2023 21:30:26 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 06-Aug-2023 21:30:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/55595281/1?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A477%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A814690505249%3Ahid%3A736256544%3Az%3A0%3Ai%3A20230806213026%3Aet%3A1691357426%3Ac%3A1%3Arn%3A63686618%3Arqn%3A1%3Au%3A1691357426208157105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C38%2C67%2C17%2C156%2C0%2C%2C550%2C9%2C%2C%2C%2C828%3Aco%3A0%3Acpf%3A1%3Ans%3A1691357425124%3Arqnl%3A1%3Ast%3A1691357426%3At%3ALDiena.lt%20%C5%BDinios&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 06-Aug-2023 21:30:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 23ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0H5YV1RPSL&gtm=45je3820&_p=1293457872&ul=en-us&sr=1600x1200&cid=653081757.1691357426&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fldiena.lt%2F&dt=LDiena.lt%20%C5%BDinios&sid=1691357426&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0H5YV1RPSL&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ldiena.lt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 23414332 Show response
mc.yandex.ru/watch/ 435 B
631 B 65ms
64ms Fetch
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332?wmode=7&page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhcq9eu02an%3Afp%3A477%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A2%3Adp%3A0%3Als%3A1020040336279%3Ahid%3A736256544%3Az%3A0%3Ai%3A20230806213026%3Aet%3A1691357426%3Ac%3A1%3Arn%3A1060040642%3Arqn%3A1%3Au%3A1691357426208157105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C38%2C67%2C17%2C156%2C0%2C%2C550%2C9%2C%2C%2C%2C828%3Aco%3A0%3Acpf%3A1%3Ans%3A1691357425124%3Arqnl%3A1%3Ast%3A1691357426%3At%3ALDiena.lt%20%C5%BDinios&t=gdpr(14)clc(0-0-0)rqnt(1)lt(12700)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c14079b517bdae818033910d0fe9786523945fb34c9d9e57ff588bb9641824c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 06-Aug-2023 21:30:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sun, 06-Aug-2023 21:30:26 GMT

GET
H3 200 y2It1Jv-7us.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/ym/l/en_US/ Frame 409D 108 KB
31 KB 24ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/ym/l/en_US/y2It1Jv-7us.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/CNJWJb-rOZz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a0ffeccfec93487da459595e3988e1569115b7f06133264cdd7621fc1f90e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oTJTjS+4X1iT94txk+oRrA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31726
x-fb-debug: SNjC08l94Hq0DJNCizO3r18QwyM+tYXcUED27jn8avbVE2ZJDG2AgQ879cqCpS4moLybNAADpHOZ4Wqp5O6G0w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sun, 04 Aug 2024 02:40:43 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E5FC 93 KB
36 KB 762ms
762ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2f9430fbbc6b60e71292d12311af614fc2a197fb14a281f96c1299aebfd6642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36375
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
expires: Sun, 06 Aug 2023 21:30:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A2ED 90 KB
35 KB 713ms
712ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=4203825702&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=687&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=4&fsb=1&dtd=691

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2046833c0631f7937be9e10891ef57ac5e3012128c57a77e8f71186c6793f448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35428
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
expires: Sun, 06 Aug 2023 21:30:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4821 436 B
236 B 674ms
674ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=2029996184&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425817&bpp=1&bdt=428&idt=692&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=3450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=5&fsb=1&dtd=695

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbc9d7e00875004c5643cebabf4d96f1e83507d3a0eb87946bc911b29f3ba3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
expires: Sun, 06 Aug 2023 21:30:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6820 436 B
236 B 533ms
532ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=1190019031&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425817&bpp=1&bdt=428&idt=699&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=4476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=15&uci=a!f&btvi=6&fsb=1&dtd=702

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8bd9481730c6dd787ad7ac7886b7cb74113c38d1e3de93bb6203dcc7e288fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
expires: Sun, 06 Aug 2023 21:30:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 group.php Show response
www.facebook.com/v4.0/plugins/ Frame 8C38 40 KB
14 KB 192ms
192ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6f43dc5cf941e8d447d49bb59e9a34f1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1d3d112967cc405d05ab9315817830f2623af64402bf1361e6dc7fa6d25e954

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Sun, 06 Aug 2023 21:30:26 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v11.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: gPzMjqPQK5nV6xZa0UB/IhIud+aq0J3wkaSsdbMnjEZSv7tz1Dn+hNyAjuox/ZYL3BCWhHSyPsOk7QW2BBxwGQ==
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame 7DEC
Redirect Chain

https://www.facebook.com/v4.0/plugins/page.php?adapt_container_width=true&app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df83d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D538838000066851%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

218ms
218ms

Document
text/html

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D538838000066851%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df83d5b673fb944%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff27d2f1b14abb1%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6f43dc5cf941e8d447d49bb59e9a34f1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Aug 2023 21:30:26 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: A+R9nZSBYuGqGwAxt7ydUmCBvnv7RxtvbmnOlFGiv2gUtT9mGijxobDmdxWCwzDgRYmVAPlwgOGMbLfUJrm8rQ==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:26 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v11.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D538838000066851%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df83d5b673fb944%2526domain%253Dldiena.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fldiena.lt%25252Ff27d2f1b14abb1%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FLDienaNaujienos%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%26width
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
priority: u=0,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: oGfPFiVU+8Y7ibZmKFqa/FsQl4gausbthdzK4Am99GO3bOhvCOPyFAvphPWCS3pL6gIhjCd0qL4PpDi67dZ/8w==
x-xss-protection: 0

GET
H3 200 oIIIwN5M55x.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ Frame 8C38 25 KB
6 KB 25ms
24ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/oIIIwN5M55x.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab5c1098b94f23c5e8944f0875504f4d5d9a73eeb3ae8a5ca8b7fd46b6233285

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DEMBTGgkxcJVQBVv0iyZsQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6435
x-fb-debug: o/e40KjOs0cn1SmH+2Zl7qrse6O63wkdWFgFicOHbOp3lEnMnfW7aXwxjR7tJ7UpdDQtzrOxvYIRFbYa9RU7jA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 1
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Mon, 05 Aug 2024 16:18:56 GMT

GET
H3 200 chHmhcRIODF.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame 8C38 4 KB
1 KB 26ms
25ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/chHmhcRIODF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b11312efbc28046e8edf002308146d238246db13ad6754f1b12b67e718e89d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Va0NXnD8ttgLjDkZm4X1xw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1215
x-fb-debug: ixsCd9sR4mU8MfNfRkSup7M+Qn6qDNp4wmht9ZOB+O6f3vktLJjFyVPkAinRNm9Le/JmS6BJZRR+KTvqhTqaHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Mon, 05 Aug 2024 16:26:38 GMT

GET
H3 200 HqXTgPxmRFM.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 8C38 23 KB
6 KB 27ms
25ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/HqXTgPxmRFM.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0e151ebfe661d8b84a6f8584c3b8bdc858fed0af7672e0abf0c401e956e1b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: D3Jps7qLyFhkv+gHopaINg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5669
x-fb-debug: bPpEzhyz9MnORBGTUajEPPa3owFiUrx7kR2VtLMgpwquJ22wp2uMZGMM+3OGgk8hoMmkYE5pNUtx99gs7G/nMQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Mon, 05 Aug 2024 16:20:22 GMT

GET
H3 200 CNJWJb-rOZz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 8C38 307 KB
82 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/CNJWJb-rOZz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893752c8713ba6eee5b13fd785172edcf59eccb406d9c7f808ed374e1264a563

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: IB5qNABWxRIwsFYoaU6bRA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83460
x-fb-debug: QeBBIFwQVlBG+KVt+/gg1kW7i/yW817u124SKUtETnFLrhDXBbuBcbdVraFdC/TF8P1QVAxXG9jdd9JPqq4qMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Thu, 01 Aug 2024 00:01:11 GMT

GET
H3 200 fVkPju_sHv_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 8C38 6 KB
2 KB 51ms
50ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/fVkPju_sHv_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d00ec75128d95246cc9f3018a378cce3c08381ccac54b72bdeeba28ade95ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vMEXTCReXNwazfvo07O3Uw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1755
x-fb-debug: tuPpMOvYIH7eWvglwr9DcgDTwEcxPofexfV21zwaa+kCc1Co5TvHy4RDhQK5/vLe4se/eCxjd405Ih5RjgDmeA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Thu, 01 Aug 2024 20:18:54 GMT

GET
H3 200 e2QXQ-W4nFm.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 8C38 115 KB
33 KB 50ms
49ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/e2QXQ-W4nFm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed3feedd3817486bdb2d8db80af4d1c788038564e3e544f80d49845fd917bfc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HSEV+svbMVDxCWu0E9KSFg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33412
x-fb-debug: Ib0H+fwBEylryZhU6SWGRKlIxIZjG2jp0/mANLRIj4jMMyMNtYLGlWHO6srcJXMOKsd1QCAyvQbZXaJDBpmm+g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 03 Aug 2024 05:49:16 GMT

GET
H3 200 2y2CLTuyMDl.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 8C38 2 KB
903 B 54ms
53ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/2y2CLTuyMDl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0eb985dec68adbbd8a8e5410806ceb817a23fd3e7d9a461c7691e085318dc986

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: c23r//2fX1THYuhRu74YhQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 766
x-fb-debug: Bfvtmyw0vbv23axDeykDSbWD4YbVsYJJJgtZLnchkgWZp9to7DVVz513XBaZ1T6jIl3G4JHn9A9q2KzZLkNYQQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Fri, 26 Jul 2024 18:25:13 GMT

GET
H2 200 64396626_110457996892326_8561687657246097408_n.jpg
scontent-lhr8-1.xx.fbcdn.net/v/t1.6435-9/ Frame 8C38 8 KB
8 KB 22ms
22ms Image
image/jpeg 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-1.xx.fbcdn.net/v/t1.6435-9/64396626_110457996892326_8561687657246097408_n.jpg?stp=dst-jpg_s280x280&_nc_cat=107&ccb=1-7&_nc_sid=ac9ee4&_nc_ohc=9-unCtZSD_QAX-KBdrK&_nc_ht=scontent-lhr8-1.xx&edm=ADbjupsEAAAA&oh=00_AfDIMB_f_Ops7A8SSoytseOMriOjl50AhvrlKw4yq8kYsg&oe=64F773EA
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 621eb31a042dfdb94709e28253cb109564e6903868f685c1604e58a38b14d77d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-haystack-needlechecksum: 776711813
date: Sun, 06 Aug 2023 21:30:26 GMT
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Sat, 15 Jun 2019 14:27:30 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1475388385
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1877574305
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 7704

GET
H3 200 huUKVraSeRU.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 8C38 221 B
354 B 22ms
22ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/huUKVraSeRU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v4.0/plugins/group.php?app_id=538838000066851&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c25e84b35c7e8%26domain%3Dldiena.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fldiena.lt%252Ff27d2f1b14abb1%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fgroups%2F549847308544691%2F&locale=en_US&sdk=joey&show_metadata=true&show_social_context=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef018cca916a53ab3f8b018a7abe7eef2199231c4354b4978874174a139e0748

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
x-content-type-options: nosniff
content-md5: FNy2AcQQ6Gl3ai7wI8ljBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 221
x-fb-debug: Gy1LA8eAzd75b0TupwNa3xsDCxWt/wvBm1KWZVFOJwdcsgzpXcvp2f/HPNjzaRGTtjpZMvQ99tnZBhNtI9kYVw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 04 Aug 2024 05:37:36 GMT

GET
H3 200 y2It1Jv-7us.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/ym/l/en_US/ Frame 8C38 108 KB
31 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/ym/l/en_US/y2It1Jv-7us.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/CNJWJb-rOZz.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a0ffeccfec93487da459595e3988e1569115b7f06133264cdd7621fc1f90e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oTJTjS+4X1iT94txk+oRrA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31726
x-fb-debug: SNjC08l94Hq0DJNCizO3r18QwyM+tYXcUED27jn8avbVE2ZJDG2AgQ879cqCpS4moLybNAADpHOZ4Wqp5O6G0w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sun, 04 Aug 2024 02:40:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7A7D 2 KB
979 B 92ms
34ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&lang=lt

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425807&bpp=2&bdt=418&idt=381&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=387

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 21:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 21:30:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 21:30:26 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 7A7D 34 KB
14 KB 89ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d12f6ba940afef24b1faaf0edef1e6e6c759bee5f97c2668148717cb3099a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13556
x-xss-protection: 0
server: cafe
etag: 16507747689045966677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 14:01:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A7D 179 KB
57 KB 117ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5440839616704483127/ Frame 7A7D 93 KB
93 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5440839616704483127/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b3c20ca0e654efd9729a299e9b4cb6b691e9aa25baf297546b4a4dcddbf05ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 06:21:58 GMT
x-content-type-options: nosniff
age: 54509
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94774
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 18:37:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Aug 2024 06:21:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 7A7D 23 KB
9 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 7A7D 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 7A7D 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 83BF 2 KB
666 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&lang=lt

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 21:30:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 83BF 34 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d12f6ba940afef24b1faaf0edef1e6e6c759bee5f97c2668148717cb3099a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13556
x-xss-protection: 0
server: cafe
etag: 16507747689045966677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 14:01:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83BF 179 KB
56 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5440839616704483127/ Frame 83BF 93 KB
93 KB 34ms
33ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5440839616704483127/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b3c20ca0e654efd9729a299e9b4cb6b691e9aa25baf297546b4a4dcddbf05ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 06:21:58 GMT
x-content-type-options: nosniff
age: 54509
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94774
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 18:37:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Aug 2024 06:21:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 83BF 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 83BF 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 83BF 20 KB
8 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D3F5 2 KB
620 B 42ms
34ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&lang=lt

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 21:30:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame D3F5 34 KB
13 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d12f6ba940afef24b1faaf0edef1e6e6c759bee5f97c2668148717cb3099a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13556
x-xss-protection: 0
server: cafe
etag: 16507747689045966677
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 14:01:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3F5 179 KB
56 KB 74ms
66ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5440839616704483127/ Frame D3F5 93 KB
93 KB 44ms
40ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5440839616704483127/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b3c20ca0e654efd9729a299e9b4cb6b691e9aa25baf297546b4a4dcddbf05ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 06:21:58 GMT
x-content-type-options: nosniff
age: 54509
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94774
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 18:37:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Aug 2024 06:21:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame D3F5 23 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame D3F5 3 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame D3F5 20 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H2 200 index.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/ Frame CB2D 53 KB
16 KB 130ms
29ms Script
application/javascript 23.48.23.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 21017fd31582e3295c114a03a3ae2aeb3d8608ceff8ccc4f44ffb81cfe9fdc0d

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 588919d
date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: McCDPxxiZAyb7byiG67FxA==
x-cache: TCP_MEM_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 15384
last-modified: Wed, 02 Aug 2023 03:34:28 GMT
opc-request-id: iad-1:iucYXs7izdSHGo5r5XvkgDMOeVg7Bu55HphZG0MI7wzkiq5VDb-9KujtSbE1AyaK
x-api-id: native
etag: 4b95ab93-61d9-4545-9689-3d6f7e243127
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 6233dd0b-dc84-4b70-9784-6013b0a4243f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:27 GMT

GET
H2 200 webmssdk.js Show response
sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/ Frame CB2D 619 KB
185 KB 115ms
25ms Script
application/javascript 193.108.153.23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-23.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 1036a5c8
date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: z6lb4ggvjhvby2nY7JSVRA==
x-cache: TCP_MEM_HIT from a23-54-206-23.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 3,23.192.44.214
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=210
content-length: 188901
x-tos-request-id: ea484068ccaa9a3e6368ccaa-abf3427
x-tos-response-time: Mon, 07 Nov 2022 09:15:22 GMT
last-modified: Mon, 07 Nov 2022 03:53:53 GMT
server: nginx
etag: "CLn13/mVm/sCEAE="
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2385595
x-origin-response-time: 223,23.192.44.230
access-control-allow-credentials: false
x-tt-trace-host: 011785d5f7af4a77e70353a0133ed909f20b10df25d40b451d7edab5fd25af910546bb1c7a28716e084aa1df3cc437c0130e9cc8468308b73200769dffa3aab5436de8e65ca025bfeb1ea64dbf668061e2bd73e97124ff0244e31b5c6871b8e1c1712f87b3ece92e19c759d7bbb2cad911
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tiktok-embed.module.6809f8f65ab9d683e231.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame CB2D 2 MB
544 KB 128ms
28ms Script
application/javascript 23.48.23.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.6809f8f65ab9d683e231.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8af933fdf42135c925a47d28b49268943fcc2c6206494a5900ced9c84d2b77f8

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 5889191
date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: vQZ+zYrkXYj6FOFQFXbWEg==
x-cache: TCP_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 556279
last-modified: Thu, 20 Jul 2023 03:27:35 GMT
opc-request-id: iad-1:8dV_h5jqH61ArYhrUYVEQBsM9aY0lRYYWUaOe_ysR-2MJTFvah53DcPqwM4hafd_
x-api-id: native
etag: 49d61d55-f963-4dde-bd07-29999efeb836
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: a452b050-103f-4aa1-be5d-f1a20052614b
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
x-origin-response-time: 372,23.193.181.30
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:27 GMT

GET
H2 200 playlistCard.module.6908b24ff3649af3fe62.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/ Frame CB2D 42 KB
13 KB 182ms
81ms Script
application/javascript 23.48.23.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/playlistCard.module.6908b24ff3649af3fe62.js
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9ac824d8a7465d767efed78031874c1c7e5d0a4f73dc01c69b26be387b9ae095

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 5889192
date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: ac+/2+rgzyirMa4ZAK9oWQ==
x-cache: TCP_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=5
storage-tier: Standard
content-length: 12621
last-modified: Thu, 20 Jul 2023 03:27:35 GMT
opc-request-id: iad-1:zWlskzfjzg8LSpXaADp3ldPUAubEIvRC_8gXY8nJZorogzu0ueDvmW5-5G6QmNHf
x-api-id: native
etag: 9c327600-c957-4502-a9ec-6bd0a7d2ab4c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 98282d5d-7e9a-4855-b2b4-6ee3226c1ac2
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:27 GMT

GET
H2 200 41a6095ac4b787c303adc824671a243d~c5_100x100.jpeg
p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/ Frame CB2D 2 KB
3 KB 112ms
40ms Image
image/jpeg 23.48.23.159
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-va.tiktokcdn.com/tos-maliva-avt-0068/41a6095ac4b787c303adc824671a243d~c5_100x100.jpeg?x-expires=1691528400&x-signature=tK9v6iKsZV%2FAw8I7eWJRgLRkL8k%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.159 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-159.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: bdb038f2eb6f08289b4c9995e3385f0ea0aab76e376c1779dfea421f07537538

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 55a888e.59d8d73
date: Sun, 06 Aug 2023 21:30:27 GMT
x-crop-loc: (0,0)-(719,719)
x-check-cacheable: YES
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
nw-session-id: 20230617112141AF959E05549E7FF7826Aw89zc21tt
x-powered-by: ImageX
x-cache: TCP_MISS from a23-48-22-159.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 3,23.201.44.202, 107,23.54.207.28, 13,23.48.22.159
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 971653
server-timing: cdn-cache; desc=MISS, edge; dur=13, origin; dur=0, inner; dur=108
x-length: 2385
content-length: 2385
last-modified: Sat, 17 Jun 2023 11:21:42 GMT
server: nginx
x-tt-logid: 20230617112141AF959E05549E7FF7826A
x-response-date: Sat, 17 Jun 2023 11:21:42 GMT
x-cache-remote: TCP_HIT from a23-48-22-165.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-imagex-extra: {"algo.succ":"crop","enc":{"adapt_v":0,"h":100,"nq":75,"q":75,"qp":0,"w":100}}
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-06-17T11:21:42.748983219Z 104
cache-control: max-age=29787665
x-tt-trace-host: 01d762d8dd42ef37f854cabd2ba8ea7ca8a45317ddb4d3417d3741a65fc0bd3b827ec071f4b5dea4086b53417f15795433c0646b7a5093ef4808e2d3608451f4808d798e2c5d802ef2cb847d949f8805e8c292a6f2acc8d0cac93c335e7c1db79b9f86724ca2eccd2faae5ac3dc6169fe9
imagex-fmt: jpeg2jpeg
timing-allow-origin: *

GET
H2 200 playButton-e9bf7461aa077c84a9b77816c47dc3c4.png
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame CB2D 477 B
1 KB 101ms
28ms Image
image/png 23.48.23.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/playButton-e9bf7461aa077c84a9b77816c47dc3c4.png
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 13eafced6e4d89ca730683b212509d3efb57c6a8b75503cb02b66fe3352ce370

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 5889520
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 6b90YaoHfISpt3gWxH3DxA==
x-cache: TCP_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 477
last-modified: Thu, 20 Jul 2023 03:27:35 GMT
opc-request-id: iad-1:AKhvIdP08Diq_w3KRnYWds_S9cFF7oesv_tbpC8WfjmPM72HSvBa8kP-UpLytIJu
x-api-id: native
etag: f9e39dbf-3802-4bb9-beb3-742e4b9cbe07
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: 5ee1deb0-73b5-4d51-8af2-422821eff4e6
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:27 GMT

GET
H2 200 oUGzfBXueEFdTH0PEB0ahtiEP3zHkIAEFD5RQs
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 116 KB
118 KB 150ms
77ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oUGzfBXueEFdTH0PEB0ahtiEP3zHkIAEFD5RQs?x-expires=1691377200&x-signature=COBhH2p6Pdac1u%2FYYEZuQVlgx2g%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 027bc31f43449cdbbe3a18770745f06f32ae71ccfb0f16fb46ae31f0d3dd075b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 3ef34337.f41c77e.208a534b
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 20230806180657A50E719619985260E5645lzdh31df
x-powered-by: ImageX
x-cache: TCP_MISS from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 20,23.54.207.29, 35,23.32.238.47
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=38, origin; dur=0, inner; dur=45
x-length: 119249
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 119249
last-modified: Sun, 06 Aug 2023 18:06:58 GMT
server: nginx
x-tt-logid: 20230806180657A50E719619985260E564
x-response-date: Sun, 06 Aug 2023 18:06:58 GMT
x-cache-remote: TCP_MISS from a23-54-207-29.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-06T18:06:58.336483345Z 39
x-request-ip: fdbd:dccd:cdc2:1169:0:1de7::
cache-control: max-age=31523860
x-response-cinfo: fdbd:dccd:cdc2:1169:0:1de7::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 0191924fc514ffae22ffdac572c7638243a16e9e448da6aca0f34c20bd122c245bcbf7d479bf9099bab35b0f80525e7c6efc279987aa539d2df34ca691e9230f439fe92e83aaa7d358e8c0601f59edb424e07f639c3317a9764848dfcf9081b193633922bada70b2192d38db74c1254c7335d05ed257104c3915a8401ee676cc14

GET
H2 200 exclamationCircle-1c74f6f7941ff526d69976cc68e9c851.png
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame CB2D 685 B
1 KB 81ms
27ms Image
image/png 23.48.23.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/exclamationCircle-1c74f6f7941ff526d69976cc68e9c851.png
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf3d80e2bf58d36eaaa86946e1d42b63f826a3bfcef545f6ea387b7605d02856

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 5889521
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: HHT295Qf9SbWmXbMaOnIUQ==
x-cache: TCP_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 685
last-modified: Thu, 15 Jun 2023 17:03:48 GMT
opc-request-id: iad-1:f4u18rjkeZxmjimR0IxxISbzZkuK-itgyRnC6eOIBweQYL3P5zyhNLbo4aYfqa2V
x-api-id: native
etag: 15428ef1-a133-4b68-a832-39cb6933ae84
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: 0652798a-6db5-4cae-9418-b53775e09f1b
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:27 GMT

GET
H2 200 ok0jbmHOmeyhzaeqI4rYfHgQP2AN4GDeyEDJvg
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 63 KB
64 KB 188ms
115ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ok0jbmHOmeyhzaeqI4rYfHgQP2AN4GDeyEDJvg?x-expires=1691377200&x-signature=9Th%2FIUd1sHICsIp7d%2BseUt0siyE%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 3519120aab26baf977cbc85931a43758d555befe3373af03135dd5ad88a9bd9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 364e13d2.208a534c
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 202308042253050BB061A405762FAD90F5h92kk31df
x-powered-by: ImageX
x-cache: TCP_MISS from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 9,184.27.176.18, 37,23.32.238.47
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=42, origin; dur=0, inner; dur=51
x-length: 64537
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 64537
last-modified: Fri, 04 Aug 2023 22:53:06 GMT
server: nginx
x-tt-logid: 202308042253050BB061A405762FAD90F5
x-response-date: Fri, 04 Aug 2023 22:53:06 GMT
x-cache-remote: TCP_HIT from a23-54-207-33.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-04T22:53:06.584645255Z 46
x-request-ip: fdbd:dccd:cdc2:1104:0:1cc7::
cache-control: max-age=31368240
x-response-cinfo: fdbd:dccd:cdc2:1104:0:1cc7::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 011e92ba2cce2c80104f2738c8b4f69bc756e3dbf66f87177cf8eb5b0756dc19d5c038244d41bedb632afd150bbdcc56f037d80d95b90ad9e68fff94d6a8178a6b5e4a2ebcdbeda792fbbf8945d5168c6e620290a268116215fa8b49d67f44fec98f3546cd4a05c031f2033b97cdd718ebc4f2818a9b95e6c2f95ff4dfc7fcf872

GET
H2 200 oMfcQQ81QYPLQN8zDFnAgyzjRRkQfBcE8PDKbc
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 95 KB
96 KB 112ms
39ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oMfcQQ81QYPLQN8zDFnAgyzjRRkQfBcE8PDKbc?x-expires=1691377200&x-signature=HgOvogwHnHojCgzO69UyBOvA%2FY4%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 79eec51829f5a6a4d36c76a1821bdbd0de118b417b6901c1610c9cf998d731c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 3d3f3228.208a534d
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 202308041346013173C57D0761DE8739BD47qsk31df
x-powered-by: ImageX
x-cache: TCP_MISS from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 5,23.204.146.37, 11,23.32.238.47
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=0, inner; dur=52
x-length: 97345
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 97345
last-modified: Fri, 04 Aug 2023 13:46:02 GMT
server: nginx
x-tt-logid: 202308041346013173C57D0761DE8739BD
x-response-date: Fri, 04 Aug 2023 13:46:02 GMT
x-cache-remote: TCP_HIT from a23-54-207-5.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-04T13:46:02.402313357Z 46
x-request-ip: fdbd:dccd:cdc2:1104:0:1c29::
cache-control: max-age=31335279
x-response-cinfo: fdbd:dccd:cdc2:1104:0:1c29::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 013a4f4d8927761f39bfae6f976bf67c32477e8f316145fb69b67bf7767f46c081792cbb9a6d1b87ed925750643bf45498e4f06db9719839d16bdf9f1c42e1c119c79219c939955b45b3cd6346f52dfb4004f3c5ade8ffaaf6d6ccc179a20d4cd8e3c703b689089aca44390f4bd301bd590bcf4c55f319f7b89d6f74552e430fa1

GET
H2 200 oMlLKitZnIjvfKQnAKeAPhRRxBb8klDEDhQsEy
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 38 KB
39 KB 213ms
140ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oMlLKitZnIjvfKQnAKeAPhRRxBb8klDEDhQsEy?x-expires=1691377200&x-signature=%2FNNZOaxh2htQtQdjJ47i7JE2PwE%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 72a81bfc713e54dc2126f0cf578f441fdbb3b8b63cc4990672a1b20bb071a549

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: fd22236.40c00f8f.208a534e
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 20230802100959D633BA4BE001011F5D44whtc931df
x-powered-by: ImageX
x-cache: TCP_MISS from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 19,23.54.207.43, 32,23.32.238.47
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=32, origin; dur=0, inner; dur=3
x-length: 38488
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 38488
last-modified: Wed, 02 Aug 2023 10:10:00 GMT
server: nginx
x-tt-logid: 20230802100959D633BA4BE001011F5D44
x-response-date: Wed, 02 Aug 2023 10:10:00 GMT
x-cache-remote: TCP_MISS from a23-54-207-43.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-02T10:10:00.93667136Z 45
x-request-ip: fdbd:dccd:cdc2:1169:0:1ead::
cache-control: max-age=31149672
x-response-cinfo: fdbd:dccd:cdc2:1169:0:1ead::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01d99adba83f642305402328146e9c84bb0329f05bda1f77988622290ee0087824ef94d52683f6412d45b011f746505d3d4b816050c54fa225c07f23840877439453ac0fa26923d0826d9d94d44b7d589c592f6d2ed42f62afc365ed114609b74a6e660a2c755606d8819927035d4ab45ba0e4c355617c4c8fa5a1c81cd99fd248

GET
H2 200 adc13e61faca4dd79d8764c5dd0896c2_1690897364
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 342 KB
343 KB 151ms
78ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/adc13e61faca4dd79d8764c5dd0896c2_1690897364?x-expires=1691377200&x-signature=ewQE4U9Gu13LFiigttpcuR17OQ8%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 4d52f809cf301db31ff122cb4514227850b1f3b5f81f09dadacc8aae3f3315f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 39b2001a.208a534f
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 20230801134916A0349D213CCEC0AAA7AEm4czl31df
x-powered-by: ImageX
x-cache: TCP_MISS from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 18,23.201.44.191, 27,23.32.238.47
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=31, origin; dur=0, inner; dur=108
x-length: 349834
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 349834
last-modified: Tue, 01 Aug 2023 13:49:17 GMT
server: nginx
x-tt-logid: 20230801134916A0349D213CCEC0AAA7AE
x-response-date: Tue, 01 Aug 2023 13:49:17 GMT
x-cache-remote: TCP_HIT from a23-54-207-7.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-01T13:49:17.169224016Z 103
x-request-ip: fdbd:dccd:cdc2:1175:0:35d::
cache-control: max-age=31076316
x-response-cinfo: fdbd:dccd:cdc2:1175:0:35d::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 01320bea42ba95e07d8d25822272ebce4c6acceded5b7e0fb905d457bc8c297e4e30c4a50bf3849297a9efac6f26de97dca104d09b10335e9e70d12ae683deb6de9269dc4b3cd044faba32557c2be0a827959ca47936eb50a8b6e9e21988eb899ba0144832cb39a8f64fb5d915104e3556a872aaef605999d7d31748c5d10eb2f3

GET
H2 200 oUjxPEIInLSbRBGWQDbOABBTeeEnRkDEccLROF
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 81 KB
82 KB 149ms
76ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oUjxPEIInLSbRBGWQDbOABBTeeEnRkDEccLROF?x-expires=1691377200&x-signature=2ubn%2F8NIpZNg%2BEGWIbjFsgFOymU%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: c3502a6625d5c848d5519bd1c93527d9227d2840415ca8717c81e6f9b10c2d33

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 3c690be2.1f18f97c.208a5350
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 20230806112134A6E5A523C5DBD2345EBF6nbmt31df
x-powered-by: ImageX
x-cache: TCP_MISS from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 13,23.55.62.47, 8,23.54.207.40, 34,23.32.238.47
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=37, origin; dur=0, inner; dur=99
x-length: 83256
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 83256
last-modified: Sun, 06 Aug 2023 11:21:35 GMT
server: nginx
x-tt-logid: 20230806112134A6E5A523C5DBD2345EBF
x-response-date: Sun, 06 Aug 2023 11:21:35 GMT
x-cache-remote: TCP_MISS from a23-54-207-40.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-06T11:21:35.671024902Z 86
x-request-ip: fdbd:dccd:cdc2:11ee:0:fc4::
cache-control: max-age=31499430
x-response-cinfo: fdbd:dccd:cdc2:11ee:0:fc4::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 01957cb0357afb20262435d46b37ca82e96307f0e6fbdc9b194884933637f89ef2a23cd1d3fd0844ef4356f205ec9e54c97f9070d802590e51859fe0343d54958e214202cb229ec3282fb2355be74e361b943e1272c54824128f9a457570d0ff521ea51905012640884ecb27fe80250b46

GET
H2 200 ooQFgEDeRfFwAonkv8ORboEmAkGEJDtQPFvBBC
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 75 KB
77 KB 69ms
68ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ooQFgEDeRfFwAonkv8ORboEmAkGEJDtQPFvBBC?x-expires=1691377200&x-signature=PH5BnhmBZyLFlSL%2FbkDwbyHmMLQ%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 25fb2ec3af1063d8a82deb558578549677bda5638f2d1bd1883320ed1b7edc1d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: ec0957b.208a5371
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 202308061808225C8056A2553B68B7026768mm831df
x-powered-by: ImageX
x-cache: TCP_MISS from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 8,23.204.146.22, 17,23.32.238.47
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=0, inner; dur=4
x-length: 77297
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 77297
last-modified: Sun, 06 Aug 2023 18:08:23 GMT
server: nginx
x-tt-logid: 202308061808225C8056A2553B68B70267
x-response-date: Sun, 06 Aug 2023 18:08:23 GMT
x-cache-remote: TCP_HIT from a23-54-207-15.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-06T18:08:23.347711174Z 46
x-request-ip: fdbd:dccd:cdc2:1175:0:3bc::
cache-control: max-age=31523841
x-response-cinfo: fdbd:dccd:cdc2:1175:0:3bc::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01f0e59eedcc6d8bbebdc99bfa944ff125ef73d9f78b0c4ef10bcea277ec7de44c5f0ecc11f4edbeb79b53b7889cf979d7b6aed8f325ec3bba4226828ed80542fbfa3849f11146ef1f4d31134d5405fe6cbbdad260b9d3109fb5cde4fe42ac28b37faf94deed59f676e7cf46a9d0c78602d69d0dc8db71990bd84894abbb2cfa88

GET
H2 200 oIKG7gJQCuqnRE9pgee3UbDIeIAjfChUJ2DXwI
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 88 KB
90 KB 132ms
130ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oIKG7gJQCuqnRE9pgee3UbDIeIAjfChUJ2DXwI?x-expires=1691377200&x-signature=N0PvcID0iaVAwnHPCuQGC2dkBOc%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 415d84b4223609d354a1c6a3b30025c375caa356c4f79e754e3a0c9343373412

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 30b8f0b5.3c6902bc.208a5372
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 20230727172320DF70A358C0A9900A5581cffxk31df
x-powered-by: ImageX
x-cache: TCP_MISS from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 18,23.54.207.4, 50,23.32.238.47
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=56, origin; dur=0, inner; dur=41
x-length: 90591
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 90591
last-modified: Thu, 27 Jul 2023 17:23:21 GMT
server: nginx
x-tt-logid: 20230727172320DF70A358C0A9900A5581
x-response-date: Thu, 27 Jul 2023 17:23:21 GMT
x-cache-remote: TCP_MISS from a23-54-207-4.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-07-27T17:23:21.30050869Z 37
x-request-ip: fdbd:dccd:cdc2:137d:0:2::
x-origin-response-time: 59,23.222.242.166
x-response-cinfo: fdbd:dccd:cdc2:137d:0:2::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 0103ac0e460e77f2ba07101469c632b53f757d5dd50ea0279d46a45bf8441863fc24f19d418a8d1567bb7a26451c5690e555b58ef8419917a420f8dc7cde6c20e5df19780041683d520c56e6d17101cbfd837dd3b137c501ccf13124242378923d3a8700eef086615e27ff14b9b04526287baf4eabbea4083501ec78402fcc0483
cache-control: max-age=30657137

GET
H2 200 o4IyCA02TPCeADQkGwebDBQRWZzmISINRDnCEF
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 66 KB
67 KB 165ms
164ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/o4IyCA02TPCeADQkGwebDBQRWZzmISINRDnCEF?x-expires=1691377200&x-signature=vlSNRbrTn3YiTa4r00GS3uSI9xg%3D
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 9d8b10a0e33ef1202866a7045430ecc81a217a22be16569a4b528347bba6a8bb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 3a2a2010.34d8ca1f.195a88dc.208a5373
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=static
x-check-cacheable: YES
nw-session-id: 20230806112244771F98F808F3243E13B9nwkrl31df
x-powered-by: ImageX
x-cache: TCP_MISS from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 8,184.27.176.15, 114,23.54.207.18, 127,23.32.238.47
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=MISS, edge; dur=129, origin; dur=0, inner; dur=3
x-length: 67376
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 67376
last-modified: Sun, 06 Aug 2023 11:22:45 GMT
server: nginx
x-tt-logid: 20230806112244771F98F808F3243E13B9
x-response-date: Sun, 06 Aug 2023 11:22:45 GMT
x-cache-remote: TCP_MISS from a23-54-207-18.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-06T11:22:45.335465237Z 76
x-request-ip: fdbd:dccd:cdc2:137d:0:14d::
cache-control: max-age=31499593
x-response-cinfo: fdbd:dccd:cdc2:137d:0:14d::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01e12cb53aaf2f7a76258fee114c4381c48670a808ca5a5ca0ba72b19a33a1cecd8cae29b4c155eee39a2d231063b95c95d4bfb7ccffffcc8cfc02611a3a83a9d7b643b1a8ad9e584c569f9ffa138a4443f6a9789dfec24cdada3300401a892cfcee7464c37541a4069c7c04122f18e5e4ae4b4c5c1c7c79d023cd4e60b8024bf4

GET
H2 200 fullProfile-7e8cead262d90a2c7a720b579e6f15cf.png
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/ Frame CB2D 3 KB
4 KB 82ms
29ms Image
image/png 23.48.23.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/fullProfile-7e8cead262d90a2c7a720b579e6f15cf.png
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a97d688e7c8d57e612cc4f2aa9b178f8d4bd3da083af25fd634be351222e1906

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 5889522
date: Sun, 06 Aug 2023 21:30:27 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: fozq0mLZCix6cgtXnm8Vzw==
x-cache: TCP_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=2
storage-tier: Standard
content-length: 2991
last-modified: Thu, 20 Jul 2023 03:27:34 GMT
opc-request-id: iad-1:6MEFDv0pK_vGOTtfJED2g7ITrzq0XA9VeK5f_l19DCgpkShsPsrKneTxALGU04gy
x-api-id: native
etag: baaa2b8a-fb86-43d6-b9ba-62924e69a2a8
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: 9d73d101-952e-4a51-a73c-f6fa893e476f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:27 GMT

GET
H2 200 browser.maliva.js Show response
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/ Frame CB2D 44 KB
17 KB 98ms
25ms Script
application/javascript 193.108.153.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba2735c9da718210b17b73fe314fd449718a4c061d685f43a04c4ddf91b3d687

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 32c0f462
date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: NTERAEALDEmLR1Cs3myf2Q==
x-tt-trace-id: 00-bbceec06105e29ca3c444bc605fc04d1-bbceec06105e29ca-01
x-cache: TCP_MEM_HIT from a23-54-206-29.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 16305
x-tos-request-id: 94eedcbba1c43d964cbba1c-ad9155a
x-tos-response-time: Thu, 03 Aug 2023 14:30:52 GMT
last-modified: Wed, 19 Jul 2023 07:47:05 GMT
server: nginx
x-tt-logid: 202308031431028AA6F08A6A6E709868AB
etag: W/"35311100400b0c498b4750acde6c9fd9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-credentials: false
x-tt-trace-host: 0102f4b0457eace37f0ab4baeed5c57d609a29f959ba4beade7bf17f38b1ab6ae59503f5ec3346d4e21e98084081c68bc315344942fa5a378c3f9200deccf64b3f5da1d37a57b2918a657307a44fca94379ac699f16464ba8d1e3fc74b45fb11dbfa464a6db2cc54a7fccbc6c6b2caa6f0
timing-allow-origin: *
access-control-allow-headers: *
expires: Sun, 06 Aug 2023 21:35:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame B870 2 KB
945 B 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=280&slotname=8060429809&adk=3505500867&adf=449793871&pi=t.ma~as.8060429809&w=1150&fwrn=4&fwrnh=100&lmt=1691357426&rafmt=12&format=1150x280&url=https%3A%2F%2Fldiena.lt%2F&ea=0&fwr=0&fwrattr=true&rh=280&rw=1150&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425805&bpp=2&bdt=416&idt=348&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame B870 23 KB
9 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame B870 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame B870 20 KB
8 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B870 179 KB
56 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame B870 33 KB
14 KB 117ms
26ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame B870 6 KB
7 KB 111ms
26ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQVLAtiL5ZWU5z2jZCPdoLonTmj9GhHso8t03FsGC3PGCOwHJJI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6446a97d50c5528a2b03166b564b1ff7b3e7ef4921db9288e6fa5ba1edae5d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:07:57 GMT
x-content-type-options: nosniff
age: 292950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6284
x-xss-protection: 0
last-modified: Sun, 18 Sep 2022 10:12:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 02 Aug 2024 12:07:57 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B870 9 KB
9 KB 110ms
25ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSt8_BiUuHP2SLsQ13b0wE6bb4YHcXtTrqvsT32XnycMgdxrM8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8be68b761fd6b85b01fce2406945b5a67079388d55f3b23ae7d5e2d19d503109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 19:59:04 GMT
x-content-type-options: nosniff
age: 5483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9114
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 09:08:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 05 Aug 2024 19:59:04 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B870 10 KB
10 KB 123ms
26ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTaiM6rpAd-ojEPnoUyMmfOhqSWYE5WvtHcSR49aQCsBvQDxtEJ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a05e007f6c78e9234df6acab0f6cac5c6e1e57e107832414469f8fd6a8ef74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 15:20:41 GMT
x-content-type-options: nosniff
age: 108586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9799
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 03:12:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 04 Aug 2024 15:20:41 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B870 17 KB
18 KB 126ms
30ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSCPhw1Xq2EcQJmhNs9PIHrd4UtJMae9hawcP-SL7_C2La2NSU&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

491a72f4dd6fb1501f2cfb4b60754b39170a773c5b3cee8d15e70e2e464851eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 18:46:47 GMT
x-content-type-options: nosniff
age: 96220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17812
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 08:49:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 04 Aug 2024 18:46:47 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B870 9 KB
9 KB 112ms
28ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQWg-4Ym9kJQesXY1T1asJA1ULbsa5e_1wIfSR7vaFulhj0Gf0H&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec65faa0a49b147b4b081aff4a82ebfde426f210498f6e9bd8ec2f99ae0451ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 16:17:44 GMT
x-content-type-options: nosniff
age: 105163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9351
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 08:13:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 04 Aug 2024 16:17:44 GMT

GET
H3

200

13331317672056765402
tpc.googlesyndication.com/simgad/ Frame B870
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrjuOmQhCABBiAATII4aOiCD_YKNA
https://tpc.googlesyndication.com/simgad/13331317672056765402

5 KB
5 KB

32ms
29ms

Image
image/png

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13331317672056765402

Requested by

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24fe63307e2903b2a4b2d80c28383d91861dc9ade1b28feac920e9f5f7b7dddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 21:54:37 GMT
x-content-type-options: nosniff
age: 84950
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5156
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 16:37:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Aug 2024 21:54:37 GMT

Redirect headers

date: Sun, 06 Aug 2023 17:16:25 GMT
x-content-type-options: nosniff
server: cafe
age: 15242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/13331317672056765402
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Sep 2023 17:16:25 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B870 21 KB
21 KB 129ms
45ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:15:19 GMT
x-content-type-options: nosniff
age: 144908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 05:15:19 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B870 20 KB
21 KB 109ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 07:15:13 GMT
x-content-type-options: nosniff
age: 137714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 07:15:13 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A288 143 B
166 B 27ms
27ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425807&bpp=2&bdt=418&idt=381&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=387
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6F23 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 83BF 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3318ca6cb65f7f6e15ae563cbecc18da589292410eed19ade91b72da190e6a9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 83BF 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=lt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:49:54 GMT
x-content-type-options: nosniff
age: 186033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 17:49:54 GMT

GET
DATA 200
OK truncated
/ Frame 7A7D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d015f7fb4e7c3be7736958f22e21f8443df1266509f33983a204c2838309d0b4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7A7D 15 KB
15 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=lt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:49:54 GMT
x-content-type-options: nosniff
age: 186033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 17:49:54 GMT

GET
H3 200 16889854877160310958
tpc.googlesyndication.com/daca_images/simgad/ Frame A2ED 65 KB
65 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16889854877160310958

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=4203825702&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=687&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=4&fsb=1&dtd=691

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36468b8d1a1259b303379e831c650718deb0ef0eb12197298f6cee8640d65190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 09:15:54 GMT
x-content-type-options: nosniff
age: 562473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66694
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 08:49:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Jul 2024 09:15:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame A2ED 23 KB
9 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame A2ED 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame A2ED 20 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2ED 179 KB
56 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame A2ED 33 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

769651ed8ed763552ff527a25a5fa5a5ead5337270bd76b03eda1e4ee8e45e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 13:51:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13536
x-xss-protection: 0
server: cafe
etag: 530816353660834600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 13:51:01 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A5C 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3381128908422475678
tpc.googlesyndication.com/daca_images/simgad/ Frame E5FC 121 KB
121 KB 26ms
25ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3381128908422475678

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be7fe65ad1f1b9754d37709f3fed9f2852df147b4c1d07d16469962192da36db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 21:41:30 GMT
x-content-type-options: nosniff
age: 85737
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 124230
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 10:35:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Aug 2024 21:41:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame E5FC 23 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame E5FC 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36290
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame E5FC 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5FC 179 KB
56 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame E5FC 33 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

769651ed8ed763552ff527a25a5fa5a5ead5337270bd76b03eda1e4ee8e45e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 13:51:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13536
x-xss-protection: 0
server: cafe
etag: 530816353660834600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 13:51:01 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D3F5 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=lt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 17:49:54 GMT
x-content-type-options: nosniff
age: 186033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 17:49:54 GMT

GET
H2 200 core.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/ Frame CB2D 65 KB
22 KB 26ms
26ms Script
application/javascript 23.48.23.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/core.js?globalName=__PNS_RUNTIME__
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5d6518513ae6fef5cb6d97c94a14dcbde416b70c2055256424f21f3e2a4d55da

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 5889490
date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: n+W11tRiqMnrhYjU8ZPKtw==
x-cache: TCP_MEM_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=1
storage-tier: Standard
content-length: 21790
last-modified: Wed, 02 Aug 2023 03:34:28 GMT
opc-request-id: iad-1:bbVB9YhJ7nZ7CdYb1RhZjvTcpHgmkmTUTrZfnwFWgc1wmxOISJovQIHw9XOhW2eW
x-api-id: native
etag: 354b147d-5487-4706-81bd-519d5c38a84b
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 00268db4-e8dc-443b-bc62-f34b724cdfc0
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
x-origin-response-time: 733,23.48.148.181
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A2ED 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChtKR8hDQZJ_JKNDG2gSC9IxYxPzTjXLjmJXT9xHc2R4QASDV2NopYPvhhYOcCqABh4O_9wPIAQKoAwHIA8kEqgTJAU_Q5oS1INEmnfFXWAoZAWfJQ3oMohsvYk0IwBtWFHarnQ7QWqrbUueWgYygZuJAV1Iff7TMZ_dUDN23KpN-C9FmrKNh13ktmbRMnrGG2Ma7hESy6hBzu9uJqvxkJSy085Ihnw_NbSsrJxQNt21FHRT5BE2DNTJKAWpuxxa6XLrgr40e6Uf80T6DWpwtyijhNgJpy8qMOje1RN_CCRQ14QxaTdj1D8J10lgPG6MdN-Kl0G0P-dYs4oLxuDoAbr8ZzXEKOMIXOEesWcAE76TQhrsEkgUECAQYAZIFBAgFGASgBgKAB6uioSOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxC4MtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTDNAVAYAXAbIXHAoaCAASFHB1Yi0xOTQyODQ0MjYxMTQ3NzM0GAA&sigh=pcOCk4ZqHpo&uach_m=[UACH]&cid=CAQSSwBpAlJWiYWnQpfnGpepXmKyqlwdQZat0K76pEUG2RErjVDhJRqvRg2DYPYnqbvJ1e-CTWCuaTV91YNiWwagzn29wcZ071QfQvM2chgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=4203825702&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=687&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=4&fsb=1&dtd=691
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Aug 2023 21:30:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D758 143 B
166 B 25ms
25ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2614870660&adf=4203825702&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=687&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=4&fsb=1&dtd=691
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7A7D 0
23 B 71ms
70ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6lFE8hDQZJe3Fqqn29gPoJ2pgAefyKnwceu84dnuDtzZHhABINXY2ilg--GFg5wKoAG-9frHA8gBBqkCNT3aQAR3sj6oAwHIA8sEqgTUAU_QH9afVya1_2t6-I3QrHoU9DFpgqM-uuCPgaiYGoGP80eeMeGv0e_IUKwk1KJewsUznSIXsvDwB5Evd8Jak1eS2tKGhIMMMcvW1G73EQEvmBHBBqNHclk3vTowAGpZUx6G8sWlhWxpy6SxY8GOa4SF_ddsW2x6ZRuDYYLukHIXTzEZNTjhNOsnUq78brYw1dZrxdC1xZ-g4obOh6erluvU0IwMpWwUaXUMRtzP1mvXKCzm-Srg4nNs5upS411MxYXwOWO9R_xXlwbq1dY7hF9GTJHXwATqy9j6PpIFBAgEGAGSBQQIBRgEoAY3gAeqioU4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgqED0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMCiBQI0BUBgBcBshccChoIABIUcHViLTE5NDI4NDQyNjExNDc3MzQYAA&sigh=iHN9g-UuU5Q&uach_m=[UACH]&cid=CAQSGwBpAlJWVC8x7CkIarJjWIpy3XNdZzBAtT1XmRgB&template_id=492&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=109976310&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425807&bpp=2&bdt=418&idt=381&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=387
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Aug 2023 21:30:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 83BF 0
23 B 70ms
69ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKWkZ8hDQZIbvHZ6i29gP-9OF6AafyKnwceu84dnuDtzZHhABINXY2ilg--GFg5wKoAG-9frHA8gBBqkCNT3aQAR3sj6oAwHIA8sEqgTUAU_QOoQMvonts2u8CuOrGshEMJzXlJBThzBS4RfR5zF3czp6ljrB6X8BXR_Gg48Viu9Lw2O5yWTd84bfEbD0B-PsaAWIHVW5hulCGqbR2G_bW92Ocie1wXsrYvA1vTqZ0eUlO4LLW64u9aWaZqCp5qa_YpAS9-sfpX1aWQNa9zT_4QjSO298WvCNmGj1Ea9vhi8WI7k9D9C3YDFcEPhmyd8XALsOfZb5bQy9RqJ4bisnvVSWJpYoQqYwYCmU4GN1wALg0JfWzWh13F2kVahGJ1cLJ_cKwATqy9j6PpIFBAgEGAGSBQQIBRgEoAY3gAeqioU4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQkDXSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBogwIKgYKBMOwsQLYEwKIFAjQFQGAFwGyFxwKGggAEhRwdWItMTk0Mjg0NDI2MTE0NzczNBgA&sigh=VuqjSboaxcw&uach_m=[UACH]&cid=CAQSGwBpAlJWj2kNd2DL3tOpGn9_EiX9wwXmIdtRghgB&template_id=492&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Aug 2023 21:30:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
DATA 200
OK truncated
/ Frame D3F5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd65382641403d980de0a37cce7d5445896373e01ac1306fcbc95cbf12eea6ad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D3F5 0
19 B 69ms
68ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ctez_8hDQZNSBGPyX29gP64e9wAifyKnwceu84dnuDtzZHhABINXY2ilg--GFg5wKoAG-9frHA8gBBqkCNT3aQAR3sj6oAwHIA8sEqgTUAU_QZwuV80y9daeQ_Avo4sAzvhpquQzVqZY6KRXxbtmsYeZpvIrewCUKhDW__hYdKRzfFYAvleescMwg9dNB_h9S5iPoG4A7aqpB_9KcXc9gUHE0Z3zPSqeORa_Aodwsdqmm7_qH2Cnf3uPBE48OZMrB-WrHpzpTX-9tcwxrTvapAu2Z3MQAXe4EzuSs-SG5HdzZhvAzN4DIKM53HhEGkuGGYyGIrASt-C4Us5c_6Y4OGeCb2CT1lqXXZIBhV5RwHuFKpEal3IYEuf4BNvd5o0Z7_TTKwATqy9j6PpIFBAgEGAGSBQQIBRgEoAY3gAeqioU4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQu7gB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMCiBQI0BUBgBcBshccChoIABIUcHViLTE5NDI4NDQyNjExNDc3MzQYAA&sigh=JoBW6RIADPU&uach_m=[UACH]&cid=CAQSGwBpAlJWljymVpOUkIHHjql31a1RGfTyPwA9oBgB&template_id=492&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Aug 2023 21:30:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4AF2 143 B
166 B 24ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/108df9ef35e5a354ebef3be77fa262e8/64d067aa/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oEbzPIEEzXv0eB3TQhtrArSi5fuERkDEIFiRmP/ Frame CB2D 5 MB
0 91ms
25ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/108df9ef35e5a354ebef3be77fa262e8/64d067aa/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oEbzPIEEzXv0eB3TQhtrArSi5fuERkDEIFiRmP/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=3972&bt=1986&cs=0&ds=3&ft=ApKJEBxTq8ZmoE-E-c_vj4VzLAhLrus&mime_type=video_mp4&qs=0&rc=ZzU3aDplZThpaGlkZjw5PEBpM215NDg6ZjV3bTMzZjczM0A2MTFjNl82XzIxMDUvLWAxYSNlZi9rcjRfaDRgLS1kMWNzcw%3D%3D&l=202308062130252D7E28BAA9F0A7877E24&btag=e000a8000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 06 Aug 2023 21:30:27 GMT
via: n106-134-183, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 12092
X-Cache: MISS, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-152606763/152606764
Connection: keep-alive
server-timing: inner; dur=86, cdn-cache;desc=hit, edge;dur=1
Content-Length: 152606764
X-Served-By: cache-iad-kiad7000074-IAD, cache-fra-etou8220100-FRA
X-Storagegw-Request-Id: 202308061808559A7FD1968C0EFA975032
Last-Modified: Sun, 06 Aug 2023 17:56:10 GMT
X-TT-LOGID: 202308061808559A7FD1968C0EFA975032
X-Timer: S1691357428.772953,VS0,VE1
Etag: "31b938e585d74678b86e0b6470193b12"
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Sun, 06 Aug 2023 18:08:56 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dccd:cdc2:137d:0:247::
x-response-cinfo: fdbd:dccd:cdc2:137d:0:247::
x-tt-trace-host: 018c365c49d969a3d098159767ac13b95177f28b00d2b816cf722ac65d1eb9fe30339d67b48d39a735b21d359258f2bbeafb8f5ea2adaf5e26f5b903802121e84a901e39c23290102183dbcc516d5deab3373bd40beee6845aa905a4b8ec80874fb3c9e69f173d4a845f73f5e8d5344335
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/6eb7ad96ad5df2801c022d905a8be40b/64d0670c/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/ogAhaess1z81nfLWRbuBX8EGQPDHDudIvkFJQa/ Frame CB2D 1006 KB
0 92ms
26ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/6eb7ad96ad5df2801c022d905a8be40b/64d0670c/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/ogAhaess1z81nfLWRbuBX8EGQPDHDudIvkFJQa/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=1600&bt=800&cs=0&ds=3&ft=ApKJEBxTq8ZmoE-E-c_vj4VzLAhLrus&mime_type=video_mp4&qs=0&rc=NmZlNTZmaDQ2N2gzPDRmO0BpanFtODY6ZnVxbTMzZjczM0A0YmM0Li40XzQxM2BiMjZiYSNqYGxjcjQwbjNgLS1kMWNzcw%3D%3D&l=202308062130252D7E28BAA9F0A7877E24&btag=e000a0000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Expires: Wed, 31 Jan 2024 22:51:20 GMT
Date: Sun, 06 Aug 2023 21:30:27 GMT
Via: http/1.1 ats-prod-18 (va3 [cHs f ]), 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
x-tt-trace-id: 00-c2bf86bf10613cbb382e1306051104d1-c2bf86bf10613cbb-01
Age: 167948
X-Cache: TCP_HIT, HIT, HIT
Content-Range: bytes 0-45332339/45332340
Connection: keep-alive
server-timing: inner; dur=47, cdn-cache;desc=hit, edge;dur=1
Content-Length: 45332340
X-Served-By: cache-iad-kjyo7100157-IAD, cache-fra-etou8220043-FRA
X-Storagegw-Request-Id: 2023080422512001009907211519E48070
Last-Modified: Fri, 04 Aug 2023 22:44:47 GMT
X-Timer: S1691357428.772993,VS0,VE1
Etag: "CO6E2KaKxIADEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Fri, 04 Aug 2023 22:51:20 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 01d01fff7a1ecd3f33859d6306742e79a557af680ecdfb915c968d4743b784263e404b8954a601b1b29cdc92c2d81c162e13694cc7c69f3a5e3abb41db4dadf98513290ace7d56c914eac9c92da123073dbc129d3951b314fbaa05b9969eae3a0256521b2951e6e90b70d2b91f2b69d991bc45cc85ab68b90e8049f643a336b7b1f9604d676b090f612d9b1d54c150ebf1ea73610db3219ece2adf6567d698df131134d3d43a991ceda890e7e6fc79707f8cd5833a19fda2f2c4cea65a0bd42db0
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: 1630df6154b66eafcd526c891f683bf7
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/82cfa42605846aa0e4fe678e0ca6988e/64d0663f/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/oI6aGfDIQDQkLazbsAePaqWOoOyF7EAonBPRhR/ Frame CB2D 958 KB
0 95ms
30ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/82cfa42605846aa0e4fe678e0ca6988e/64d0663f/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/oI6aGfDIQDQkLazbsAePaqWOoOyF7EAonBPRhR/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=4220&bt=2110&cs=0&ds=3&ft=ApKJEBxTq8ZmoE-E-c_vj4VzLAhLrus&mime_type=video_mp4&qs=0&rc=OTs2ZDk4Zzk7Ozk6O2kzPEBpMzZkODs6ZjVpbTMzZjczM0AwMi82YTZiNS0xMC8zYy4zYSNeYmRucjRvbTNgLS1kMWNzcw%3D%3D&l=202308062130252D7E28BAA9F0A7877E24&btag=e00098000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Expires: Wed, 31 Jan 2024 13:46:02 GMT
Date: Sun, 06 Aug 2023 21:30:27 GMT
Via: http/1.1 ats-prod-20 (va3 [cMsSfW]), 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 200665
X-Cache: TCP_MISS, MISS, HIT
Content-Range: bytes 0-64179163/64179164
Connection: keep-alive
server-timing: inner; dur=49, cdn-cache;desc=hit, edge;dur=1
Content-Length: 64179164
X-Served-By: cache-iad-kjyo7100135-IAD, cache-fra-etou8220079-FRA
X-Storagegw-Request-Id: 2023080413460201009907212525E57278
Last-Modified: Fri, 04 Aug 2023 13:43:19 GMT
X-Timer: S1691357428.773326,VS0,VE1
Etag: "CJuzj6ORw4ADEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Fri, 04 Aug 2023 13:46:02 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 013a4f4d8927761f39bfae6f976bf67c32ceed0e8adf8f88ae7aafe0edcc8790af9fec55fbec7c23eca970480c3227b3cb7a372e01202ae369114ef7b3fd3968b54f7b3adf34f124640f4c26fb1e0fe0f77454608a46c88f0f9643b7e4ca6245229dd38743a4e5f2a4fdde929effc6b47c725e752c7cba91d13c8f08e70c7f9f394d078c6db64e95b82cd679a0d79e812d
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: 3f70a8bfc40a9320984b92e69a4663ae
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/73f28ac302d005abd39f61e3091a2cb1/64d065e9/video/tos/useast2a/tos-useast2a-ve-0068-euttp/osZkRrnLIAyQQRC5QIefyKPnRbsxKxiDDEBrKE/ Frame CB2D 987 KB
0 93ms
28ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/73f28ac302d005abd39f61e3091a2cb1/64d065e9/video/tos/useast2a/tos-useast2a-ve-0068-euttp/osZkRrnLIAyQQRC5QIefyKPnRbsxKxiDDEBrKE/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=952&bt=476&cs=0&ds=3&ft=ApKJEBxTq8ZmoE-E-c_vj4VzLAhLrus&mime_type=video_mp4&qs=0&rc=NTQ6OTxpOGdmZmc2NWg2aUBpanJwZzs6Zm41bTMzZjczM0AwYTM2YzE2NWAxLjYzYjBhYSNzXmQzcjRfZzJgLS1kMWNzcw%3D%3D&l=202308062130252D7E28BAA9F0A7877E24&btag=e00090000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 06 Aug 2023 21:30:27 GMT
via: n106-203-016, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 385802
X-Cache: MISS, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-9218236/9218237
Connection: keep-alive
server-timing: inner; dur=1233, cdn-cache;desc=hit, edge;dur=1
Content-Length: 9218237
X-Served-By: cache-iad-kjyo7100027-IAD, cache-fra-etou8220105-FRA
X-Storagegw-Request-Id: 202308021012393972AC6DB3750E298DFE
Last-Modified: Wed, 02 Aug 2023 10:08:21 GMT
X-TT-LOGID: 202308021012393972AC6DB3750E298DFE
X-Timer: S1691357428.773150,VS0,VE1
Etag: "COqLjL/dvYADEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Wed, 02 Aug 2023 10:12:41 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dccd:cdc2:13d3:0:131::
x-response-cinfo: fdbd:dccd:cdc2:13d3:0:131::
x-tt-trace-host: 01dc5f5b7669f8e722ef2553674f696e54e047f35d8dcfb82fc9823345c212ea72a954b2ea3d0b43721802cdecb4d8550914719863956d74cbd423343edcd67c91364bc60ebf7be45e540450eeaec2fa61d196e1de081fc00679e4281675958cd7aca985af7f6dc810e314556992af493b
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/a48e0943d72a4903756a75c63dcae904/64d066b4/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oM3hUGzGfi8PZDJNiI39AA0C6AoIEnRtoyI5Dh/ Frame CB2D 1 MB
0 92ms
27ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/a48e0943d72a4903756a75c63dcae904/64d066b4/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oM3hUGzGfi8PZDJNiI39AA0C6AoIEnRtoyI5Dh/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=4560&bt=2280&cs=0&ds=3&ft=ApKJEBxTq8ZmoE-E-c_vj4VzLAhLrus&mime_type=video_mp4&qs=0&rc=ODM2NjRmNTtlPDU1PGk1ZEBpanY2aDM6ZjpqbTMzZjczM0BeLi9gLTNgXy0xY2FhXzM2YSNyNmFxcjRvaDFgLS1kMWNzcw%3D%3D&l=202308062130252D7E28BAA9F0A7877E24&btag=e000a0000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 06 Aug 2023 21:30:27 GMT
via: n106-134-160, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 380994
X-Cache: MISS, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-103331064/103331065
Connection: keep-alive
server-timing: inner; dur=97, cdn-cache;desc=hit, edge;dur=1
Content-Length: 103331065
X-Served-By: cache-iad-kjyo7100156-IAD, cache-fra-etou8220084-FRA
X-Storagegw-Request-Id: 2023080113491689A77F3B7B0C0A1A5492
Last-Modified: Tue, 01 Aug 2023 13:45:05 GMT
X-TT-LOGID: 2023080113491689A77F3B7B0C0A1A5492
X-Timer: S1691357428.773370,VS0,VE1
Etag: "CIDCxYnMu4ADEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Tue, 01 Aug 2023 13:49:17 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dccd:cdc2:1169:0:1d1f::
x-response-cinfo: fdbd:dccd:cdc2:1169:0:1d1f::
x-tt-trace-host: 01ae7bcc19a0fad70c4b0337933c11a81a467ec8923837cd16258309eac16e48049d79c5464072bffc1d5c534b5db673c2912e01f6cc4bc4e63ef9d3c06fddb416419e010902e92b235adf60bf818c46aff5e129e4827f2dd25746479ae00ed442ab466d70f98e9ac79d69a24fa6fcc332
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/6b832ff2d175b08595d54ef67f256683/64d066c0/video/tos/useast2a/tos-useast2a-ve-0068-euttp/o4kSPHFEIBWIRAeRcDeEnYkRSxELQcbrwbGnDL/ Frame CB2D 954 KB
0 93ms
29ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/6b832ff2d175b08595d54ef67f256683/64d066c0/video/tos/useast2a/tos-useast2a-ve-0068-euttp/o4kSPHFEIBWIRAeRcDeEnYkRSxELQcbrwbGnDL/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=3680&bt=1840&cs=0&ds=3&ft=ApKJEBxTq8ZmoE-E-c_vj4VzLAhLrus&mime_type=video_mp4&qs=0&rc=OWk1aTo7ODo5ZzQ3Z2c0NEBpanBxN2g6ZmxrbTMzZjczM0AuLjFgYmNfXzYxYGNjYTFjYSMycHAucjQwYS9gLS1kMWNzcw%3D%3D&l=202308062130252D7E28BAA9F0A7877E24&btag=e000a0000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Expires: Thu, 25 Jan 2024 13:57:54 GMT
Date: Sun, 06 Aug 2023 21:30:27 GMT
Via: http/1.1 ats-prod-21 (va3 [cMsSfW]), 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 463721
X-Cache: TCP_MISS, HIT, HIT
Content-Range: bytes 0-86288424/86288425
Connection: keep-alive
server-timing: inner; dur=104, cdn-cache;desc=hit, edge;dur=1
Content-Length: 86288425
X-Served-By: cache-iad-kiad7000116-IAD, cache-fra-etou8220112-FRA
X-Storagegw-Request-Id: 2023072913575401009907205036C99446
Last-Modified: Sat, 29 Jul 2023 13:52:09 GMT
X-Timer: S1691357428.773263,VS0,VE1
Etag: "CJmDrYeItIADEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Sat, 29 Jul 2023 13:57:54 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 0135c6d72223a72b365cebd2bc26a09e4cf76f01499f1a5b526a0056722b0b686d21f4c2af2ea874f408a78773d37f753f944ba11a218d96542933b443eb2bca40b2b7d7f2c8c33f66b21161fd392c01f10b7f526eecafe5e01c8f3dd58a9950b8695c3800a63394418f80e7c7a1197194c088a1f9be4899d5d2f53bf1d04c0a191d79781c8dc414915b5112dac9660676
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: d122deeab9b0897e06830b68adec2d4e
X-Cache-Hits: 3, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/1f7994110fdc3ca66cba2a47ada1c8e5/64d06660/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/oUFADeBRPnkGwCEkfQ3zAsHiQb0JXVDDZjIrvh/ Frame CB2D 1 MB
0 96ms
30ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/1f7994110fdc3ca66cba2a47ada1c8e5/64d06660/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/oUFADeBRPnkGwCEkfQ3zAsHiQb0JXVDDZjIrvh/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=3622&bt=1811&cs=0&ds=3&ft=ApKJEBxTq8ZmoE-E-c_vj4VzLAhLrus&mime_type=video_mp4&qs=0&rc=aGRpNjM3ZDgzMzdnZzc1NkBpM3Q4eDQ6ZjVpbTMzZjczM0A1YDEyYzUtX2IxMy9hYzBhYSMtL2BpcjRfZi5gLS1kMWNzcw%3D%3D&l=202308062130252D7E28BAA9F0A7877E24&btag=e00098000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Expires: Tue, 23 Jan 2024 23:31:08 GMT
Date: Sun, 06 Aug 2023 21:30:28 GMT
Via: http/1.1 ats-prod-36 (va3 [cMsSfW]), 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 856760
X-Cache: TCP_MISS, MISS, HIT
Content-Range: bytes 0-62743200/62743201
Connection: keep-alive
server-timing: inner; dur=76, cdn-cache;desc=hit, edge;dur=1
Content-Length: 62743201
X-Served-By: cache-iad-kjyo7100069-IAD, cache-fra-etou8220093-FRA
X-Storagegw-Request-Id: 202307272331080100990730370BC3B9FE
Last-Modified: Thu, 27 Jul 2023 23:23:33 GMT
X-Timer: S1691357429.640975,VS0,VE1
Etag: "CL6H+4WEsIADEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Thu, 27 Jul 2023 23:31:08 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 01ad09baf749a6774ab48716b2e54f4e3679a2b78f90fefa6def8337d0cf21545f9fac6e9eb7af9f0ef06fbf0a331ad729570196e80e93b737a9c088ede59da30030d3717d8a9da72056383132777ca530223cbf3b9f8a7a1605f02cdb201739021db763da4086ae54a787e98cf168c284ff3599bb32d48434a72d2885dfd0cbbbdc54e45b774de1af3792f9e21e2bb572
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: 91742cb34848c0b1865dc73e02ebb59d
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/b59ba934e6cca5cb27adff5834ecb29e/64d065d1/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oEMn8E6vUIoyVfgCgAf6DbseephTJRAdlGHjg0/ Frame CB2D 1 MB
0 87ms
32ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/b59ba934e6cca5cb27adff5834ecb29e/64d065d1/video/tos/useast2a/tos-useast2a-ve-0068-euttp/oEMn8E6vUIoyVfgCgAf6DbseephTJRAdlGHjg0/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=2040&bt=1020&cs=0&ds=3&ft=ApKJEBxTq8ZmoE-E-c_vj4VzLAhLrus&mime_type=video_mp4&qs=0&rc=ZzY5PDhnNDNlNzlmZ2RnNUBpam90d2Q6ZjpkbTMzZjczM0AvYDZhLV9jXjUxLTZiYmIyYSNhMG8ycjRnNS5gLS1kMWNzcw%3D%3D&l=202308062130252D7E28BAA9F0A7877E24&btag=e00090000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 06 Aug 2023 21:30:28 GMT
via: n106-203-042, 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 878810
X-Cache: HIT, HIT
X-Bdcdn-Cache-Status: TCP_MISS
Content-Range: bytes 0-16670415/16670416
Connection: keep-alive
server-timing: inner; dur=54, cdn-cache;desc=hit, edge;dur=1
Content-Length: 16670416
X-Served-By: cache-iad-kiad7000121-IAD, cache-fra-etou8220053-FRA
X-Storagegw-Request-Id: 20230727172337120958E397A30BB22DE6
Last-Modified: Thu, 27 Jul 2023 17:21:39 GMT
X-TT-LOGID: 20230727172337120958E397A30BB22DE6
X-Timer: S1691357429.641689,VS0,VE1
Etag: "CN+j9JOzr4ADEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Thu, 27 Jul 2023 17:23:38 GMT
Cache-Control: max-age=2592000
x-request-ip: fdbd:dccd:cdc2:1169:0:1f25::
x-response-cinfo: fdbd:dccd:cdc2:1169:0:1f25::
x-tt-trace-host: 0125a4de67c18649e935e2363c655e7f26dd0467c295c8111f3bd5ecf5793de221c24701e665d064ce6a622806c8afac8a56d211ecffd4c66bf9855172588830245f37ae266a0a3bed6f31c843e6dc598cd25af77af3faeacea7b6edc824ae36076d83de6b4a0970c3465a73a2cb25909f
Accept-Ranges: bytes
x-response-cache: edge_hit
X-Cache-Hits: 0, 0

GET
H/1.1 206
Partial Content /
v19-web-newkey.tiktokcdn.com/30d656afa29be17eb28e3627f2bbe80e/64d06590/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/oUNkTeIAEASCgR7WQQeSwZPnFbIW01TDDEBWCI/ Frame CB2D 112 KB
0 86ms
30ms Media
video/mp4 146.75.122.113
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://v19-web-newkey.tiktokcdn.com/30d656afa29be17eb28e3627f2bbe80e/64d06590/video/tos/useast2a/tos-useast2a-ve-0068c001-euttp/oUNkTeIAEASCgR7WQQeSwZPnFbIW01TDDEBWCI/?a=1988&ch=0&cr=0&dr=0&lr=tiktok_m&cd=0%7C0%7C1%7C0&cv=1&br=562&bt=281&cs=0&ds=3&ft=ApKJEBxTq8ZmoE-E-c_vj4VzLAhLrus&mime_type=video_mp4&qs=0&rc=OTw5MzU3OWY4O2c1ZDdmNEBpamU0PDQ6ZjRtbTMzZjczM0BiYS1fYi0wX18xMS5fXjIuYSMxaC0wcjRfMS1gLS1kMWNzcw%3D%3D&l=202308062130252D7E28BAA9F0A7877E24&btag=e00090000
Requested by: Host: www.tiktok.com
URL: https://www.tiktok.com/embed/@ragelskis.laurynas?lang=en-US&referrer=https%3A%2F%2Fldiena.lt%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.113 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

Expires: Mon, 22 Jan 2024 14:56:37 GMT
Date: Sun, 06 Aug 2023 21:30:28 GMT
Via: http/1.1 ats-prod-0 (va3 [cMsSfW]), 1.1 varnish, 1.1 varnish
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
Age: 974031
X-Cache: TCP_MISS, HIT, HIT
Content-Range: bytes 0-2247430/2247431
Connection: keep-alive
server-timing: inner; dur=62, cdn-cache;desc=hit, edge;dur=1
Content-Length: 2247431
X-Served-By: cache-iad-kiad7000111-IAD, cache-fra-etou8220099-FRA
X-Storagegw-Request-Id: 202307261456370100990721272FBE23F5
Last-Modified: Wed, 26 Jul 2023 14:54:34 GMT
X-Timer: S1691357429.641871,VS0,VE1
Etag: "CMes2rTQrIADEAE="
content-type: video/mp4
Access-Control-Allow-Origin: *
X-Storagegw-Response-Time: Wed, 26 Jul 2023 14:56:37 GMT
Cache-Control: max-age=15552000
x-tt-trace-host: 01e75e3edb6a7b979bf89b971734db38d78b6ed39d16479f3534c8bcd1cc5269dd63154d80bd83d159b5e4731caa3a765753ef8cc05b1617f82c4d9a30e8da447b4e588c318d99d5a5ddb45335f74996e5b03ac0c61d3b1810ff3167749a54384fe736c9422d9b479a5b923d69bb2067ddc7c3fe2826d6ac367947d1f78d43b98f0afaba551e54e29fe96a14391e349f0e
Accept-Ranges: bytes
x-response-cache: edge_hit
BD-Request-Id: 527188a8f99a5d2c0f8d802fc7ebbf4c
X-Cache-Hits: 3, 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5F82 436 B
233 B 564ms
563ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=2637385217&adf=2159359605&pi=t.ma~as.3133241803&w=336&lmt=1691357427&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425818&bpp=1&bdt=429&idt=706&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536%2C336x600%2C336x600%2C336x600%2C336x600&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=4764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&psts=AOrYGsnKCRAjV0XF-MCTIw9WPkH9Rri2EBlYTgNdPBN_Ua6hSYp_X7DZ6qiZGCCAwLtd6cvwWhp8mOMYGJv7ebmjuiwWNw%2CAOrYGskkhyz-2LVqY7VuOy-cFqWVDIhYJzKLTNfEKIaleHRy8QhjyUs2zBVFuArRJsYhywppDZleXRb2ZuL99jlFPF0m2Q%2CAOrYGskf9FhqwoTvjS_KdX14ivaD41r9R3yFKxT84Bdk5LqN5HKVPSZz2QGKapDyIPklZ_jVLfdWbkh0_vTc7YI0JPgI8Q&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=7&fsb=1&dtd=1896

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ef633c40e744950a8ea91bab702ed745cff821b502cca65f69fe8aa0c37f907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ 154 KB
52 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b24202bf3013faf2986cae439c2e2503e07f0cac462bef20ec39e3062b9cc79d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53490
x-xss-protection: 0
server: cafe
etag: 433218168189964893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:27 GMT

GET
DATA 200
OK truncated
/ Frame B870 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8eb1fbc5ffbbabcac168355e4104554264a63fa4ab82005b677bf4fa0de75361

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A288
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
62ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
expires: Sun, 06 Aug 2023 21:30:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6F23
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

72ms
71ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
expires: Sun, 06 Aug 2023 21:30:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B870 0
19 B 77ms
76ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPlZN8hDQZJjWE8b52gSglaO4BfKA-e5xrM6x4a0Ria_YrZI6EAEg1djaKWD74YWDnAqgAePAq8cDyAEJqQI1PdpABHeyPqgDAcgDywSqBMQBT9CHxe9gitt5ygkQvv6QfAoZOGB5dSIl8ow5OwRw88Mrzu7cKq3x9kX9UZNvmMbQBYiYR-40honL0zkYniNKQpOAIz3zpR2F91cNRK8F7GeC4JIUkCVGCIoloKDeCeuDQQV6xJ-hcN0B9PUbdXHpxjy1Mppu4fM34FqYdXFsF2i5G3XYrJTH1L_4RQzKxU8UlqMPvqfrkTK0n8zljUe4A5a7q9OVjZfPRvhc3hgiYYGizc_7qpwXjcqvNaq3K_nzd7Xu7cAEnb6rwZ8EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4W15COoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQnZYD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BML0BUBgBcBshccChoIABIUcHViLTE5NDI4NDQyNjExNDc3MzQYAA&sigh=Zk7RVp2VjHU&uach_m=[UACH]&cid=CAQSGwBpAlJWG1MrUfOoUY8H4jU5DFPShJUikW_j9BgB&template_id=494&cbvp=2&vis=1

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=280&slotname=8060429809&adk=3505500867&adf=449793871&pi=t.ma~as.8060429809&w=1150&fwrn=4&fwrnh=100&lmt=1691357426&rafmt=12&format=1150x280&url=https%3A%2F%2Fldiena.lt%2F&ea=0&fwr=0&fwrattr=true&rh=280&rw=1150&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425805&bpp=2&bdt=416&idt=348&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=354
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Aug 2023 21:30:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H/1.1 200
OK webid
mcs-va-useast2a.tiktokv.com/v1/user/ Frame 0
0 342ms
140ms Preflight 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/user/webid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 06 Aug 2023 21:30:28 GMT
Server: nginx
Server-Timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=5 inner; dur=2
X-Origin-Response-Time: 5,23.220.105.135
X-Parent-Response-Time: 92,104.126.37.158
X-Tt-Logid: 2023080621302767700FC0D8E57FF745F5
x-tt-trace-host: 01390a91106ae8311255a142e1747028c9f9672073f81585ff4daa0325de1f4069220a2838f6f77299da6ff4c80bef5ebe38bde798f96c60f7045bb2db3201b2074f3874a6fc73d3f7da417e07e2e4b45ce094f59a9d5d194d922ae8dc1cd3008508b5b37b798ae40f9cb9d5e3bf695228
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H/1.1 200
OK webid Show response
mcs-va-useast2a.tiktokv.com/v1/user/ Frame CB2D 58 B
895 B 131ms
130ms XHR
application/json 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/user/webid
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8042a928f3326bc4886dfe362b46bab8e78564bc5379e29cd7b5d99ecd32fd59

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
Server: nginx
X-Tt-Logid: 202308062130272532C6FB3D6C07F139A9
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 99,104.126.37.158
Cross-Origin-Resource-Policy: cross-origin
x-tt-trace-host: 01390a91106ae8311255a142e1747028c95f89b5a636dc506ee4fc5daf003de76533ce097285ae162072cdd0c1e56fdcffaae8c58b4ef4ceb8bfd7e6ffab252b837d3d9fcdb18e3c7dc9c6c7f9120334247229b9a6fef7a796708136921d82ecbc
Server-Timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=0, origin; dur=99
Connection: keep-alive
Content-Length: 58

GET
DATA 200
OK truncated
/ Frame A2ED 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3ffa9529361dca490a3fbf9bda3568762fd7509aedf9f4f2c5076497adea74f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1539 37 KB
14 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=1354547267&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425810&bpp=1&bdt=421&idt=518&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=4365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=522

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

GET
DATA 200
OK truncated
/ Frame E5FC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c43fd36c1817aca149ff0667ca6fe95665bfdc45a8850ace5c1b9e7a2e46f22

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 0
0 924ms
373ms Preflight
application/json 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 600
access-control-request-method: POST,GET,OPTIONS
bd-request-id: b2f464aa2a92b047a4031957df576393
cache-control: public, max-age=600
content-encoding: br
content-type: application/json; charset=utf-8
date: Sun, 06 Aug 2023 21:30:28 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=319, edge;dur=1
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1691357428671505
vary: Origin, Accept-Encoding
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1 https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com mon-va.byteoversea.com
x-tt-logid: 20230806213027147C1243FD42CC3D3879
x-tt-trace-host: 01390a91106ae8311255a142e1747028c932a141b6d48f039ed8502689786710dd1ef2661c6d2435062f1049eba331eebf7610bc5e79a2eebf3503153e492f0c813896e8c472272b25806e8912dfaf336072175386d2acc894cd9a8edcbd04f7c3af0adca08a148529ca818eec0074bbdf
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net api_gru3_external

GET
H2 200 browser-settings Show response
mon-va.byteoversea.com/monitor_web/settings/ Frame CB2D 1 KB
1 KB 776ms
711ms XHR
application/json 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=tiktok_web_embed&store=1

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

017d4d5bfadb9fba975f150968587f3cb46c17014a58de3230c77a15e912bda1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 06 Aug 2023 21:30:29 GMT
access-control-request-method: POST,GET,OPTIONS
content-encoding: br
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1691357429476661
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net, api_gru3_external
server-timing: cdn-cache;desc=MISS, inner; dur=1, origin;dur=322, edge;dur=1
server: Tengine
x-tt-logid: 202308062130282D710DE625D64738AFEB
x-outhost: mon-va.byteoversea.com, mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com, mon-va.byteoversea.com
access-control-max-age: 600
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|2|0, https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01390a91106ae8311255a142e1747028c9c3aaad7771a6f0e563dbdf7aeb96cbbf0d22a72e809905ecb70c2dc08f6aabb111978008f9aa2e4e1acdbb6efd686bb0bdd6b6fdf669cda1f948ff9a1c266b50905df9c5a7a83a2658592168fec952f8e175bfaf3c7fc7b0eb20bede88b99239
access-control-allow-headers: Content-Type
bd-request-id: 859d1f499528c372c7fb0735eda0d376

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A5C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

129ms
128ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:28 GMT
expires: Sun, 06 Aug 2023 21:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame C851 37 KB
14 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D758
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

108ms
107ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:28 GMT
expires: Sun, 06 Aug 2023 21:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E5FC 0
19 B 75ms
75ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_kMN8hDQZJb6KJHr2gSGtp6QCofEyoJykIjMr7wR3NkeEAEg1djaKWD74YWDnAqgAYeDv_cDyAECqAMByAPJBKoEyQFP0BKeJjVKyKqZl4IQDQvOPbDHZOnTO6DxYdX4B1OQZVoXMLpwP50_Qnp7B46oNOibaG7N3Xfpl6-WuIuA29kkNL4ucQWVIm_Bl5HPg9VfezyHpPqM57vaPjZkSQuUtOuK4xF4J_rA3wOHCnBpqCDtPsbJkxwRqziOz3P61tH8J2NP5C104ik2y0l1kvrx_4lyKIMrXjsCGf_ZsKDjBmlBXhV988gRh3OAwyWPpKB6S2kMtTxUWFFxgJd9eqRuFjGm1QaRDqY5oJfABJep29q2BJIFBAgEGAGSBQQIBRgEoAYCgAeroqEjqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnLgB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMM0BUBgBcBshccChoIABIUcHViLTE5NDI4NDQyNjExNDc3MzQYAA&sigh=fjoq8PwX-e8&uach_m=[UACH]&cid=CAQSSwBpAlJWLcSkCeqOM2jfhevTg7Epk-2ePdWNQmRu9FLLiSKtvf3CjZGbIX3HJf9q77bLk0_Rouzus3x57iaESjXXNHaQXbwVKZK7lxgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Aug 2023 21:30:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4AF2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

105ms
103ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:28 GMT
expires: Sun, 06 Aug 2023 21:30:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 devtools.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/ Frame CB2D 4 KB
3 KB 34ms
34ms Script
application/javascript 23.48.23.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/devtools.js?globalName=__PNS_RUNTIME__&__PNS_SW_CACHE__=1&__PNS_SW_CACHE_KEY__=to-json-schema
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/core.js?globalName=__PNS_RUNTIME__
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 5889af6
date: Sun, 06 Aug 2023 21:30:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: SBOqY3b5/4rueltCkuSr0w==
x-cache: TCP_MEM_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 1706
last-modified: Wed, 02 Aug 2023 03:34:27 GMT
opc-request-id: iad-1:n-vnxxPACOWv8i3JTSYYGCM2a7EkNOagloFpVLLt6dKm0VXX87y_xPJaJluov-gA
x-api-id: native
etag: 8f8dbfdc-a676-4e7b-9fc1-307c05a35f32
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: a555034d-c2e4-48e3-99ef-e2fd35574654
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:28 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 504F 37 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame 7B7D 10 KB
4 KB 29ms
29ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 11808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 18:13:40 GMT
etag: 12368291122986407432
expires: Sun, 20 Aug 2023 18:13:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame C9F6 10 KB
4 KB 30ms
29ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 11808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 18:13:40 GMT
etag: 12368291122986407432
expires: Sun, 20 Aug 2023 18:13:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame 896C 10 KB
4 KB 29ms
29ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 11808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 18:13:40 GMT
etag: 12368291122986407432
expires: Sun, 20 Aug 2023 18:13:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame 2222 10 KB
4 KB 30ms
30ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 11808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 18:13:40 GMT
etag: 12368291122986407432
expires: Sun, 20 Aug 2023 18:13:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CB2D 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H/1.1 200
OK /
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame 0
0 205ms
129ms Preflight
application/json 2.16.1.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vmweb-va.byteoversea.com/service/2/abtest_config/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 60
Content-Type: application/json; charset=utf-8
Date: Sun, 06 Aug 2023 21:30:28 GMT
Expires: Sun, 06 Aug 2023 21:30:28 GMT
Pragma: no-cache
Server: nginx
Server-Timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=4 inner; dur=2
X-Akamai-Request-ID: 24adec62.15f49b34
X-Cache: TCP_MISS from a2-16-1-22.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Cache-Remote: TCP_MISS from a23-220-105-147.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Origin-Response-Time: 5,23.220.105.147
X-Parent-Response-Time: 102,2.16.1.22
X-Tt-Logid: 20230806213027E1F94B9DD581A662B7AC
x-tt-trace-host: 01f0438ee55b2de7a90593cf520df7fd13e0d90854e1f997c754086f03a29de90a8042f146e63748ea0ddf75388d7ba727eafb40ab0026aab46a916c5f332701b14a97076bcf32de71528f17fcfbd5c32a5d4fbb0f5d3e81e469cd07891f7f21c4
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H/1.1 200
OK / Show response
vmweb-va.byteoversea.com/service/2/abtest_config/ Frame CB2D 553 B
2 KB 259ms
258ms XHR
application/json 2.16.1.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vmweb-va.byteoversea.com/service/2/abtest_config/
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 23162f6e2b9ad48c0c58da1ec5a40f250d5cfcb13f8ff666bb096502c4a44d63

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

X-Akamai-Request-ID: 24af0568.15f49bf6
Date: Sun, 06 Aug 2023 21:30:28 GMT
Content-Encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a2-16-1-22.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Parent-Response-Time: 103,2.16.1.22
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=12, inner; dur=9
Content-Length: 316
Pragma: no-cache
Server: nginx
X-Tt-Logid: 20230806213027D395DCCB2A75DE538A43
X-Cache-Remote: TCP_MISS from a23-220-105-147.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
X-Origin-Response-Time: 12,23.220.105.147
x-tt-trace-host: 01f0438ee55b2de7a90593cf520df7fd13e0d90854e1f997c754086f03a29de90a8042f146e63748ea0ddf75388d7ba7277f7cf8408c203537f3d99fc0756dce08ba891345d449fa18d4f43a073892b3824645fc65f071336a3cfe3a4417f50da0
Vary: Accept-Encoding
Access-Control-Allow-Headers: Content-Type,Content-Length, Authorization, Accept,X-Requested-With
Expires: Sun, 06 Aug 2023 21:30:28 GMT

GET
H/1.1 200
OK resource Show response
mssdk-va.byteoversea.com/web/ Frame CB2D 223 B
2 KB 407ms
311ms XHR
application/json 104.126.37.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.byteoversea.com/web/resource?eq=zEj2bDdvtNPgmrVRGFXfgaUsM5J1kX6Q0m0jsbIvE7fPrhtnGPRg7z9isHPFGfLmIYydumVgi/HieMVehtjVuaFvEBGz
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.168 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-168.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6ecea49eb907310bd16815035674ca95dd8e466b6f8625c0575b6e66f5af0f64

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-Akamai-Request-ID: f422bc2.65adcd64
Date: Sun, 06 Aug 2023 21:30:28 GMT
Content-Encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a104-126-37-164.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
X-Parent-Response-Time: 215,104.126.37.164
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=179, origin; dur=45, inner; dur=40
Content-Length: 230
X-Ms-Token: 17498dylL5nbJz5nWGiYytDhWdaMxRrGBeuVFpW9v82Zsixp1neTCBON8in60CxI-puhHXO4_Rr0nEas-HIzwSNBWRWK_ATi41PjCQJScn0=
Pragma: no-cache
Server: nginx
X-Tt-Logid: 2023080621302771DD33C96A4D6939A46B
X-Cache-Remote: TCP_MISS from a23-220-105-151.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 45,23.220.105.151
x-tt-trace-host: 01390a91106ae8311255a142e1747028c9e9d9db06a32e5d5fe7be68ee055a20ee3716c725914c91123fc089cd8a67bf1bcb455f9632b57721f51915cd111d9a45178a70e96aa1a2d0584c32670a6320bdc718c15746617fda99993c7510e149c05ecd62a6fec14b441cf7139305afebe0
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Sun, 06 Aug 2023 21:30:28 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 7B7D 4 KB
671 B 36ms
36ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Aug 2023 21:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 21:06:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Aug 2023 21:30:28 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7B7D 205 B
520 B 26ms
23ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 20:49:19 GMT
x-content-type-options: nosniff
age: 175269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 03 Aug 2024 20:49:19 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7B7D 604 B
695 B 27ms
24ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 14:58:11 GMT
x-content-type-options: nosniff
age: 23537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 05 Aug 2024 14:58:11 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame 7B7D 15 KB
6 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 18:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6416
x-xss-protection: 0
server: cafe
etag: 10587074671346547413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 18:00:51 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame 7B7D 20 KB
8 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 13:56:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8604
x-xss-protection: 0
server: cafe
etag: 15357628606984112601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 13:56:19 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DDE 37 KB
14 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=536&slotname=2644343088&adk=1208373036&adf=725530890&pi=t.ma~as.2644343088&w=760&lmt=1691357426&rafmt=11&format=760x536&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425809&bpp=1&bdt=420&idt=423&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1150x280%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=225&ady=2892&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame C9F6 2 KB
897 B 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame C9F6 23 KB
9 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame C9F6 3 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame C9F6 20 KB
8 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9F6 179 KB
56 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:28 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame C9F6 33 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 896C 2 KB
897 B 48ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 896C 23 KB
9 KB 46ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 896C 3 KB
1 KB 46ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 896C 20 KB
8 KB 47ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 896C 179 KB
56 KB 48ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:28 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 896C 33 KB
14 KB 34ms
30ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H3 200 2ae469cc10e29b7bd733e737170d4c36.js Show response
www.gstatic.com/mysidia/ Frame 2222 9 KB
4 KB 48ms
25ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ae469cc10e29b7bd733e737170d4c36.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3e6ec11bb876d43db91a92fc49c6e93ff5ee9b735f45aa758f95d3bdc54884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 20:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3928
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 20:26:44 GMT

GET
H3 200 a6ee089312df5653d2fa7f271076db81.js Show response
www.gstatic.com/mysidia/ Frame 2222 9 KB
4 KB 51ms
29ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6ee089312df5653d2fa7f271076db81.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04ef638f6dbee1ba0b4b94860aebd2767dd9a249f118a72265810ab146bb8d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 21:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4173
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 29 Oct 2023 21:29:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 2222 2 KB
897 B 49ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 2222 23 KB
9 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 2222 3 KB
1 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 2222 20 KB
8 KB 48ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2222 179 KB
56 KB 57ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:28 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 2222 33 KB
14 KB 47ms
28ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame ABCE 37 KB
14 KB 45ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

OPTIONS
H2 204 /
mon.tiktokv.com/monitor_browser/collect/batch/ Frame 0
0 464ms
364ms Preflight 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon.tiktokv.com/monitor_browser/collect/batch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:29 GMT
server: nginx
server-timing: cdn-cache; desc=MISS, edge; dur=243, origin; dur=13 inner; dur=3
x-akamai-request-id: 3217fa4c.977589e
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-cache-remote: TCP_MISS from a23-43-56-173.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-origin-response-time: 13,23.43.56.173
x-parent-response-time: 256,23.54.206.24
x-tt-logid: 2023080621302857BE8384B49E1359482C
x-tt-trace-host: 01f0438ee55b2de7a90593cf520df7fd13f9292b13ed5472cda069b5abb6f720b99034cc3161053cf984924b156d5c0c453633f9919545175fc33e7206c9bc8d6eb61794e73b3c3831034833b1abe15a95587fe97659fd9a817e51d4c24c5be7ca
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

OPTIONS
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 0
0 155ms
151ms Preflight 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 06 Aug 2023 21:30:28 GMT
Server: nginx
Server-Timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=1, origin; dur=92
X-Origin-Response-Time: 92,104.126.37.158
X-Tt-Logid: 20230806213027ABC43D16AF9CE71EB13F
x-tt-trace-host: 01390a91106ae8311255a142e1747028c95f89b5a636dc506ee4fc5daf003de76533ce097285ae162072cdd0c1e56fdcff3216661fb03e01d53728185d5e9a0bd4d9b3cbefcae2c2d378dba2bb123a29cdc78d3573e36e23e2f29240d6e558aed2
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame EA07 37 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1942844261147734&output=html&h=600&slotname=3133241803&adk=1506163563&adf=1108019324&pi=t.ma~as.3133241803&w=336&lmt=1691357426&format=336x600&url=https%3A%2F%2Fldiena.lt%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691357425816&bpp=1&bdt=427&idt=680&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3c2c5c93504950ec-22a9bc444cde0049%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q&gpic=UID%3D00000c5007ac9850%3AT%3D1691357426%3ART%3D1691357426%3AS%3DALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ&prev_fmts=0x0%2C1150x280%2C760x536%2C760x536%2C760x536&nras=1&correlator=5387892940746&frm=20&pv=1&ga_vid=653081757.1691357426&ga_sid=1691357426&ga_hid=1293457872&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=861&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076482%2C31076512%2C42532335%2C31076448%2C21065724&oid=2&pvsid=3895628823320357&tmod=141899847&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=12&uci=a!c&fsb=1&dtd=684

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

POST
H2 204 /
mon.tiktokv.com/monitor_browser/collect/batch/ Frame CB2D 0
0 141ms
141ms Fetch
application/json 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon.tiktokv.com/monitor_browser/collect/batch/
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: application/json

Response headers

x-akamai-request-id: fbefde9.9775925
date: Sun, 06 Aug 2023 21:30:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-parent-response-time: 116,23.54.206.24
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=34, inner; dur=3
server: nginx
x-tt-logid: 202308062130284A5744E387FD4456308F
x-cache-remote: TCP_MISS from a23-43-56-102.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-origin-response-time: 34,23.43.56.102
x-tt-trace-host: 01f0438ee55b2de7a90593cf520df7fd13f9292b13ed5472cda069b5abb6f720b9f035fc87752e8e14185621aff7f7f21e72767e28f6724025c41a371d1cce5e1e7c7048879ab88d50693c15bb13dc650a034bce915415c9958f2c143539494716a181253a3a459629487e079e1708dec4
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV

POST
H/1.1 200
OK list Show response
mcs-va-useast2a.tiktokv.com/v1/ Frame CB2D 21 B
941 B 524ms
523ms XHR
application/json 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sun, 06 Aug 2023 21:30:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
Cross-Origin-Resource-Policy: cross-origin
Server-Timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=114
Connection: keep-alive
Content-Length: 21
Pragma: no-cache
Server: nginx
X-Tt-Logid: 202308062130282532C6FB3D6C07F13A2F
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 114,104.126.37.158
x-tt-trace-host: 01390a91106ae8311255a142e1747028c95f89b5a636dc506ee4fc5daf003de76533ce097285ae162072cdd0c1e56fdcffaae8c58b4ef4ceb8bfd7e6ffab252b83ac7905aaf49290b0847c000112666f7fadfd680b477f4757653df87858b444f9
Expires: 0

GET
H2 200 TikTokFont-Regular.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame CB2D 55 KB
56 KB 246ms
167ms Font
font/woff2 193.108.153.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokFont-Regular.woff2?_default_font=1&v=2
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 2d68e200
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: /fJgDZBaD6oGDWkeAhLhpw==
x-tt-trace-id: 00-efba2c30105c8f66657e4d060282049c-efba2c30105c8f66-01
x-cache: TCP_MEM_HIT from a23-54-206-21.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length: 56492
x-tos-request-id: 53b6d455f238e56b6455f238-af54d2d
x-tos-response-time: Sat, 06 May 2023 06:22:48 GMT
last-modified: Fri, 05 May 2023 11:48:04 GMT
server: nginx
x-tt-logid: 2023050606224784E5D1FB585CF87BF7AF
etag: CNHJjeWN3v4CEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1831666
access-control-allow-credentials: false
x-tt-trace-host: 01c552f39abfd8b5dc951657f40ed0317f64d42228e4b044d40772ddde881da0ec648510a07c12ab1f93d2587c09c486772ab2cffe77c6ef681d30a40f4060e38b18b5b5573d564a9ef4534e5f5a264d6f3caa7c40682ebfa05b0f6898354428e24ef105190a5a7b38b67884e7748186fbe293b618d11ad621fbd802c5799e0bce
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 TikTokDisplayFont-Bold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame CB2D 57 KB
58 KB 247ms
167ms Font
font/woff2 193.108.153.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokDisplayFont-Bold.woff2?_default_font=1&v=2
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e4dd3bb15ae6492d5ddff59e08075a6023463b82cfe6c284470fec0d86fe52ae

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 2d68e201
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: JqGJHyctwX9axpqM/eKZHQ==
x-tt-trace-id: 00-efba27ce106296fa2b7e0ec601d2049c-efba27ce106296fa-01
x-cache: TCP_MEM_HIT from a23-54-206-21.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 58828
x-tos-request-id: a59baa55f2380d766455f238-af54b11
x-tos-response-time: Sat, 06 May 2023 06:22:48 GMT
last-modified: Fri, 05 May 2023 11:48:04 GMT
server: nginx
x-tt-logid: 20230506062247BE9AE11EE051B992B99C
etag: CPm5i+WN3v4CEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=963491
access-control-allow-credentials: false
x-tt-trace-host: 01e067de3ea1aa39a880550a4b750cf9c089abbf94eed3558e893d6ff355ac22e78752d90f1131bbda7f19fd6bd62060b00a214ad3b0bd9669f4cb0ca70342ace7116b15f79f9c1b98cab2f6465b77a4247afbbc2bd4fc009a99c6d0f6ffc12a10720d9fd1008450a992c54e71cd45006567bdbe6c865ec7e358c7d07b5bd3b95a
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 TikTokFont-Semibold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ Frame CB2D 56 KB
57 KB 246ms
166ms Font
font/woff2 193.108.153.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/TikTokFont-Semibold.woff2?_default_font=1&v=2
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 2d68e202
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: z9iG4cqEmn+OJgB2PyNteA==
x-tt-trace-id: 00-efba2a8d1060eab31e6c95c602d6049c-efba2a8d1060eab3-01
x-cache: TCP_MEM_HIT from a23-54-206-21.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status: TCP_HIT
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=5
content-length: 56968
x-tos-request-id: 1dc7db55f2377ad26455f237-af54405
x-tos-response-time: Sat, 06 May 2023 06:22:48 GMT
last-modified: Fri, 05 May 2023 11:48:04 GMT
server: nginx
x-tt-logid: 2023050606224795819C54D0949B685230
etag: CJzWjeWN3v4CEAE=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1963893
access-control-allow-credentials: false
x-tt-trace-host: 013ab5c6e35edce4c8480d5404b045d49f2c5e087b395f46baaf2f7bb2d1d7d1b4ec59d6f105336bf47482acc401687df0657224363ceda31fb1b0e7367fc72feb699f38c0cacaa3984fbace91fc7ef4f0ca399a6d945d9ef6efd11bf8c33653fd1e3ca18d4999a6fb3660f04fd6bdd2709834a63ea333f017f5f9cad87236ca7c
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 oUGzfBXueEFdTH0PEB0ahtiEP3zHkIAEFD5RQs
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 116 KB
117 KB 78ms
76ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oUGzfBXueEFdTH0PEB0ahtiEP3zHkIAEFD5RQs?x-expires=1691377200&x-signature=COBhH2p6Pdac1u%2FYYEZuQVlgx2g%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 027bc31f43449cdbbe3a18770745f06f32ae71ccfb0f16fb46ae31f0d3dd075b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 208a5ccb
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 20230806180657A50E719619985260E5645lzdh31df
x-powered-by: ImageX
x-cache: TCP_HIT from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 20,23.54.207.29
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=45
x-length: 119249
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 119249
last-modified: Sun, 06 Aug 2023 18:06:58 GMT
server: nginx
x-tt-logid: 20230806180657A50E719619985260E564
x-response-date: Sun, 06 Aug 2023 18:06:58 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-06T18:06:58.336483345Z 39
x-request-ip: fdbd:dccd:cdc2:1169:0:1de7::
cache-control: max-age=31523859
x-response-cinfo: fdbd:dccd:cdc2:1169:0:1de7::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 0191924fc514ffae22ffdac572c7638243a16e9e448da6aca0f34c20bd122c245bcbf7d479bf9099bab35b0f80525e7c6efc279987aa539d2df34ca691e9230f439fe92e83aaa7d358e8c0601f59edb424e07f639c3317a9764848dfcf9081b193633922bada70b2192d38db74c1254c7335d05ed257104c3915a8401ee676cc14

GET
H2 200 ok0jbmHOmeyhzaeqI4rYfHgQP2AN4GDeyEDJvg
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 63 KB
64 KB 78ms
75ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ok0jbmHOmeyhzaeqI4rYfHgQP2AN4GDeyEDJvg?x-expires=1691377200&x-signature=9Th%2FIUd1sHICsIp7d%2BseUt0siyE%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 3519120aab26baf977cbc85931a43758d555befe3373af03135dd5ad88a9bd9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 208a5ccc
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 202308042253050BB061A405762FAD90F5h92kk31df
x-powered-by: ImageX
x-cache: TCP_HIT from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 9,184.27.176.18
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=HIT, edge; dur=4, inner; dur=51
x-length: 64537
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 64537
last-modified: Fri, 04 Aug 2023 22:53:06 GMT
server: nginx
x-tt-logid: 202308042253050BB061A405762FAD90F5
x-response-date: Fri, 04 Aug 2023 22:53:06 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-04T22:53:06.584645255Z 46
x-request-ip: fdbd:dccd:cdc2:1104:0:1cc7::
cache-control: max-age=31368239
x-response-cinfo: fdbd:dccd:cdc2:1104:0:1cc7::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 011e92ba2cce2c80104f2738c8b4f69bc756e3dbf66f87177cf8eb5b0756dc19d5c038244d41bedb632afd150bbdcc56f037d80d95b90ad9e68fff94d6a8178a6b5e4a2ebcdbeda792fbbf8945d5168c6e620290a268116215fa8b49d67f44fec98f3546cd4a05c031f2033b97cdd718ebc4f2818a9b95e6c2f95ff4dfc7fcf872

GET
H2 200 oMfcQQ81QYPLQN8zDFnAgyzjRRkQfBcE8PDKbc
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 95 KB
96 KB 79ms
76ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oMfcQQ81QYPLQN8zDFnAgyzjRRkQfBcE8PDKbc?x-expires=1691377200&x-signature=HgOvogwHnHojCgzO69UyBOvA%2FY4%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 79eec51829f5a6a4d36c76a1821bdbd0de118b417b6901c1610c9cf998d731c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 208a5ccd
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 202308041346013173C57D0761DE8739BD47qsk31df
x-powered-by: ImageX
x-cache: TCP_HIT from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 5,23.204.146.37
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=HIT, edge; dur=6, inner; dur=52
x-length: 97345
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 97345
last-modified: Fri, 04 Aug 2023 13:46:02 GMT
server: nginx
x-tt-logid: 202308041346013173C57D0761DE8739BD
x-response-date: Fri, 04 Aug 2023 13:46:02 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-04T13:46:02.402313357Z 46
x-request-ip: fdbd:dccd:cdc2:1104:0:1c29::
cache-control: max-age=31335278
x-response-cinfo: fdbd:dccd:cdc2:1104:0:1c29::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 013a4f4d8927761f39bfae6f976bf67c32477e8f316145fb69b67bf7767f46c081792cbb9a6d1b87ed925750643bf45498e4f06db9719839d16bdf9f1c42e1c119c79219c939955b45b3cd6346f52dfb4004f3c5ade8ffaaf6d6ccc179a20d4cd8e3c703b689089aca44390f4bd301bd590bcf4c55f319f7b89d6f74552e430fa1

GET
H2 200 oMlLKitZnIjvfKQnAKeAPhRRxBb8klDEDhQsEy
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 38 KB
39 KB 120ms
117ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oMlLKitZnIjvfKQnAKeAPhRRxBb8klDEDhQsEy?x-expires=1691377200&x-signature=%2FNNZOaxh2htQtQdjJ47i7JE2PwE%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 72a81bfc713e54dc2126f0cf578f441fdbb3b8b63cc4990672a1b20bb071a549

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 208a5cce
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 20230802100959D633BA4BE001011F5D44whtc931df
x-powered-by: ImageX
x-cache: TCP_HIT from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 19,23.54.207.43
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=HIT, edge; dur=7, inner; dur=3
x-length: 38488
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 38488
last-modified: Wed, 02 Aug 2023 10:10:00 GMT
server: nginx
x-tt-logid: 20230802100959D633BA4BE001011F5D44
x-response-date: Wed, 02 Aug 2023 10:10:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-02T10:10:00.93667136Z 45
x-request-ip: fdbd:dccd:cdc2:1169:0:1ead::
cache-control: max-age=31149671
x-response-cinfo: fdbd:dccd:cdc2:1169:0:1ead::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01d99adba83f642305402328146e9c84bb0329f05bda1f77988622290ee0087824ef94d52683f6412d45b011f746505d3d4b816050c54fa225c07f23840877439453ac0fa26923d0826d9d94d44b7d589c592f6d2ed42f62afc365ed114609b74a6e660a2c755606d8819927035d4ab45ba0e4c355617c4c8fa5a1c81cd99fd248

GET
H2 200 adc13e61faca4dd79d8764c5dd0896c2_1690897364
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 342 KB
343 KB 78ms
75ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/adc13e61faca4dd79d8764c5dd0896c2_1690897364?x-expires=1691377200&x-signature=ewQE4U9Gu13LFiigttpcuR17OQ8%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 4d52f809cf301db31ff122cb4514227850b1f3b5f81f09dadacc8aae3f3315f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 208a5ccf
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 20230801134916A0349D213CCEC0AAA7AEm4czl31df
x-powered-by: ImageX
x-cache: TCP_HIT from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 18,23.201.44.191
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=108
x-length: 349834
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 349834
last-modified: Tue, 01 Aug 2023 13:49:17 GMT
server: nginx
x-tt-logid: 20230801134916A0349D213CCEC0AAA7AE
x-response-date: Tue, 01 Aug 2023 13:49:17 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-01T13:49:17.169224016Z 103
x-request-ip: fdbd:dccd:cdc2:1175:0:35d::
cache-control: max-age=31076315
x-response-cinfo: fdbd:dccd:cdc2:1175:0:35d::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 01320bea42ba95e07d8d25822272ebce4c6acceded5b7e0fb905d457bc8c297e4e30c4a50bf3849297a9efac6f26de97dca104d09b10335e9e70d12ae683deb6de9269dc4b3cd044faba32557c2be0a827959ca47936eb50a8b6e9e21988eb899ba0144832cb39a8f64fb5d915104e3556a872aaef605999d7d31748c5d10eb2f3

GET
H2 200 oUjxPEIInLSbRBGWQDbOABBTeeEnRkDEccLROF
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 81 KB
82 KB 160ms
158ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oUjxPEIInLSbRBGWQDbOABBTeeEnRkDEccLROF?x-expires=1691377200&x-signature=2ubn%2F8NIpZNg%2BEGWIbjFsgFOymU%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: c3502a6625d5c848d5519bd1c93527d9227d2840415ca8717c81e6f9b10c2d33

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 208a5cd0
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 20230806112134A6E5A523C5DBD2345EBF6nbmt31df
x-powered-by: ImageX
x-cache: TCP_HIT from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 13,23.55.62.47, 8,23.54.207.40
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=HIT, edge; dur=32, inner; dur=99
x-length: 83256
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 83256
last-modified: Sun, 06 Aug 2023 11:21:35 GMT
server: nginx
x-tt-logid: 20230806112134A6E5A523C5DBD2345EBF
x-response-date: Sun, 06 Aug 2023 11:21:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-06T11:21:35.671024902Z 86
x-request-ip: fdbd:dccd:cdc2:11ee:0:fc4::
cache-control: max-age=31499429
x-response-cinfo: fdbd:dccd:cdc2:11ee:0:fc4::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 01957cb0357afb20262435d46b37ca82e96307f0e6fbdc9b194884933637f89ef2a23cd1d3fd0844ef4356f205ec9e54c97f9070d802590e51859fe0343d54958e214202cb229ec3282fb2355be74e361b943e1272c54824128f9a457570d0ff521ea51905012640884ecb27fe80250b46

GET
H2 200 ooQFgEDeRfFwAonkv8ORboEmAkGEJDtQPFvBBC
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 75 KB
76 KB 158ms
156ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ooQFgEDeRfFwAonkv8ORboEmAkGEJDtQPFvBBC?x-expires=1691377200&x-signature=PH5BnhmBZyLFlSL%2FbkDwbyHmMLQ%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 25fb2ec3af1063d8a82deb558578549677bda5638f2d1bd1883320ed1b7edc1d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 208a5cd1
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 202308061808225C8056A2553B68B7026768mm831df
x-powered-by: ImageX
x-cache: TCP_HIT from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 8,23.204.146.22
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=HIT, edge; dur=21, inner; dur=4
x-length: 77297
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 77297
last-modified: Sun, 06 Aug 2023 18:08:23 GMT
server: nginx
x-tt-logid: 202308061808225C8056A2553B68B70267
x-response-date: Sun, 06 Aug 2023 18:08:23 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-06T18:08:23.347711174Z 46
x-request-ip: fdbd:dccd:cdc2:1175:0:3bc::
cache-control: max-age=31523840
x-response-cinfo: fdbd:dccd:cdc2:1175:0:3bc::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01f0e59eedcc6d8bbebdc99bfa944ff125ef73d9f78b0c4ef10bcea277ec7de44c5f0ecc11f4edbeb79b53b7889cf979d7b6aed8f325ec3bba4226828ed80542fbfa3849f11146ef1f4d31134d5405fe6cbbdad260b9d3109fb5cde4fe42ac28b37faf94deed59f676e7cf46a9d0c78602d69d0dc8db71990bd84894abbb2cfa88

GET
H2 200 oIKG7gJQCuqnRE9pgee3UbDIeIAjfChUJ2DXwI
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 88 KB
89 KB 91ms
88ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/oIKG7gJQCuqnRE9pgee3UbDIeIAjfChUJ2DXwI?x-expires=1691377200&x-signature=N0PvcID0iaVAwnHPCuQGC2dkBOc%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 415d84b4223609d354a1c6a3b30025c375caa356c4f79e754e3a0c9343373412

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 208a5cd2
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 20230727172320DF70A358C0A9900A5581cffxk31df
x-powered-by: ImageX
x-cache: TCP_HIT from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_MISS
x-parent-response-time: 18,23.54.207.4
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=HIT, edge; dur=9, inner; dur=41
x-length: 90591
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 90591
last-modified: Thu, 27 Jul 2023 17:23:21 GMT
server: nginx
x-tt-logid: 20230727172320DF70A358C0A9900A5581
x-response-date: Thu, 27 Jul 2023 17:23:21 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-07-27T17:23:21.30050869Z 37
x-request-ip: fdbd:dccd:cdc2:137d:0:2::
x-origin-response-time: 59,23.222.242.166
x-response-cinfo: fdbd:dccd:cdc2:137d:0:2::
imagex-fmt: jpeg2jpeg
x-response-cache: miss
timing-allow-origin: *
x-tt-trace-host: 0103ac0e460e77f2ba07101469c632b53f757d5dd50ea0279d46a45bf8441863fc24f19d418a8d1567bb7a26451c5690e555b58ef8419917a420f8dc7cde6c20e5df19780041683d520c56e6d17101cbfd837dd3b137c501ccf13124242378923d3a8700eef086615e27ff14b9b04526287baf4eabbea4083501ec78402fcc0483
cache-control: max-age=30657136

GET
H2 200 o4IyCA02TPCeADQkGwebDBQRWZzmISINRDnCEF
p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/ Frame CB2D 66 KB
67 KB 112ms
110ms Image
image/jpeg 23.32.238.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p16-sign-useast2a.tiktokcdn.com/obj/tos-useast2a-p-0037-euttp/o4IyCA02TPCeADQkGwebDBQRWZzmISINRDnCEF?x-expires=1691377200&x-signature=vlSNRbrTn3YiTa4r00GS3uSI9xg%3D
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-51.deploy.static.akamaitechnologies.com
Software: nginx / ImageX
Resource Hash: 9d8b10a0e33ef1202866a7045430ecc81a217a22be16569a4b528347bba6a8bb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 208a5cd3
date: Sun, 06 Aug 2023 21:30:28 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
nw-session-id: 20230806112244771F98F808F3243E13B9nwkrl31df
x-powered-by: ImageX
x-cache: TCP_HIT from a23-32-238-47.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-bdcdn-cache-status: TCP_HIT
x-parent-response-time: 8,184.27.176.15, 114,23.54.207.18
cross-origin-resource-policy: cross-origin
akamai-mon-iucid-del: 1085673
server-timing: cdn-cache; desc=HIT, edge; dur=15, inner; dur=3
x-length: 67376
x-real-cdn-host: p16-sign-useast2a.tiktokcdn.com
content-length: 67376
last-modified: Sun, 06 Aug 2023 11:22:45 GMT
server: nginx
x-tt-logid: 20230806112244771F98F808F3243E13B9
x-response-date: Sun, 06 Aug 2023 11:22:45 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-08-06T11:22:45.335465237Z 76
x-request-ip: fdbd:dccd:cdc2:137d:0:14d::
cache-control: max-age=31499592
x-response-cinfo: fdbd:dccd:cdc2:137d:0:14d::
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 01e12cb53aaf2f7a76258fee114c4381c48670a808ca5a5ca0ba72b19a33a1cecd8cae29b4c155eee39a2d231063b95c95d4bfb7ccffffcc8cfc02611a3a83a9d7b643b1a8ad9e584c569f9ffa138a4443f6a9789dfec24cdada3300401a892cfcee7464c37541a4069c7c04122f18e5e4ae4b4c5c1c7c79d023cd4e60b8024bf4

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 4065 2 KB
897 B 58ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 4065 23 KB
9 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3A10 143 B
166 B 57ms
57ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 4065 3 KB
1 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 11:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 11:25:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 4065 20 KB
8 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 12:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30685
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 12:59:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4065 179 KB
56 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Aug 2023 21:30:28 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 4065 33 KB
14 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H2 200 common-monitors.1.8.2.js Show response
sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/ Frame CB2D 20 KB
9 KB 331ms
25ms Script
application/javascript 193.108.153.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/plugins/common-monitors.1.8.2.js
Requested by: Host: sf16-short-va.bytedapm.com
URL: https://sf16-short-va.bytedapm.com/slardar/fe/sdk-web/browser.maliva.js?bid=tiktok_web_embed&globalName=SlardarWeb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a7837ef50c4e0f020f85c0e2c65d2adea8c04572ff75f615ffe1fb63eebe7132

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 32c0f748
date: Sun, 06 Aug 2023 21:30:29 GMT
content-encoding: br
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 3sjW9GSXqca03/TiN8q+XQ==
x-tt-trace-id: 00-955e7bd71062007671845046066204d1-955e7bd710620076-01
x-cache: TCP_MEM_HIT from a23-54-206-29.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 7763
x-tos-request-id: b2ac4cc1e2d1f19064c1e2d1-abf365a
x-tos-response-time: Thu, 27 Jul 2023 03:21:53 GMT
last-modified: Wed, 19 Jul 2023 07:47:05 GMT
server: nginx
x-tt-logid: 20230727032223DD45F381124EABB8AF80
etag: W/"CIaGn+ejmoADEAE="
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300
x-origin-response-time: 87,23.201.44.191
access-control-allow-credentials: false
x-tt-trace-host: 01b8294c439316d1decdfb8be614095102fe0bb2994e8c15272e95d8638b879018c333c4633558ad6a4841eb513786d8b3d390d2f8adcbf9faab9d8f5ba31f9ba96225d966cf8716759d0721872e711ce12e8f8ebb2c5216d8f1b311304d68689227ecc1a091339a9eb1df72641e1c3ead3d648d63c8662db274bba952e9c399bb
timing-allow-origin: *
access-control-allow-headers: *
expires: Sun, 06 Aug 2023 21:35:29 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2222 33 KB
33 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 06:16:50 GMT
x-content-type-options: nosniff
age: 141218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 06:16:50 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2222 19 KB
19 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjwUvaYr.woff2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 07:27:52 GMT
x-content-type-options: nosniff
age: 223356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19700
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 07:27:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9C8 143 B
166 B 49ms
45ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1333
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2222 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c3dcce94b9583dcb52fce641103e074da349da0ce7faf8d38cd39f14dd7a829

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B870 42 B
64 B 112ms
61ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF9pNSn1W6Eq7Z6tKrvBN1P37cAMoIhCN2PJDcqkF8iBOGQ3ghZY-VZkloB41EwIyLt6eUFdJ3lHIlksqhd3O0O4Y19qpOT7PWY9DatmiBkDtWi52qksDhx-9pe5gPbcjZWMjSfeyR3Bl8&sai=AMfl-YRseQBQOfe5A1J66naDDmwToUn4Q2hP-PWvKnJ_tFu3ACNZ45Rtv9sLSm5dd7nzUadVw_-eBFRmcYHy&sig=Cg0ArKJSzAhIssxDjIU-EAE&cid=CAQSGwBpAlJWG1MrUfOoUY8H4jU5DFPShJUikW_j9BgB&id=lidar2&mcvt=1169&p=0,0,280,1150&mtos=1169,1169,1169,1169,1169&tos=1169,0,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3505500867&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691357426160&rpt=1646&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webmssdk_ex.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/ Frame CB2D 409 KB
130 KB 27ms
26ms Script
application/javascript 23.48.23.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/webmssdk_ex.js
Requested by: Host: sf16-secsdk.ttwstatic.com
URL: https://sf16-secsdk.ttwstatic.com/obj/rc-web-sdk-gcs/webmssdk/1.0.0.460/webmssdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3092d518851dbfb0f62fb54828de6377929d8280e0037d11b1c9c3931a1089d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 588a3c9
date: Sun, 06 Aug 2023 21:30:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: JOY5i10QgUHN/Pm1oN7JQg==
x-cache: TCP_MEM_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-parent-response-time: 13,23.33.32.244
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 132588
last-modified: Fri, 16 Jun 2023 05:21:54 GMT
opc-request-id: iad-1:4v8yN94Krvu21A_UsHSXUfiyYBd8Zqh_suW2OY39t5Tqt7S-zCMA7ZikOf0oQFRj
x-api-id: native
etag: e40a7621-2775-455f-b406-bb1cc47ba38c
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: 95f3a350-ab1d-468d-b639-5b320546947c
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:29 GMT

POST
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame CB2D 0
0 212ms
148ms Ping
application/json 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.6809f8f65ab9d683e231.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame CB2D 0
0 186ms
122ms Ping
application/json 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/tiktok-embed.module.6809f8f65ab9d683e231.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/embed/static/images/fullProfile-7e8cead262d90a2c7a720b579e6f15cf.png
Requested by: Host: ldiena.lt
URL: https://ldiena.lt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a97d688e7c8d57e612cc4f2aa9b178f8d4bd3da083af25fd634be351222e1906

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.tiktok.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 588a581
date: Sun, 06 Aug 2023 21:30:29 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: fozq0mLZCix6cgtXnm8Vzw==
x-cache: TCP_MEM_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 2991
last-modified: Thu, 20 Jul 2023 03:27:34 GMT
opc-request-id: iad-1:6MEFDv0pK_vGOTtfJED2g7ITrzq0XA9VeK5f_l19DCgpkShsPsrKneTxALGU04gy
x-api-id: native
etag: baaa2b8a-fb86-43d6-b9ba-62924e69a2a8
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: image/png
version-id: 9d73d101-952e-4a51-a73c-f6fa893e476f
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E5FC 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv31Fws46OmucmXN1dJCeLri-RnatlYkkWhWDNrDLeEjL1KQYN4f8GGPDHY-V1cq_hAW7xBUuYK2qnJAkC5P0HYLoLoiDwDDVFVUSBJ9FGc2iSAK3t2PMUyjNbgEkpKmoEvFbZ2WBDAUILW&sai=AMfl-YQj3_Lg9R4RRxLcQ1F7ojXSAXppCanEjDTfkkIByoydIRGAlEKdr6WNA8oe3bbNbC-IuAz4mNefIpnbEw1jDAAux9cfJfmVaN7RPnjkDNOfp2j6ytnCb4S5IpBogWoYsEXDQz9Ct7X4rz17&sig=Cg0ArKJSzCY5aME2iktAEAE&cid=CAQSSwBpAlJWLcSkCeqOM2jfhevTg7Epk-2ePdWNQmRu9FLLiSKtvf3CjZGbIX3HJf9q77bLk0_Rouzus3x57iaESjXXNHaQXbwVKZK7lxgB&id=lidar2&mcvt=1150&p=0,18,600,318&mtos=0,0,1150,1150,1150&tos=0,0,1150,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=0.56&if=1&vu=1&app=0&itpl=4&adk=1506163563&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691357426501&rpt=1596&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame A0CC 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2222 0
19 B 68ms
68ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQdok8hDQZN3aEfCz29gPqZOWgAefyKnwcfK31KDXAdzZHhABINXY2ilg--GFg5wKoAG-9frHA8gBAakCNT3aQAR3sj6oAwHIA8sEqgTVAU_QJmM-f67S9xzuc4QcbOAqQspPDLCJV51pk6HxdXLKRddCnzbuI2uV5oTp1F_ODs07tf9MrUIHB_0Dx6_eo3j51xTN5qcgI0JRqLOI63ZzSsFeTdWSGdZ7atGTDZfvIfIVVPLsA_Q4fh4Rm1Hz69Y3Vr08s006HCOg9k56U4v1iDm7rN3P50jpwGO4NGvukSe0H-u65aPojHl9-zQm7Rq-UQZydayN1R8o3fW5_yQEF_M9PZB4m3UyNOkIO18Ma7-v77BNBkmL2byvifHJ9KPkgOwY7MAE6svY-j6SBQQIBBgBkgUECAUYBIAHqoqFOKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOiSAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGiDAgqBgoEw7CxAtgTAtAVAYAXAbIXHAoaCAASFHB1Yi0xOTQyODQ0MjYxMTQ3NzM0GAA&sigh=APsRmcMYk0E&uach_m=[UACH]&cid=CAQSGwBpAlJWx1S7-g-6RAHNXMp32iKgYJB4bf8cuxgB&cbvp=2&vis=1

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Aug 2023 21:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame F04B 37 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3A10
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

35ms
34ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:29 GMT
expires: Sun, 06 Aug 2023 21:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9C8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

37ms
37ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:29 GMT
expires: Sun, 06 Aug 2023 21:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8634 37 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

OPTIONS
H/1.1 200
OK list
mcs-va-useast2a.tiktokv.com/v1/ Frame 0
0 165ms
125ms Preflight 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Max-Age: 1800
Connection: keep-alive
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 06 Aug 2023 21:30:29 GMT
Server: nginx
Server-Timing: inner; dur=3 cdn-cache; desc=MISS, edge; dur=0, origin; dur=93
X-Origin-Response-Time: 93,104.126.37.158
X-Tt-Logid: 202308062130282532C6FB3D6C07F13A40
x-tt-trace-host: 01390a91106ae8311255a142e1747028c95f89b5a636dc506ee4fc5daf003de76533ce097285ae162072cdd0c1e56fdcffaae8c58b4ef4ceb8bfd7e6ffab252b837d3d9fcdb18e3c7dc9c6c7f9120334245ed877f0546dd5083109b5bbec1d929b
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H/1.1 200
OK list Show response
mcs-va-useast2a.tiktokv.com/v1/ Frame CB2D 21 B
939 B 129ms
129ms XHR
application/json 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs-va-useast2a.tiktokv.com/v1/list
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sun, 06 Aug 2023 21:30:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
Cross-Origin-Resource-Policy: cross-origin
Server-Timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=3, origin; dur=96
Connection: keep-alive
Content-Length: 21
Pragma: no-cache
Server: nginx
X-Tt-Logid: 202308062130282532C6FB3D6C07F13A58
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET, OPTIONS, HEAD, PUT, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 96,104.126.37.158
x-tt-trace-host: 01390a91106ae8311255a142e1747028c95f89b5a636dc506ee4fc5daf003de76533ce097285ae162072cdd0c1e56fdcffaae8c58b4ef4ceb8bfd7e6ffab252b83ac7905aaf49290b0847c000112666f7f23656ff2fc8330ea4c3b43215cd4ef03
Expires: 0

OPTIONS
H2 200 browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame 0
0 340ms
340ms Preflight
application/json 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tiktok.com
access-control-max-age: 600
access-control-request-method: POST,GET,OPTIONS
bd-request-id: 74b92b95247aadee331441f1d896ee4e
cache-control: public, max-age=600
content-encoding: br
content-type: application/json; charset=utf-8
date: Sun, 06 Aug 2023 21:30:29 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=1, origin;dur=320, edge;dur=0
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1691357429559646
vary: Origin, Accept-Encoding
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1 https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com mon-va.byteoversea.com
x-tt-logid: 2023080621302812DC247744166A20E66B
x-tt-trace-host: 01390a91106ae8311255a142e1747028c932a141b6d48f039ed8502689786710dd1ef2661c6d2435062f1049eba331eebfd43783b4ba6a6c8c918c3a6af54a44981143011c758a9ed1ef68f985360f2498ad53f90b84dac560a478fb14fabdec6fa127cdbc42ecbd9b748250c61f07b60c
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net api_gru3_external

GET
H2 200 browser-settings Show response
mon-va.byteoversea.com/monitor_web/settings/ Frame CB2D 1 KB
1 KB 346ms
345ms XHR
application/json 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_web/settings/browser-settings?bid=webmssdk&store=1

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

563076b80f0f355b91fb7cc5eb9a0c4f564802cc04d1c76d5f92064d638268d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 06 Aug 2023 21:30:29 GMT
access-control-request-method: POST,GET,OPTIONS
content-encoding: br
strict-transport-security: max-age=31536000;includeSubDomains
upstream-caught: 1691357429907896
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net, api_gru3_external
server-timing: cdn-cache;desc=MISS, inner; dur=1, origin;dur=323, edge;dur=0
server: Tengine
x-tt-logid: 202308062130284F347F50F1A0BA35DC69
x-outhost: mon-va.byteoversea.com, mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com, mon-va.byteoversea.com
access-control-max-age: 600
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktok.com
cache-control: public, max-age=600
access-control-allow-credentials: true
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|2|0, https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01390a91106ae8311255a142e1747028c9c3aaad7771a6f0e563dbdf7aeb96cbbf0d22a72e809905ecb70c2dc08f6aabb13011dac83d7507d03849eac44b73e0bddc93ec5338e99223867576ab4dac6b32f7049cc3b0d685b827608e7c528e0d3a8202e011b0f585cf0fc91c4a7c780873
access-control-allow-headers: Content-Type
bd-request-id: d48f5f280506044cfb82360b1a8fe57e

GET
H2 200 common-monitors.1.5.0.js Show response
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/ Frame CB2D 19 KB
8 KB 27ms
27ms Script
application/javascript 23.48.23.157
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/common-monitors.1.5.0.js
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/ttweb_webmssdk_ex/1.0.0.63/webmssdk_ex.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-157.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68

Request headers

Referer: https://www.tiktok.com/
Origin: https://www.tiktok.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id: 588a6b6
date: Sun, 06 Aug 2023 21:30:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: lJMNanjiQY7KAJ1oFCsUBQ==
x-cache: TCP_MEM_HIT from a23-48-22-157.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=0
storage-tier: Standard
content-length: 7318
last-modified: Wed, 15 Feb 2023 03:17:11 GMT
opc-request-id: iad-1:a9Odx4trFHhAUHQHvPMsQRl-eFx9sgq0TArq-lOEkI_BwaZxcN8bWaD5NarH-_TF
x-api-id: native
etag: f69b14ef-715b-4897-9d2b-f2811c896f09
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/javascript
version-id: bf1061da-7f62-45be-8168-83d7b672961a
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:30:29 GMT

GET
DATA 200
OK truncated
/ Frame CB2D 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK impression.html Show response
w.uptolike.com/widgets/v1/ Frame 0C4A 1023 B
914 B 183ms
62ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf386255911078ae2c99dc3b095b1684c9ebce7cc6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sun, 06 Aug 2023 21:30:29 GMT
Expires: Sun, 06 Aug 2023 22:00:29 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 413ms
412ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.027654949425315545
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf386255911078ae2c99dc3b095b1684c9ebce7cc6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d4b4bcd0f2bea4a6011d79929d2ce3234ded819e96be691e484fd9bd324fb66f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Aug 2023 21:30:29 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Wed, 19 Jul 2023 17:32:58 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 74ms
73ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

029a3b23f52c772496736dec2cb2991f83ce7e0562c935564e6d976434b10914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11676
x-xss-protection: 0

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame B8E6 37 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: ldiena.lt
URL: https://ldiena.lt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Aug 2023 21:30:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E568 13 KB
5 KB 30ms
25ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 9890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 18:45:39 GMT
expires: Mon, 05 Aug 2024 18:45:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9E8A 783 B
533 B 36ms
35ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad39ca969af7f757e21ee9a26c6e9dd57ee5a5ea41fb095c047db90002a7dffc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tOEyH7BhBGuIiAToncF7Jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-tOEyH7BhBGuIiAToncF7Jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:29 GMT
expires: Sun, 06 Aug 2023 21:30:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 204
No Content imp
w.uptolike.com/widgets/v1/zp/ Frame 0C4A 0
154 B 156ms
156ms Image
text/plain 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/widgets/v1/zp/imp?pid=lf386255911078ae2c99dc3b095b1684c9ebce7cc6&fl=false&sw=1600&sh=1200&vw=1600&vh=1200&vp=b4e22815-56f3-49b0-b536-0d051471c254&ttl=TERpZW5hLmx0JTIwJUM1JUJEaW5pb3M%3D&url=https%3A%2F%2Fldiena.lt%2F&rnd=0.37063107054595035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 06 Aug 2023 21:30:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9E8A 0
0 57ms
57ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=3895628823320357&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame E568 37 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 16:25:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E568 0
11 B 25ms
24ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?S-OfhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK / Show response
checkersync.ru/modes/ 88 KB
7 KB 242ms
116ms Script
application/javascript 92.63.192.10
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://checkersync.ru/modes/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.027654949425315545

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.63.192.10 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1023.ru

Software

nginx/1.13.12 /

Resource Hash

43b1e9923fec49355cd708d5fa5554d2f7876b4f5084e259c156c6ecfb63ede3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 21:30:30 GMT
Content-Encoding: gzip
Last-Modified: Sunday, 06-Aug-2023 21:30:30 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive

GET
H/1.1 200
OK / Show response
supraneet.ru/minus/ 0
319 B 248ms
64ms Script
application/javascript 62.109.6.15
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://supraneet.ru/minus/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.027654949425315545

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.109.6.15 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1024.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 21:30:30 GMT
Last-Modified: Sunday, 06-Aug-2023 21:30:30 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK collect_stat.js Show response
af.click.ru/ 913 B
1 KB 205ms
63ms Script
application/javascript 217.197.112.80
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://af.click.ru/collect_stat.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.027654949425315545
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.112.80 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: seopult.ru
Software: nginx /
Resource Hash: a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 21:30:30 GMT
Last-Modified: Fri, 18 Nov 2022 09:50:15 GMT
Server: nginx
ETag: "63775557-391"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 913

POST
H2 200 55595281
mc.yandex.ru/webvisor/ 43 B
0 303ms
183ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/55595281?wv-part=1&wmode=0&wv-hit=736256544&page-url=https%3A%2F%2Fldiena.lt%2F&rn=642206383&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691357430%3Aw%3A1600x1200%3Av%3A1092%3Az%3A0%3Ai%3A20230806213030%3Au%3A1691357426208157105%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691357430&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 06-Aug-2023 21:30:30 GMT
content-type: image/gif
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 06-Aug-2023 21:30:30 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2222 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyC6hSGUsHrfm9bt21z-3RwvXe8Bx7BylutfeYEV2vgAPQH9-QhaEfqAhn8w0Lxki31eRXNqtIpuvM5UG0Mobf8hHr86A-ogEisWZVTFucwAH4Y3OaM5djHLN-Na_GpE0Et7KO0C5EdUhq&sai=AMfl-YQE7JOwS3KK0jvVZ9nkH0RdHPWB-y8Az8xLp1_BshAWyfSh4qXuC4p2rD_SHcRi6z-MUWYWgQBmGw9Y&sig=Cg0ArKJSzEqkmA6at418EAE&cid=CAQSGwBpAlJWx1S7-g-6RAHNXMp32iKgYJB4bf8cuxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=807,1000,1000,1000,1000&tos=807,193,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691357428303&rpt=1014&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
best.aliexpress.com/ Frame 6388
Redirect Chain

https://s.click.aliexpress.com/e/_DB8znJH
https://sale.aliexpress.com/September_fashion_new_lianmeng.htm?aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&s...
https://www.aliexpress.com/?aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&sk=_DB8znJH&aff_trace_key=9ba9c6b8c5...
https://fr.aliexpress.com/?aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&sk=_DB8znJH&aff_trace_key=9ba9c6b8c5d...
https://best.aliexpress.com/?lan=fr&aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&sk=_DB8znJH&aff_trace_key=9b...

0
0

154ms
134ms

Document
text/html

23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.com/?lan=fr&aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&sk=_DB8znJH&aff_trace_key=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&terminal_id=4eee4f43226e49e4b9b2209796ac5da3&gatewayAdapt=glo2fra

Requested by

Host: checkersync.ru
URL: https://checkersync.ru/modes/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-language: fr-FR
content-length: 16386
content-type: text/html;charset=UTF-8
date: Sun, 06 Aug 2023 21:30:31 GMT
eagleeye-traceid: 211b88ef16913574318613190e211d
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine
server-timing: ak_p; desc="1691357431855_1551596184_204885036_10644_1506_23_0_255";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-application-context: ae-traffic-affiliateweb-f:prod,de:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: text/html
date: Sun, 06 Aug 2023 21:30:31 GMT
eagleeye-traceid: 211b440316913574317954159e87d5
expires: 0
location: https://best.aliexpress.com?lan=fr&aff_fcid=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&tt=CPS_NORMAL&aff_fsk=_DB8znJH&aff_platform=portals-promotion&sk=_DB8znJH&aff_trace_key=9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH&terminal_id=4eee4f43226e49e4b9b2209796ac5da3&gatewayAdapt=glo2fra
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-application-context: global-biz-gateway:9901
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 55595281
mc.yandex.ru/webvisor/ 43 B
0 64ms
64ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/55595281?wv-part=1&wmode=0&wv-hit=736256544&page-url=https%3A%2F%2Fldiena.lt%2F&rn=904599477&wv-type=3&browser-info=we%3A1%3Aet%3A1691357431%3Aw%3A1600x1200%3Av%3A1092%3Az%3A0%3Ai%3A20230806213030%3Au%3A1691357426208157105%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691357431&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 06-Aug-2023 21:30:30 GMT
content-type: image/gif
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 06-Aug-2023 21:30:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230802&jk=3895628823320357&bg=!dHeldyPNAAZGOVy5Zjk7ADkAdvg8WpLLXZARoreOJyfzIpCM-xyytYaKFLUctKSL-0FB86PvaA8gnCxt9LBjPMV5t35t9CB914ECAAAAVlIAAAAIaAEHmQKthmlOXrRTTxUXDstOM16Lbu5TsH7NLduTggvod9lojn2VDjVHdozkBzdy5UDSap8qz-Mx9ejGF0gKibep6fBWcYFLxC1sK0f8SrdL6FGrX-U3GT3wdeYIZYEAhbsZLyVIWW-xJoP2RltZ2uGYYJHL2YYiB6LrRxfXsS-KOhlghyy198cgP4pRfUEWiu-qCIm-6dMT2PfXQKUjwjsW2-nKTkw1Dc9Az_Heh_ItqJgytscs-jJDIKdYPMOc_qa7UQLzJUqQEyVYDU9KY0eIzGLf7d7bMVCMROL1CMLvI953rCPP5I0EvW-NZ-P2pDMmoqdPUHBKDs9lFskYV6BihCivYXVJX0MSJiIOUvPWCikQY8RUWO6Ul_8VA3U0BDB2b9qSmWhZLVRRgQ0t8-lqsHdVeeDJTFShX6Y6AXIoLbJgxZ_cFX7cBFzka78fPLQD-mkktyoD8lMMogPjpAvxprZA8BBccQQLY5ClgZj2KpFeGeCm6My7uYFkCHKaqq5HmMTyGmZSK-c7yv2sPX8E3CYW4fNVkDzDJ1aXQwYWCJKi2K5U8tXLfiy9jxvDHLYwG-hhpDgA1-nc5UeN072xTlTjjr9AVkRvusB_Y9HlqN8tLKLxMHoOJz1mBhmGooDeOdVISJ9aN9DKvrNd6rykuwgOrjHBkqB8Sl5RoJ5TsKN4nKrbJmxrE8Hr7ayxLTo1_xcgEDF0wEIVARnxyruUfgyMuOG-yvDDkioyZswwJsnaxy4gkJVxlnNrjXLDNu3QWQ9DNbUML0YGd9ByZloGpyLFrSuUEHd7AsRBGVPX9Yn1WK8rEnt3iRVUkqsOZrgk_7ND6KlZt2wt-ICI9brkhFcAewukvAPcrqn7yUhWqyFe8Vfo-NmycKhe6iy8J5bkNB2wrInKlQ4GdhBNjvNeTQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H/1.1 200
OK support.html Show response
w.uptolike.com/widgets/v1/zp/ Frame 2177 14 KB
4 KB 60ms
59ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lf386255911078ae2c99dc3b095b1684c9ebce7cc6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Sun, 06 Aug 2023 21:30:30 GMT
Expires: Sun, 06 Aug 2023 22:00:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

OPTIONS
H2 204 /
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 0
0 363ms
363ms Preflight 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: 305e4e4658f40b79199786bf5d529d9b
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:30 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=3, origin;dur=346, edge;dur=0
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1 https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com mon-va.byteoversea.com
x-tt-logid: 20230806213029C46DFA0FA8CA5E34E651
x-tt-trace-host: 01390a91106ae8311255a142e1747028c932a141b6d48f039ed8502689786710dd40322e8e4c44121fbe890884d35d55ab56177a8313e312e4f529cef566e6f19d997cae5270c59ca0f1b18f492fd504fc6d0e97dba3da448ce4f9567cd64917341913948c909774db22dbee97de9aabc8
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net api_gru3_external

POST
H2 204 / Show response
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame CB2D 0
916 B 345ms
344ms XHR
text/plain 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 06 Aug 2023 21:30:31 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net, api_gru3_external
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=326, edge;dur=0
server: Tengine
x-tt-logid: 20230806213030D244246DE0154E234121
x-outhost: mon-va.byteoversea.com, mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com, mon-va.byteoversea.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1, https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01390a91106ae8311255a142e1747028c932a141b6d48f039ed8502689786710dd40322e8e4c44121fbe890884d35d55ab56177a8313e312e4f529cef566e6f19d647c746bbe607a815a3457a0ddb69e48f7097830b1d149d9e29cf25bb23a604146dae7cf353101a319c25e6f7b7111b7
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 7f9716579c0365385637f762c71506de

POST
H2 200 55595281
mc.yandex.ru/webvisor/ 43 B
0 61ms
61ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/55595281?wv-part=2&wmode=0&wv-hit=736256544&page-url=https%3A%2F%2Fldiena.lt%2F&rn=377004948&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691357431%3Aw%3A1600x1200%3Av%3A1092%3Az%3A0%3Ai%3A20230806213030%3Au%3A1691357426208157105%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691357431&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ldiena.lt/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:30 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 06-Aug-2023 21:30:30 GMT
content-type: image/gif
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 06-Aug-2023 21:30:30 GMT

OPTIONS
H2 204 /
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 0
0 343ms
343ms Preflight 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: d28230722634a9249873025e91ebfead
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:31 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=3, origin;dur=326, edge;dur=0
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1 https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com mon-va.byteoversea.com
x-tt-logid: 202308062130306C1D771D77A5E259BA8B
x-tt-trace-host: 01390a91106ae8311255a142e1747028c932a141b6d48f039ed8502689786710dd9ef8825b4cb74cfd9240a047c0211628d961af183577bf053b4bb72704e20cfb4d216f915ee630d2b0788e67d00fb4f4217faffcb22f957e31566a8b55c868345e1b250ffa3e4faa820108f7de7a39aa
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net api_gru3_external

POST
H2 204 / Show response
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame CB2D 0
916 B 348ms
347ms XHR
text/plain 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 06 Aug 2023 21:30:31 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net, api_gru3_external
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=2, origin;dur=328, edge;dur=0
server: Tengine
x-tt-logid: 20230806213030BE1518578B47E342E5FA
x-outhost: mon-va.byteoversea.com, mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com, mon-va.byteoversea.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1, https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01390a91106ae8311255a142e1747028c932a141b6d48f039ed8502689786710dde81c1ace3b776f5bd708e725709cb089c75e69a7b9c15c2014a98a4872fada86e619d85542adf15ae2c625e06c4eb9e79b880d5320263748336318f819d838492d3fa2fdaecf2574192280e2d7087051
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 7055c50e656fb442aaa136b4cfce4818

POST
H/1.1 200
OK report Show response
mssdk-va.tiktok.com/web/ Frame CB2D 44 B
2 KB 194ms
134ms XHR
text/plain 104.126.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.tiktok.com/web/report?msToken=&X-Bogus=DFSzswSOQDGr9KTQt936oBVeovh4
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID: d562d70b.be13d34
Date: Sun, 06 Aug 2023 21:30:31 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a104-126-37-175.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Parent-Response-Time: 111,104.126.37.175
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=23, inner; dur=21
Content-Length: 44
X-Ms-Token: SxPH-LyoCIn2jLQbpIkLyAkUOfl28CYDesEvvpVxgNlw4mctj_WMhe66mgpf0HgkkULFano6GahcMn7Ltk9S-kWAGJtxchTnkFYcndulnDrG4C0xf4HA
Pragma: no-cache
Server: nginx
X-Tt-Logid: 202308062130309A71E809EF7F1078F0B8
X-Cache-Remote: TCP_MISS from a23-220-105-133.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 23,23.220.105.133
x-tt-trace-host: 01390a91106ae8311255a142e1747028c9b59b9d92a46b6d760c70976c38c676b2baaa128f7f8fbb27f609ac79ebdd67728b51a5837ea6be83d16949d21660866cffafe3ad885da1f0ffe0a09a6c2cbc0a6ec8a20ca6113475b0256b95741135d45bda9a1f1c6ec9192ae622ba5d69f249
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Sun, 06 Aug 2023 21:30:31 GMT

POST
H/1.1 200
OK report Show response
mssdk-va.tiktok.com/web/ Frame CB2D 44 B
2 KB 190ms
190ms XHR
text/plain 104.126.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mssdk-va.tiktok.com/web/report?msToken=&X-Bogus=DFSzswSOQDcJIRTQt936baVeovgQ
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Akamai-Request-ID: df2c424a.be13f0c
Date: Sun, 06 Aug 2023 21:30:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Cache: TCP_MISS from a104-126-37-175.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50146111) (-)
X-Parent-Response-Time: 125,104.126.37.175
Connection: keep-alive
Server-Timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=23, inner; dur=20
Content-Length: 44
X-Ms-Token: Top4w_9rUpvXFPtaY95T54Rvv-U2AeyQIGa2tzkZ3-KO8z1IS4Um3EqVlT0f88ESAbVeegFLDP6Ik4Z0l-8UoiulzDr9zOeohTOZf6f5nJKH1OBbYhv3
Pragma: no-cache
Server: nginx
X-Tt-Logid: 202308062130315476352E075AF9681D7B
X-Cache-Remote: TCP_MISS from a23-220-105-138.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.tiktok.com
Access-Control-Expose-Headers: x-ms-token,x-ms-resp
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
X-Origin-Response-Time: 24,23.220.105.138
x-tt-trace-host: 01390a91106ae8311255a142e1747028c9b59b9d92a46b6d760c70976c38c676b26ae18a8fb75458423d922a7bc555e0e9612bb4436be3b3b4d933b29cbf82b7792c5751aa0ea768e5af9880d7e4da9e742ba66044e04e1d88c3960b8d5bd34273601a76ee593b2f0695a55f11cb055604
Access-Control-Allow-Headers: x-mssdk-info,x-ms-req
Expires: Sun, 06 Aug 2023 21:30:32 GMT

POST
H2 204 /
mon.tiktokv.com/monitor_browser/collect/batch/ Frame CB2D 0
0 143ms
141ms Fetch
application/json 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon.tiktokv.com/monitor_browser/collect/batch/
Requested by: Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: application/json

Response headers

x-akamai-request-id: 62e72cea.97766ae
date: Sun, 06 Aug 2023 21:30:35 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-parent-response-time: 115,23.54.206.24
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=32, inner; dur=3
server: nginx
x-tt-logid: 202308062130343D8D4907F5C1E05E6388
x-cache-remote: TCP_MISS from a23-43-56-111.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-origin-response-time: 33,23.43.56.111
x-tt-trace-host: 01f0438ee55b2de7a90593cf520df7fd13f9292b13ed5472cda069b5abb6f720b957f5e4941240977d8c89aeb72dcd08090b984e4e94559a395ee2f9f781cd2c2cefce2c1aa6bdfa9eb968e408dd1b49146030dd4f7f5dd982c5f81fe7a723678bcf1e019c456980a36367d8e96e7c688a
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV

OPTIONS
H2 204 /
mon.tiktokv.com/monitor_browser/collect/batch/ Frame 0
0 154ms
153ms Preflight 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mon.tiktokv.com/monitor_browser/collect/batch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:35 GMT
server: nginx
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=29 inner; dur=5
x-akamai-request-id: 1b57e402.977665a
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-cache-remote: TCP_MISS from a23-43-56-165.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
x-origin-response-time: 29,23.43.56.165
x-parent-response-time: 128,23.54.206.24
x-tt-logid: 202308062130346071DC7D698C4C637214
x-tt-trace-host: 01f0438ee55b2de7a90593cf520df7fd13f9292b13ed5472cda069b5abb6f720b97c803939853d8fd162ceb97a96bcfdb314f4dd1024b77e3a1f832e14e9a593aeefdadb9c6789e00f6829dedc2aa41f95f1bb69398f392b6f915af7e89f3e4f32ad1dc861ae93a08b29e4b3674365ba7e
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

OPTIONS
H2 204 /
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 0
0 349ms
348ms Preflight 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: e7574e292db6791a4021ad78ed5f4385
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:38 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=3, origin;dur=329, edge;dur=1
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|2|0 https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com mon-va.byteoversea.com
x-tt-logid: 20230806213037A72A51166D246439A58E
x-tt-trace-host: 01390a91106ae8311255a142e1747028c932a141b6d48f039ed8502689786710dd42c5bf3ad775230cd4126d0cc3b26c0eaf06077c42bb33af1d750dd8ff51978183c027b673ad432c5ae91d72d5e80ab3e8f6c3c7a84c7cb090b508b5ddbc338210d74011a2d12285f50b4dcc8838e209
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net api_gru3_external

POST
H2 204 / Show response
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame CB2D 0
917 B 367ms
366ms XHR
text/plain 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=webmssdk

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 06 Aug 2023 21:30:39 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net, api_gru3_external
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=6, origin;dur=348, edge;dur=1
server: Tengine
x-tt-logid: 202308062130380FD4B17284588E3AE37F
x-outhost: mon-va.byteoversea.com, mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com, mon-va.byteoversea.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|2|0, https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01390a91106ae8311255a142e1747028c932a141b6d48f039ed8502689786710dd42c5bf3ad775230cd4126d0cc3b26c0eaf06077c42bb33af1d750dd8ff5197819ad58f9e22226c554b39066cadf701fe12a127ec00fbf5bdc413a6fd5cc68c6d676989533eb3749c00ddd8568e3b041c
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 29ff1fbb9905392850f0412320a7a448

OPTIONS
H2 204 /
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame 0
0 343ms
342ms Preflight 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tiktok.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
access-control-max-age: 600
bd-request-id: 19b6edd0fb9bb9c81b21b1f59a0216e8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Aug 2023 21:30:39 GMT
server: Tengine
server-timing: cdn-cache;desc=MISS, inner; dur=3, origin;dur=322, edge;dur=2
strict-transport-security: max-age=31536000;includeSubDomains
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|2|0 https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-outdomain: mon-va.byteoversea.com mon-va.byteoversea.com
x-outhost: mon-va.byteoversea.com mon-va.byteoversea.com
x-tt-logid: 20230806213038DE1E937A1CE0CE3FBDDF
x-tt-trace-host: 01390a91106ae8311255a142e1747028c932a141b6d48f039ed8502689786710dde81c1ace3b776f5bd708e725709cb08911434726ec1f6dacdfbc3f4f4dd76343b5342a7d66df1e606ff0eb17220ab00e16a4e95014d560fc86cd29c01f7372155bfba36be79f99f095ec50f2953caafa
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net api_gru3_external

POST
H2 204 / Show response
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame CB2D 0
916 B 342ms
341ms XHR
text/plain 139.177.230.161
BYTEDANCE

General

Check archive.org

Show headers Download Go to

Full URL

https://mon-va.byteoversea.com/monitor_browser/collect/batch/?biz_id=tiktok_web_embed

Requested by

Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.177.230.161 Paris, France, ASN396986 (BYTEDANCE, US),

Reverse DNS

Software

Tengine /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://www.tiktok.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 06 Aug 2023 21:30:40 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-tt-trace-tag: id=31;cdn-cache=miss
x-upstreamname: origin_maliva-normal-lb.byteoversea.net, api_gru3_external
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache;desc=MISS, inner; dur=3, origin;dur=323, edge;dur=0
server: Tengine
x-tt-logid: 20230806213039F2ED97B1CC122F541800
x-outhost: mon-va.byteoversea.com, mon-va.byteoversea.com
x-outdomain: mon-va.byteoversea.com, mon-va.byteoversea.com
access-control-max-age: 600
access-control-allow-methods: POST, OPTIONS, GET
access-control-allow-origin: *
x-bdssl-info: https|TLSv1.3|TLS_AES_256_GCM_SHA384|2|0, https|TLSv1.3|TLS_AES_256_GCM_SHA384|0|1
x-tt-trace-host: 01390a91106ae8311255a142e1747028c932a141b6d48f039ed8502689786710dd88c1e5937062f70f385a26676c6cfffaaad268f123e7d41654b069882196fdbe863f0d9e82c2c475d71566e2e692f0df2aa1f14895955ceba3ffe0170891052ca82934dad218cc9148a754ce034c6bb9
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,accept,origin,Cache-Control,X-Requested-With,X-USE-PPE,X-TT-ENV
bd-request-id: 7b6936c0bed2c76298428954909dfaa0

POST
H2 200 55595281
mc.yandex.ru/watch/ 43 B
146 B 61ms
61ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/55595281?page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&hittoken=1691357426_3f862fdfb7ff9b90b86eda961b4bca982da87445fac607e58f553ead7fc931bb&browser-info=nb%3A1%3Acl%3A223%3Aar%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A1%3Als%3A814690505249%3Ahid%3A736256544%3Az%3A0%3Ai%3A20230806213041%3Aet%3A1691357441%3Ac%3A1%3Arn%3A923002006%3Arqn%3A2%3Au%3A1691357426208157105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C4483%2C4487%2C4%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1691357425124%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1691357441&t=gdpr(14)clc(0-0-0)rqnt(2)lt(135300)aw(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:41 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 06-Aug-2023 21:30:41 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 06-Aug-2023 21:30:41 GMT

POST
H2 200 23414332
mc.yandex.ru/watch/ 43 B
74 B 64ms
64ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23414332?page-url=https%3A%2F%2Fldiena.lt%2F&charset=utf-8&hittoken=1691357426_a6a360f979fce6f7edc39e24d7fb38712e1a7f18f32142f30eab9a58f46bdce6&browser-info=nb%3A1%3Acl%3A81%3Aar%3A1%3Avf%3A7sp2sdh4awvfxhcq9eu02an%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A2%3Adp%3A0%3Als%3A1020040336279%3Ahid%3A736256544%3Az%3A0%3Ai%3A20230806213041%3Aet%3A1691357441%3Ac%3A1%3Arn%3A1030630324%3Arqn%3A2%3Au%3A1691357426208157105%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C4483%2C4487%2C4%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1691357425124%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1691357441&t=gdpr(14)clc(0-0-0)rqnt(2)lt(135300)aw(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ldiena.lt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Aug 2023 21:30:41 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 06-Aug-2023 21:30:41 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://ldiena.lt
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 06-Aug-2023 21:30:41 GMT

GET
H2 200 mezfS0RxVO.htm Show response
sale.aliexpress.com/ru/__pc/ Frame 7F53 28 KB
9 KB 27ms
26ms Document
text/html 23.210.123.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm
Requested by: Host: checkersync.ru
URL: https://checkersync.ru/modes/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.123.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-123-5.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 45e61f3245314d79aba083fe734710a1d3018ef1d7da66888d39971fc4c59ceb

Request headers

Referer: https://ldiena.lt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
ali-swift-global-savetime: 1690537338
cache-control: max-age=1771878, s-maxage=3600
content-encoding: gzip
content-length: 8440
content-md5: 6tXfCWThWoYSYnI1PfAJmQ==
content-type: text/html
date: Sun, 06 Aug 2023 21:30:55 GMT
eagleid: 2ff6309616905373379775877e
expires: Sun, 27 Aug 2023 09:42:13 GMT
network_info: RO_BUZAU_8708
served-from: 92.123.122.152
server: Tengine
timing-allow-origin: *
vary: Accept-Encoding
x-oss-hash-crc64ecma: 14635979372857579959
x-oss-object-type: Normal
x-oss-request-id: 64C38D7A2351963939634DC2
x-oss-server-time: 4
x-oss-storage-class: Standard
x-source-scheme: https
x-swift-cachetime: 3600
x-swift-savetime: Fri, 28 Jul 2023 09:42:18 GMT

GET
H2 200 base.css
i.alicdn.com/ams-static/3.0.0/global/ Frame 7F53 62 KB
6 KB 222ms
36ms Stylesheet
text/css 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/global/base.css

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2d9d14fb472222d49d6226fc13d88f55f2314e2384703c4db61532fc633632fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 31505769
fw_ip: 23.35.220.85, 23.210.122.250
x-readtime: 262
server-timing: rt;dur=0.267,eagleid;desc=2ff62a9816697751045324593e
x-swift-savetime: Wed, 30 Nov 2022 10:48:56 GMT
content-length: 5387
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 00:04:49 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1669775105
content-type: text/css
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500100d52e858d73970bd3328d48de7b301be72f877a8d9336e5e
cache-control: max-age=28739530
served-from: 222.122.182.180
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: DE_FRANKFURT_34164, FR_PARIS_16276
x-new-origin: 1
eagleid: 2ff62a9816697751045324593e, a3b5169616698053366234321e
expires: Thu, 04 Jul 2024 12:43:05 GMT

GET
H2 200 base.js Show response
i.alicdn.com/ams-static/3.0.0/global/ Frame 7F53 299 KB
52 KB 223ms
37ms Script
application/javascript 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/global/base.js

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

24f951604079e04853fa2530c81c65bd3527ee9b8bb3a47f353b83d110d0fc3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 31536000
fw_ip: 23.195.64.43, 23.210.122.250
x-readtime: 444
server-timing: rt;dur=0.463,eagleid;desc=082d349616866247087965114e
x-swift-savetime: Tue, 13 Jun 2023 02:51:49 GMT
content-length: 52509
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Jun 2023 02:51:50 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1686624709
content-type: application/javascript
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00fcb2dc380751978533328d48de7b301be3617112567202689
cache-control: max-age=29160228
served-from: 8.45.52.252
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: US_CHICAGO_35994, FR_PARIS_16276
x-new-origin: 1
eagleid: 082d349616866247087965114e, 082d349616866247087965114e
expires: Tue, 09 Jul 2024 09:34:43 GMT

GET
H2 200 index.js Show response
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame 7F53 51 KB
18 KB 222ms
36ms Script
application/javascript 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

90ec3c93846a1a334c31b864830f0e6c9f7837c019afffd27a8154a3f795131f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 13542087
fw_ip: 23.67.240.73, 23.210.122.250
x-readtime: 740
server-timing: rt;dur=0.746,eagleid;desc=0819529616633790743212896e
x-swift-savetime: Thu, 13 Apr 2023 08:03:08 GMT
content-length: 17480
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Apr 2023 12:47:51 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1663379075
content-type: application/javascript
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00ff904ba1a2617dfcb3328d48de7b301be3617112567202689
cache-control: max-age=27706346
served-from: 23.45.183.20
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: US_CHICAGO_35994, FR_PARIS_16276
x-new-origin: 1
eagleid: 0819529616633790743212896e, 2ff618a716813729883317672e
expires: Sat, 22 Jun 2024 13:43:21 GMT

GET
H2 200 ae-header-ru.css
assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ Frame 7F53 97 KB
11 KB 208ms
109ms Stylesheet
text/css 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-122-250.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: a514c9f738d1417b0068fa3a0ead68825068ee298ac1bbd107d73db032198f49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:55 GMT
content-encoding: br
x-oss-request-id: 6317268511785A303739FA62
content-md5: okrp/0QFbl1eCReKmGgLqA==
x-swift-cachetime: 5390575
x-swift-savetime: Thu, 06 Jul 2023 01:29:58 GMT
content-length: 10289
x-oss-object-type: Normal
last-modified: Thu, 06 Jul 2023 01:30:58 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1662461573
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=28409972
served-from: 23.212.50.111
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: DE_FRANKFURT_34164, FR_PARIS_16276
x-oss-hash-crc64ecma: 1856276477348331625
eagleid: 81e3ce9c16886069985812327e
x-oss-server-time: 24
expires: Sun, 30 Jun 2024 17:10:27 GMT

GET
H2 200 font-face.css
i.alicdn.com/ams-static/3.0.0/common/css/ Frame 7F53 93 KB
5 KB 223ms
37ms Stylesheet
text/css 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/common/css/font-face.css

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

d5c69343f17def5f178ebc0445c80f25da743b7f53322c65fbb894324145399d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 31153973
fw_ip: 23.220.128.46, 23.210.122.250
x-readtime: 1495
server-timing: rt;dur=1.499,eagleid;desc=2ff6189c16379465490526987e
x-swift-savetime: Wed, 01 Dec 2021 03:16:17 GMT
content-length: 4489
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Mar 2022 00:49:40 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1637946550
content-type: text/css
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00f2fed707f87bc99013328d48de7b301be3617112567202689
cache-control: max-age=20745836
served-from: 23.218.223.9
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: US_CHICAGO_35994, FR_PARIS_16276
x-new-origin: 1
eagleid: 2ff6189c16379465490526987e, 082d349516383734091915302e
expires: Wed, 03 Apr 2024 00:14:51 GMT

GET
H2 200 flash-deals.css
i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/ Frame 7F53 5 KB
2 KB 288ms
103ms Stylesheet
text/css 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/flash-deals.css

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

a850bad1f5bc6d80df59c86ac61f7b1304490a4150bcd7fb77399990bf3a1e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 31536000
fw_ip: 106.51.144.65, 23.210.122.250
x-readtime: 350
server-timing: rt;dur=0.352,eagleid;desc=81e3ce9c16425771404363261e
x-swift-savetime: Wed, 19 Jan 2022 07:25:41 GMT
content-length: 1262
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Jan 2022 07:25:42 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1642577141
content-type: text/css
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00f44ad1201879760c43328d48de7b301be3617112567202689
cache-control: max-age=30191060
served-from: 106.51.42.12
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: GB_LONDON_34164, FR_PARIS_16276
x-new-origin: 1
eagleid: 81e3ce9c16425771404363261e, 81e3ce9c16425771404363261e
expires: Sun, 21 Jul 2024 07:55:15 GMT

GET
H2 200 channel-tab.css
i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-tab/ Frame 7F53 3 KB
1 KB 222ms
36ms Stylesheet
text/css 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-tab/channel-tab.css

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2147fb9b31ad9e712219cd3046a544dfb7ad25545e3171a96eb460faaf1ffe9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 31536000
fw_ip: 104.74.26.31, 23.210.122.250
x-readtime: 210
server-timing: rt;dur=0.213,eagleid;desc=2ff62a9516894136547461140e
x-swift-savetime: Sat, 15 Jul 2023 09:34:15 GMT
content-length: 815
x-xss-protection: 1; mode=block
last-modified: Sat, 15 Jul 2023 09:34:16 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1689413655
content-type: text/css
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500100cfcde181a592e403328d48de7b301be72f877a8d9336e5e
cache-control: max-age=29592086
served-from: 23.55.242.183
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: US_ASHBURN_20940, FR_PARIS_16276
x-new-origin: 1
eagleid: 2ff62a9516894136547461140e, 2ff62a9516894136547461140e
expires: Sun, 14 Jul 2024 09:32:21 GMT

GET
H2 200 channel-banner.css
i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-banner/ Frame 7F53 4 KB
2 KB 288ms
102ms Stylesheet
text/css 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-banner/channel-banner.css

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2bcd889ef0f28809e23021ead3cb779fb49a15967cf551160d928c2c74edd279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 31536000
fw_ip: 23.194.112.244, 23.210.122.250
x-readtime: 252
server-timing: rt;dur=0.254,eagleid;desc=2ff62d9616895753364863307e
x-swift-savetime: Mon, 17 Jul 2023 06:28:57 GMT
content-length: 909
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Jul 2023 06:28:58 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1689575337
content-type: text/css
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500100cfcde181a592e403328d48de7b301be72f877a8d9336e5e
cache-control: max-age=29753826
served-from: 95.101.109.214
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: DE_FRANKFURT_34164, FR_PARIS_16276
x-new-origin: 1
eagleid: 2ff62d9616895753364863307e, 2ff62d9616895753364863307e
expires: Tue, 16 Jul 2024 06:28:01 GMT

GET
H2 200 footer.css
i.alicdn.com/ae-footer/20190918153024/buyer/front/ Frame 7F53 2 KB
1 KB 223ms
37ms Stylesheet
text/css 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

f1b59c28f0f6de9a87843817d437902358e4fed00a47c090cd263a357197336d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 31536000
fw_ip: 104.115.174.96, 23.210.122.250
x-readtime: 288
server-timing: rt;dur=0.291,eagleid;desc=2f59420416897751571861690e
x-swift-savetime: Wed, 19 Jul 2023 13:59:18 GMT
content-length: 487
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Jul 2023 14:47:15 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1689775158
content-type: text/css
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00fcb2dc380751978533328d48de7b301be3617112567202689
cache-control: max-age=29953691
served-from: 203.74.67.7
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: US_CHICAGO_35994, FR_PARIS_16276
x-new-origin: 1
eagleid: 2f59420416897751571861690e, 2f59420416897751571861690e
expires: Thu, 18 Jul 2024 13:59:06 GMT

GET
H2 200 ae-header.js Show response
assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ Frame 7F53 478 KB
108 KB 36ms
34ms Script
application/javascript 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-122-250.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 254a45df83e69bc0add776bf0b10e14240b78fab11f0dd17f0ae903aff269261

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:55 GMT
content-encoding: br
x-oss-request-id: 643F1E313729B5303212F46D
content-md5: 39oy7Iof2Tc675JC/1pTow==
x-swift-cachetime: 30774346
x-swift-savetime: Thu, 27 Apr 2023 18:22:31 GMT
content-length: 109876
x-oss-object-type: Normal
last-modified: Mon, 29 May 2023 02:14:33 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1681858097
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=26331622
served-from: 104.75.171.87
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: US_CHICAGO_35994, FR_PARIS_16276
x-oss-hash-crc64ecma: 13718294925075259392
eagleid: 800ef99516831918751161062e
x-oss-server-time: 67
expires: Thu, 06 Jun 2024 15:51:17 GMT

GET
H2 200 HTB1wH7zKHvpK1RjSZFq763XUVXaM.png
ae01.alicdn.com/kf/ Frame 7F53 2 KB
2 KB 288ms
118ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1wH7zKHvpK1RjSZFq763XUVXaM.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

d494c8910cb6e79ffcc20c64f89035e347db9ef6b41a1f684ee10814fe9daaf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 02 May 2023 22:37:11 GMT
strict-transport-security: max-age=0
via: cache18.l2us1[0,1,200-0,H], cache29.l2us1[2,0], cache2.nl2[0,0,200-0,H], cache5.nl2[42,0]
age: 8290424
x-swift-cachetime: 80924583
x-cache: HIT TCP_MEM_HIT dirn:4:430589618
x-swift-savetime: Wed, 05 Jul 2023 07:34:08 GMT
content-length: 1951
cdn-type: alibaba
last-modified: Fri, 26 Jul 2019 10:16:20 GMT
server: Tengine
ali-swift-global-savetime: 1683067031
content-type: image/png
traceid: a3b5619f16830670311326283e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: a3b5619f16830670311326283e
eagleid: 2ff6309916913574559478014e

GET
H2 200 HTB1ouReJyLaK1RjSZFx761mPFXaa.png
ae01.alicdn.com/kf/ Frame 7F53 845 B
1 KB 289ms
120ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1ouReJyLaK1RjSZFx761mPFXaa.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

a618d19eb5c85efed99be05a0dc7683427921a71396ba0355d8570c249d81ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:02:37 GMT
strict-transport-security: max-age=0
via: cache3.l2us1[0,9,200-0,H], cache27.l2us1[11,0], cache4.nl2[0,0,200-0,H], cache5.nl2[42,0]
age: 30785298
x-swift-cachetime: 58429314
x-cache: HIT TCP_MEM_HIT dirn:6:170394220
x-swift-savetime: Wed, 05 Jul 2023 07:40:43 GMT
content-length: 845
cdn-type: alibaba
last-modified: Fri, 26 Jul 2019 07:39:26 GMT
server: Tengine
ali-swift-global-savetime: 1660572157
content-type: image/png
traceid: 2ff62c9616605721570028869e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 2ff62c9616605721570028869e
eagleid: 2ff6309916913574559478033e

GET
H2 200 HTB1hkFgJxnaK1RjSZFt762C2VXam.png
ae01.alicdn.com/kf/ Frame 7F53 1 KB
2 KB 290ms
120ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1hkFgJxnaK1RjSZFt762C2VXam.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

c07e69f51c82461bd74abd929d5432a64d2f8bf1392bd128a2f473b42ae7d34a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 12:55:37 GMT
strict-transport-security: max-age=0
via: cache31.l2us1[0,8,200-0,H], cache31.l2us1[10,0], cache8.nl2[0,0,200-0,H], cache5.nl2[42,0]
age: 30789318
x-swift-cachetime: 58423732
x-cache: HIT TCP_MEM_HIT dirn:6:109335843
x-swift-savetime: Wed, 05 Jul 2023 08:06:45 GMT
content-length: 1314
cdn-type: alibaba
last-modified: Fri, 26 Jul 2019 08:33:49 GMT
server: Tengine
ali-swift-global-savetime: 1660568137
content-type: image/png
traceid: 4f85b09716605681345636701e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 4f85b09716605681345636701e
eagleid: 2ff6309916913574559478048e

GET
H2 200 HTB1KqsSJmzqK1RjSZFj762lCFXa8.png
ae01.alicdn.com/kf/ Frame 7F53 804 B
1 KB 290ms
121ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1KqsSJmzqK1RjSZFj762lCFXa8.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

aed2267d9e3790aa8681c212ceef310f1ddcdf74a3cb7f61c023a21cce7b3484

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:02:37 GMT
strict-transport-security: max-age=0
via: cache26.l2us1[0,0,200-0,H], cache36.l2us1[1,0], cache3.nl2[0,0,200-0,H], cache5.nl2[42,0]
age: 30785298
x-swift-cachetime: 59073238
x-cache: HIT TCP_MEM_HIT dirn:3:109683971
x-swift-savetime: Tue, 27 Jun 2023 20:48:39 GMT
content-length: 804
cdn-type: alibaba
last-modified: Wed, 17 Mar 2021 09:27:59 GMT
server: Tengine
ali-swift-global-savetime: 1660572157
content-type: image/png
traceid: 2ff62c9616605721570028860e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 2ff62c9616605721570028860e
eagleid: 2ff6309916913574559478064e

GET
H2 200 HTB10wESJmzqK1RjSZFp761kSXXa2.png
ae01.alicdn.com/kf/ Frame 7F53 1 KB
1 KB 291ms
121ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB10wESJmzqK1RjSZFp761kSXXa2.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

8b94e5d6db6e5b89ffe57d83e40a0b4c8ef542be5dc2b8d4e507437f63441897

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 09:58:46 GMT
strict-transport-security: max-age=0
via: cache16.l2us1[0,0,200-0,H], cache5.l2us1[1,0], cache5.nl2[0,0,200-0,H], cache5.nl2[42,0]
age: 30799929
x-swift-cachetime: 58415592
x-cache: HIT TCP_MEM_HIT dirn:5:361478663
x-swift-savetime: Wed, 05 Jul 2023 07:25:34 GMT
content-length: 1159
cdn-type: alibaba
last-modified: Tue, 30 Jul 2019 03:42:35 GMT
server: Tengine
ali-swift-global-savetime: 1660557526
content-type: image/png
traceid: 4f85b09c16605575263641450e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 4f85b09c16605575263641450e
eagleid: 2ff6309916913574559478080e

GET
H2 200 HTB1tQJgJxnaK1RjSZFt762C2VXa9.png
ae01.alicdn.com/kf/ Frame 7F53 1 KB
2 KB 291ms
122ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1tQJgJxnaK1RjSZFt762C2VXa9.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

aa25b8bd8a3414337a3400426136f38549cd56761abf79da3a2df84b8d031856

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 08:51:47 GMT
strict-transport-security: max-age=0
via: cache31.l2us1[0,0,200-0,H], cache12.l2us1[1,0], cache8.nl2[0,0,200-0,H], cache5.nl2[42,0]
age: 30803948
x-swift-cachetime: 58409102
x-cache: HIT TCP_MEM_HIT dirn:6:109335848
x-swift-savetime: Wed, 05 Jul 2023 08:06:45 GMT
content-length: 1215
cdn-type: alibaba
last-modified: Fri, 26 Jul 2019 08:33:49 GMT
server: Tengine
ali-swift-global-savetime: 1660553507
content-type: image/png
traceid: 2ff6189716605535074707300e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 2ff6189716605535074707300e
eagleid: 2ff6309916913574559478095e

GET
H2 200 HTB1BDMWJgHqK1RjSZFE763GMXXac.png
ae01.alicdn.com/kf/ Frame 7F53 724 B
988 B 114ms
113ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1BDMWJgHqK1RjSZFE763GMXXac.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

c7cc5260c8b88070d349ed72df2a2cb90650cf3b8f3c95af58648f7083150709

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 09:20:33 GMT
strict-transport-security: max-age=0
via: cache14.l2us1[0,0,200-0,H], cache36.l2us1[0,0], cache5.nl2[0,0,200-0,H], cache5.nl2[42,0]
age: 30802222
x-swift-cachetime: 58413299
x-cache: HIT TCP_MEM_HIT dirn:1:232820272
x-swift-savetime: Wed, 05 Jul 2023 07:25:34 GMT
content-length: 724
cdn-type: alibaba
last-modified: Fri, 26 Jul 2019 07:39:26 GMT
server: Tengine
ali-swift-global-savetime: 1660555233
content-type: image/png
traceid: 4f85b09c16605552333891907e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 4f85b09c16605552333891907e
eagleid: 2ff6309916913574559478113e

GET
H2 200 HTB1U_Wxbs_vK1Rjy0Fo760IxVXa4.png
ae01.alicdn.com/kf/ Frame 7F53 1 KB
1 KB 115ms
113ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1U_Wxbs_vK1Rjy0Fo760IxVXa4.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

d6de08fe9206071c740a89eeaafd414cac67a381eaeacdaf3217d53e4d3e9ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:45:10 GMT
strict-transport-security: max-age=0
via: cache19.l2us1[0,0,200-0,H], cache20.l2us1[1,0], cache2.nl2[0,0,200-0,H], cache5.nl2[42,0]
age: 8401545
x-swift-cachetime: 80813462
x-cache: HIT TCP_MEM_HIT dirn:4:430589227
x-swift-savetime: Wed, 05 Jul 2023 07:34:08 GMT
content-length: 1142
cdn-type: alibaba
last-modified: Fri, 26 Jul 2019 08:33:49 GMT
server: Tengine
ali-swift-global-savetime: 1682955910
content-type: image/png
traceid: 800ef9a216829559104815103e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 800ef9a216829559104815103e
eagleid: 2ff6309916913574559478129e

GET
H2 200 HTB1xE7RJirpK1RjSZFh760SdXXam.png
ae01.alicdn.com/kf/ Frame 7F53 1 KB
1 KB 233ms
232ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1xE7RJirpK1RjSZFh760SdXXam.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

526ecabda69a7020f833b1fcf62af0c4a426c5710b3eb67575eb48adfd59ebd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 09:20:33 GMT
strict-transport-security: max-age=0
via: cache16.l2us1[0,0,200-0,H], cache26.l2us1[2,0], cache4.nl2[0,-16,200-0,H], cache5.nl2[72,0]
age: 30802222
x-swift-cachetime: 58412390
x-cache: HIT TCP_MEM_HIT dirn:11:137371215
x-swift-savetime: Wed, 05 Jul 2023 07:40:43 GMT
content-length: 1202
cdn-type: alibaba
last-modified: Fri, 26 Jul 2019 08:33:49 GMT
server: Tengine
ali-swift-global-savetime: 1660555233
content-type: image/png
traceid: 4f85b09c16605552333891897e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 4f85b09c16605552333891897e
eagleid: 2ff6309916913574559478144e

GET
H2 200 HTB1I_IWJgHqK1RjSZFE763GMXXa6.png
ae01.alicdn.com/kf/ Frame 7F53 2 KB
2 KB 116ms
115ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1I_IWJgHqK1RjSZFE763GMXXa6.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

ea33367472a438e090ede4024f11f9ef523be04ca453d5897427d767c0619402

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:45:10 GMT
strict-transport-security: max-age=0
via: cache18.l2us1[0,0,200-0,H], cache30.l2us1[1,0], cache3.nl2[0,0,200-0,H], cache5.nl2[68,0]
age: 8401545
x-swift-cachetime: 80811782
x-cache: HIT TCP_MEM_HIT dirn:3:306959355
x-swift-savetime: Wed, 05 Jul 2023 08:02:08 GMT
content-length: 1909
cdn-type: alibaba
last-modified: Sat, 27 Jul 2019 02:03:19 GMT
server: Tengine
ali-swift-global-savetime: 1682955910
content-type: image/png
traceid: 800ef9a216829559105045144e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 800ef9a216829559105045144e
eagleid: 2ff6309916913574559478162e

GET
H2 200 HTB1SaQTJgHqK1RjSZFg7617JXXaJ.png
ae01.alicdn.com/kf/ Frame 7F53 845 B
1 KB 115ms
114ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1SaQTJgHqK1RjSZFg7617JXXaJ.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

5bd00cf71c0590270166b807a666d0d6f447c2d3a0f0ebc7728161c5e3673828

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 12:23:02 GMT
strict-transport-security: max-age=0
via: cache12.l2us1[0,3,200-0,H], cache29.l2us1[4,0], cache5.nl2[0,0,200-0,H], cache5.nl2[42,0]
age: 3229673
x-swift-cachetime: 85985848
x-cache: HIT TCP_MEM_HIT dirn:1:232818798
x-swift-savetime: Wed, 05 Jul 2023 07:25:34 GMT
content-length: 845
cdn-type: alibaba
last-modified: Mon, 29 Jul 2019 01:17:51 GMT
server: Tengine
ali-swift-global-savetime: 1688127782
content-type: image/png
traceid: 4f85b09c16881277821198320e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 4f85b09c16881277821198320e
eagleid: 2ff6309916913574559478189e

GET
H2 200 HTB1NIKxbyzxK1RkSnaV760n9VXaR.png
ae01.alicdn.com/kf/ Frame 7F53 2 KB
2 KB 116ms
114ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1NIKxbyzxK1RkSnaV760n9VXaR.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

4082d3b6ad33858e4af76a7b20b0d38ba246f4c680dd249a601572c9006903e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 06:32:58 GMT
strict-transport-security: max-age=0
via: cache14.l2us1[0,0,200-0,H], cache17.l2us1[1,0], cache8.nl2[0,0,200-0,H], cache5.nl2[68,0]
age: 30812277
x-swift-cachetime: 62006721
x-cache: HIT TCP_MEM_HIT dirn:11:387626354
x-swift-savetime: Wed, 24 May 2023 14:27:37 GMT
content-length: 1980
cdn-type: alibaba
last-modified: Fri, 26 Jul 2019 05:40:44 GMT
server: Tengine
ali-swift-global-savetime: 1660545178
content-type: image/png
traceid: 4f85b09816605451784351861e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 4f85b09816605451784351861e
eagleid: 2ff6309916913574559478205e

GET
H2 200 channel-tab.js Show response
i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-tab/ Frame 7F53 131 KB
40 KB 45ms
45ms Script
application/javascript 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-tab/channel-tab.js

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

67f07ab1cc488f19d147044efb5bdd9086d2b71320f88d383254a0092271e53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 31536000
fw_ip: 23.37.187.176, 23.210.122.250
x-readtime: 276
server-timing: rt;dur=0.285,eagleid;desc=2ff61c9916892856317803612e
x-swift-savetime: Thu, 13 Jul 2023 22:00:32 GMT
content-length: 39918
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jul 2023 22:00:34 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1689285632
content-type: application/javascript
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500100cfcde181a592e403328d48de7b301be72f877a8d9336e5e
cache-control: max-age=29464252
served-from: 47.246.28.251
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: US_SANTACLARA_20940, FR_PARIS_16276
x-new-origin: 1
eagleid: 2ff61c9916892856317803612e, 2ff61c9916892856317803612e
expires: Fri, 12 Jul 2024 22:01:47 GMT

GET
H2 200 H3ae3fa92b60e4be09a13e902c8cce993V.jpg
ae01.alicdn.com/kf/ Frame 7F53 125 KB
125 KB 119ms
118ms Image
image/jpeg 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/H3ae3fa92b60e4be09a13e902c8cce993V.jpg

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

daa34812d33e38ee6b4e0d11da33f9450c625cfa66bcc4e1a5e680f01f5b916d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 12:00:44 GMT
strict-transport-security: max-age=0
via: cache23.l2us1[0,17,200-0,H], cache3.l2us1[19,0], cache2.nl2[0,0,200-0,H], cache5.nl2[68,0]
age: 25176611
x-swift-cachetime: 64038395
x-cache: HIT TCP_MEM_HIT dirn:5:1485309272
x-swift-savetime: Wed, 05 Jul 2023 07:34:09 GMT
content-length: 128047
cdn-type: alibaba
last-modified: Mon, 21 Jun 2021 09:26:51 GMT
server: Tengine
ali-swift-global-savetime: 1666180844
content-type: image/jpeg
traceid: 2ff6309c16661808446852360e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 2ff6309c16661808446852360e
eagleid: 2ff6309916913574559478226e

GET
H2 200 H22e9ff81716048a380d8595dd3dfb94bC.jpg
ae01.alicdn.com/kf/ Frame 7F53 150 KB
150 KB 232ms
231ms Image
image/jpeg 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/H22e9ff81716048a380d8595dd3dfb94bC.jpg

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

91b8f142c49841cc989494d3bf355e9e80c99dc6cd1e4b814bbe03d2076d85af

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 16:42:15 GMT
strict-transport-security: max-age=0
via: cache37.l2us1[0,7,200-0,H], cache35.l2us1[8,0], cache2.nl2[0,0,200-0,H], cache5.nl2[68,0]
age: 30602920
x-swift-cachetime: 58612086
x-cache: HIT TCP_MEM_HIT dirn:7:1483742952
x-swift-savetime: Wed, 05 Jul 2023 07:34:09 GMT
content-length: 153173
cdn-type: alibaba
last-modified: Tue, 17 Mar 2020 13:29:10 GMT
server: Tengine
ali-swift-global-savetime: 1660754535
content-type: image/jpeg
traceid: 2ff6319816607545356602359e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 2ff6319816607545356602359e
eagleid: 2ff6309916913574559478238e

GET
H2 200 channel-banner.js Show response
i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-banner/ Frame 7F53 173 KB
50 KB 46ms
46ms Script
application/javascript 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-banner/channel-banner.js

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c7df8feeccaf569823c031ab075850f380735cd81c9763bd5fcd24239b8fdc90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 30569429
fw_ip: 23.222.64.73, 23.210.122.250
x-readtime: 910
server-timing: rt;dur=0.923,eagleid;desc=4f85b09816834811015368374e
x-swift-savetime: Thu, 18 May 2023 22:07:53 GMT
content-length: 50409
x-xss-protection: 1; mode=block
last-modified: Thu, 18 May 2023 22:07:54 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1683481102
content-type: application/javascript
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00f3b55c4d0377c56a83328d48de7b301be3617112567202689
cache-control: max-age=27954677
served-from: 2.19.195.132
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: US_RICHARDSON_35994, FR_PARIS_16276
x-new-origin: 1
eagleid: 4f85b09816834811015368374e, 2ff6309716844476730366699e
expires: Tue, 25 Jun 2024 10:42:12 GMT

GET
H2 200 flash-deals.js Show response
i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/ Frame 7F53 188 KB
53 KB 36ms
34ms Script
application/javascript 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/flash-deals.js

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

68142d533daf2fc51c1f8ca03d4c1ae809b847048a6c406dc67c31e4e5ed98f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 21:30:55 GMT
x-swift-cachetime: 31536000
fw_ip: 2.21.238.38, 23.210.122.250
x-readtime: 446
server-timing: rt;dur=0.459,eagleid;desc=c7be2e9c16835045805565747e
x-swift-savetime: Mon, 08 May 2023 00:09:41 GMT
content-length: 54027
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 00:10:04 GMT
server: Akamai Resource Optimizer
x-download-options: noopen
ali-swift-global-savetime: 1683504581
content-type: application/javascript
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00fcb2dc380751978533328d48de7b301be3617112567202689
cache-control: max-age=30094649
served-from: 2.20.134.156
access-control-expose-headers: FW_IP
timing-allow-origin: *, *
network_info: US_ASHBURN_20940, FR_PARIS_16276
x-new-origin: 1
eagleid: c7be2e9c16835045805565747e, c7be2e9c16835045805565747e
expires: Sat, 20 Jul 2024 05:08:24 GMT

GET
H2 200 / Show response
assets.alicdn.com/g/alilog/ Frame 7F53 25 KB
10 KB 34ms
33ms Script
application/javascript 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-122-250.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: af2dfd285587e977c1dd3f4196353cdb6e8e6d514d639705c54da9a136478f7a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:55 GMT
content-encoding: gzip
x-oss-request-id: 64D00D97EC258830348DD9AC
content-md5: gygBRN2M4MlVRBr7rF/+vA==
x-swift-cachetime: 1342
x-swift-savetime: Sun, 06 Aug 2023 21:23:45 GMT
content-length: 10237
x-oss-object-type: Normal
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1691356567
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2722, s-maxage=1800
served-from: 92.123.122.152
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
x-oss-hash-crc64ecma: 15290110112012039273
network_info: FR_PARIS_16276
eagleid: 2ff6309c16913570260503118e
x-oss-server-time: 3

GET
H2 200 start-render.png
ae01.alicdn.com/wimg/monitor/ Frame 7F53 949 B
1 KB 232ms
231ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/wimg/monitor/start-render.png

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

56d989eabce7e1f6ba7b90ccae9a241398f2f92e80315d15a48f9c12ac0f36fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:28:55 GMT
strict-transport-security: max-age=0
via: cache20.l2us1[239,239,304-0,H], cache4.l2us1[241,0], cache2.nl2[0,0,200-0,H], cache5.nl2[68,0]
age: 120
x-swift-cachetime: 300
x-cache: HIT TCP_MEM_HIT dirn:2:49591063
x-swift-savetime: Sun, 06 Aug 2023 21:28:55 GMT
content-length: 949
cdn-type: alibaba
last-modified: Fri, 10 Feb 2023 08:07:53 GMT
server: Tengine
ali-swift-global-savetime: 1691357335
content-type: image/png
traceid: 2ff6309916913573350513746e
access-control-allow-origin: *
cache-control: max-age=300
timing-allow-origin: *, *
eagleeye-traceid: 2ff6309916913573350513746e
eagleid: 2ff6309916913574559478257e

GET
H2 200 bl.js Show response
assets.alicdn.com/g/retcode/cloud-sdk/ Frame 7F53 41 KB
13 KB 25ms
25ms Script
application/javascript 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/retcode/cloud-sdk/bl.js
Requested by: Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-122-250.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:55 GMT
content-encoding: br
x-oss-request-id: 64CF8A396BCCA338337B2EDD
content-md5: 4x6tcG5Vt8TBANh6WSjwmQ==
x-swift-cachetime: 60
x-swift-savetime: Sun, 06 Aug 2023 11:55:38 GMT
content-length: 12983
x-oss-object-type: Normal
last-modified: Sun, 06 Aug 2023 11:55:39 GMT
server: Akamai Resource Optimizer
ali-swift-global-savetime: 1691322938
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=51857, s-maxage=60
served-from: 104.77.103.35
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
network_info: US_RICHARDSON_35994, FR_PARIS_16276
x-oss-hash-crc64ecma: 7956181089051082725
eagleid: 082db09816913229366767396e
x-oss-server-time: 4
expires: Mon, 07 Aug 2023 11:55:12 GMT

GET
H2 200 Hef9c4bcb621f4b1ebc69160e597897edU.png
ae01.alicdn.com/kf/ Frame 7F53 21 KB
21 KB 233ms
232ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/Hef9c4bcb621f4b1ebc69160e597897edU.png

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

00f354f0294e5eced79aae36156db28dd453b002edfa02428339f05bac292e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assets.alicdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:10:02 GMT
strict-transport-security: max-age=0
via: cache16.l2us1[0,1,200-0,H], cache16.l2us1[2,0], cache2.nl2[0,0,200-0,H], cache5.nl2[68,0]
age: 30774053
x-swift-cachetime: 58440953
x-cache: HIT TCP_MEM_HIT dirn:2:461567465
x-swift-savetime: Wed, 05 Jul 2023 07:34:09 GMT
content-length: 20992
cdn-type: alibaba
last-modified: Sun, 10 Apr 2022 15:50:27 GMT
server: Tengine
ali-swift-global-savetime: 1660583402
content-type: image/png
traceid: 2ff6319c16605834026556333e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 2ff6319c16605834026556333e
eagleid: 2ff6309916913574559478268e

GET
H2 200 Hee223875f9f74af385b2e302dfc0e4bbM.png
ae01.alicdn.com/kf/ Frame 7F53 30 KB
30 KB 233ms
232ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/Hee223875f9f74af385b2e302dfc0e4bbM.png

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

14a58481f4ae2bcd2887b9ed07d06601d92c9d8e133c9c225ebfc2f576820fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assets.alicdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 01:25:13 GMT
strict-transport-security: max-age=0
via: cache21.l2us1[0,14,200-0,H], cache40.l2us1[15,0], cache2.nl2[0,0,200-0,H], cache5.nl2[161,0]
age: 30744343
x-swift-cachetime: 58470667
x-cache: HIT TCP_MEM_HIT dirn:4:430587119
x-swift-savetime: Wed, 05 Jul 2023 07:34:06 GMT
content-length: 30435
cdn-type: alibaba
last-modified: Thu, 05 May 2022 10:37:43 GMT
server: Tengine
ali-swift-global-savetime: 1660613113
content-type: image/png
traceid: 2ff6309b16606131128623511e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 2ff6309b16606131128623511e
eagleid: 2ff6309916913574559478283e

GET
H2 200 bp@2x.png
i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/src/img/ Frame 7F53 1 KB
2 KB 47ms
47ms Image
image/png 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/src/img/bp@2x.png

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/flash-deals.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

365a6d1bc9e2663b7e174e27b3533b361a7511bbd925b2c0ede15179e644185c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/flash-deals.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
date: Sun, 06 Aug 2023 21:30:55 GMT
x-content-type-options: nosniff
x-swift-cachetime: 31434916
fw_ip: 23.210.122.250
x-readtime: 453
server-timing: rt;dur=0.456,eagleid;desc=a3b5009e16810334075714577e
x-swift-savetime: Mon, 10 Apr 2023 13:48:12 GMT
content-length: 1231
x-xss-protection: 1; mode=block
server: Tengine
x-download-options: noopen
ali-swift-global-savetime: 1681033408
content-type: image/png
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00fdfc7efadefe6c61f3328d48de7b301be3617112567202689
cache-control: max-age=29801848
served-from: 92.123.122.152
access-control-expose-headers: FW_IP
timing-allow-origin: *, *, *
x-new-origin: 1
network_info: FR_PARIS_16276
eagleid: a3b5009e16810334075714577e, 2ff62b1e16821371562301597e
expires: Tue, 16 Jul 2024 19:48:23 GMT

GET
H2 200 HTB1_G1rL5LaK1RjSZFxq6ymPFXaF.jpg
ae01.alicdn.com/kf/ Frame 7F53 43 KB
43 KB 233ms
232ms Image
image/jpeg 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/HTB1_G1rL5LaK1RjSZFxq6ymPFXaF.jpg

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

8dacd6a60fbc85409b68a29d62d08876d2b83b2ed5b71863af2404d6482291d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:06:50 GMT
strict-transport-security: max-age=0
via: cache32.l2us1[0,0,200-0,H], cache3.l2us1[1,0], cache4.nl2[0,-1,200-0,H], cache5.nl2[68,0]
age: 5163845
x-swift-cachetime: 84050767
x-cache: HIT TCP_MEM_HIT dirn:6:170396164
x-swift-savetime: Wed, 05 Jul 2023 07:40:43 GMT
content-length: 43925
cdn-type: alibaba
last-modified: Sat, 27 Jul 2019 02:03:19 GMT
server: Tengine
ali-swift-global-savetime: 1686193610
content-type: image/jpeg
traceid: 2ff6149816861936101698665e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 2ff6149816861936101698665e
eagleid: 2ff6309916913574559478295e

GET
H2 200 open-sans-v13-cyrillic_latin-regular.woff
i.alicdn.com/ams-static/3.0.0/common/css/font-face/fonts/open-sans-v13-cyrillic_latin/ Frame 7F53 27 KB
27 KB 185ms
110ms Font
font/woff 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/common/css/font-face/fonts/open-sans-v13-cyrillic_latin/open-sans-v13-cyrillic_latin-regular.woff

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ams-static/3.0.0/common/css/font-face.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

a7725581f9b9aeff5856ef888347c7bb6d0bbb8516a7b089ab6b3443abf41976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i.alicdn.com/ams-static/3.0.0/common/css/font-face.css
Origin: https://sale.aliexpress.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
date: Sun, 06 Aug 2023 21:30:55 GMT
x-content-type-options: nosniff
x-swift-cachetime: 30709214
fw_ip: 23.210.122.250
x-readtime: 260
server-timing: rt;dur=0.262,eagleid;desc=2ff602a316803070767201841e
x-swift-savetime: Mon, 10 Apr 2023 13:37:43 GMT
content-length: 27384
x-xss-protection: 1; mode=block
server: Tengine
x-download-options: noopen
ali-swift-global-savetime: 1680307077
content-type: font/woff
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf155e7c93143559fa035715a905c5fffabc3328d48de7b301be72f877a8d9336e5e
cache-control: max-age=30191060
served-from: 23.3.89.117
access-control-expose-headers: FW_IP
timing-allow-origin: *, *, *
x-new-origin: 1
network_info: FR_PARIS_16276
eagleid: 2ff602a316803070767201841e, 2ff62b1e16834796799981959e

GET
H2 200 open-sans-v13-cyrillic_latin-700.woff
i.alicdn.com/ams-static/3.0.0/common/css/font-face/fonts/open-sans-v13-cyrillic_latin/ Frame 7F53 28 KB
28 KB 185ms
111ms Font
font/woff 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/common/css/font-face/fonts/open-sans-v13-cyrillic_latin/open-sans-v13-cyrillic_latin-700.woff

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ams-static/3.0.0/common/css/font-face.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

867fcc29b69777b4e0e32977a929b76658393623e46a7ff3f00361224c709963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i.alicdn.com/ams-static/3.0.0/common/css/font-face.css
Origin: https://sale.aliexpress.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
date: Sun, 06 Aug 2023 21:30:55 GMT
x-content-type-options: nosniff
x-swift-cachetime: 29665558
fw_ip: 23.210.122.250
x-readtime: 303
server-timing: rt;dur=0.305,eagleid;desc=a3b5019d16804054388605034e
x-swift-savetime: Sun, 23 Apr 2023 18:51:21 GMT
content-length: 28204
x-xss-protection: 1; mode=block
server: Tengine
x-download-options: noopen
ali-swift-global-savetime: 1680405439
content-type: font/woff
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00fdfc7efadefe6c61f3328d48de7b301be3617112567202689
cache-control: max-age=30190933
served-from: 92.123.122.171
access-control-expose-headers: FW_IP
timing-allow-origin: *, *, *
x-new-origin: 1
network_info: FR_PARIS_16276
eagleid: a3b5019d16804054388605034e, a3b55c9d16875022943025692e

GET
H2 200 open-sans-v13-cyrillic_latin-800.woff
i.alicdn.com/ams-static/3.0.0/common/css/font-face/fonts/open-sans-v13-cyrillic_latin/ Frame 7F53 28 KB
28 KB 103ms
32ms Font
font/woff 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ams-static/3.0.0/common/css/font-face/fonts/open-sans-v13-cyrillic_latin/open-sans-v13-cyrillic_latin-800.woff

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ams-static/3.0.0/common/css/font-face.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

7c3f6db4cc8b6446051de67f1f4e93f85917b7cc2c7ba67da9489ad964d1570d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i.alicdn.com/ams-static/3.0.0/common/css/font-face.css
Origin: https://sale.aliexpress.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
date: Sun, 06 Aug 2023 21:30:55 GMT
x-content-type-options: nosniff
x-swift-cachetime: 30655524
fw_ip: 23.210.122.250
x-readtime: 450
server-timing: rt;dur=0.454,eagleid;desc=4f85b1a216802537896004841e
x-swift-savetime: Mon, 10 Apr 2023 13:44:26 GMT
content-length: 28484
x-xss-protection: 1; mode=block
server: Tengine
x-download-options: noopen
ali-swift-global-savetime: 1680253790
content-type: font/woff
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00f4b93cf34124dcc583328d48de7b301be3617112567202689
cache-control: max-age=30190905
served-from: 23.3.89.102
access-control-expose-headers: FW_IP
timing-allow-origin: *, *, *
x-new-origin: 1
network_info: FR_PARIS_16276
eagleid: 4f85b1a216802537896004841e, 2ff62b2216823999372793937e

GET
H2 200 loading-middle.gif
i.alicdn.com/ae-channel-ui/2.0.0/common/img/ Frame 7F53 3 KB
3 KB 40ms
40ms Image
image/gif 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.alicdn.com/ae-channel-ui/2.0.0/common/img/loading-middle.gif

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/flash-deals.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/flash-deals.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
date: Sun, 06 Aug 2023 21:30:55 GMT
x-content-type-options: nosniff
x-swift-cachetime: 31536000
fw_ip: 23.210.122.250
x-readtime: 245
server-timing: rt;dur=0.249,eagleid;desc=a3b55ca016822347428457826e
x-swift-savetime: Sun, 23 Apr 2023 07:25:43 GMT
content-length: 2767
x-xss-protection: 1; mode=block
server: Tengine
x-download-options: noopen
ali-swift-global-savetime: 1682234743
content-type: image/gif
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00fcb2dc380751978533328d48de7b301be3617112567202689
cache-control: max-age=30191076
served-from: 92.123.122.152
access-control-expose-headers: FW_IP
timing-allow-origin: *, *, *
x-new-origin: 1
network_info: FR_PARIS_16276
eagleid: a3b55ca016822347428457826e, a3b55c9716861281118695722e
expires: Sun, 21 Jul 2024 07:55:31 GMT

GET
H2 200 android.png
i.alicdn.com/ae-footer/20190918153024/common/img/ Frame 7F53 358 B
987 B 28ms
28ms Image
image/png 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.alicdn.com/ae-footer/20190918153024/common/img/android.png

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

a566bbc568419b22497a08156af53e48e148fe50fea0b6ec666ceaf0c0fb12fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
date: Sun, 06 Aug 2023 21:30:55 GMT
x-content-type-options: nosniff
x-swift-cachetime: 31536000
fw_ip: 23.210.122.250
x-readtime: 229
server-timing: rt;dur=0.231,eagleid;desc=2ff62b2116811352994071849e
x-swift-savetime: Mon, 10 Apr 2023 14:01:39 GMT
content-length: 358
x-xss-protection: 1; mode=block
server: Tengine
x-download-options: noopen
ali-swift-global-savetime: 1681135299
content-type: image/png
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf156eb5838a700500100d52e858d73970bd3328d48de7b301be72f877a8d9336e5e
cache-control: max-age=29903731
served-from: 92.123.122.152
access-control-expose-headers: FW_IP
timing-allow-origin: *, *, *
x-new-origin: 1
network_info: FR_PARIS_16276
eagleid: 2ff62b2116811352994071849e, 2ff62b1c16868083817951420e
expires: Thu, 18 Jul 2024 00:06:26 GMT

GET
H2 200 apple.png
i.alicdn.com/ae-footer/20190918153024/common/img/ Frame 7F53 377 B
1008 B 26ms
25ms Image
image/png 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.alicdn.com/ae-footer/20190918153024/common/img/apple.png

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

b30e419be860244a5c3a8ed2ae7134a11441eb4a6868a668e44cee8e6c685723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.alicdn.com/ae-footer/20190918153024/buyer/front/footer.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
date: Sun, 06 Aug 2023 21:30:55 GMT
x-content-type-options: nosniff
x-swift-cachetime: 31477695
fw_ip: 23.210.122.250
x-readtime: 253
server-timing: rt;dur=0.255,eagleid;desc=4f85b19616401813135173333e
x-swift-savetime: Thu, 23 Dec 2021 06:06:58 GMT
content-length: 377
x-xss-protection: 1; mode=block
server: Tengine
x-download-options: noopen
ali-swift-global-savetime: 1640181313
content-type: image/png
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf15e7e584576b58d00f44ad1201879760c43328d48de7b301be3617112567202689
cache-control: max-age=28297513
served-from: 23.11.206.95
access-control-expose-headers: FW_IP
timing-allow-origin: *, *, *
x-new-origin: 1
network_info: FR_PARIS_16276
eagleid: 4f85b19616401813135173333e, 2ff62b1d16498571126481860e
expires: Sat, 29 Jun 2024 09:56:08 GMT

GET
H2 200 WhiteArrow@2x.png
i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-tab/src/img/ Frame 7F53 1 KB
2 KB 26ms
25ms Image
image/png 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-tab/src/img/WhiteArrow@2x.png

Requested by

Host: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-tab/channel-tab.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-122-250.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

388295472e8db4e63beccc6c3d53e266883b6ae8145d9fc08604e6fa69388824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://i.alicdn.com/ae-channel-ui/2.0.0/channel/common/channel-tab/channel-tab.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
date: Sun, 06 Aug 2023 21:30:55 GMT
x-content-type-options: nosniff
x-swift-cachetime: 29430091
fw_ip: 23.210.122.250
x-readtime: 183
server-timing: rt;dur=0.185,eagleid;desc=2ff62b9a16086377983291204e
x-swift-savetime: Fri, 15 Jan 2021 20:48:27 GMT
content-length: 1128
x-xss-protection: 1; mode=block
server: Tengine
x-download-options: noopen
ali-swift-global-savetime: 1608637798
content-type: image/png
access-control-allow-origin: *
x-server-id: b0381a5e42020db0072a77127f27bf1584e267672cf7c85d5605309bcfb60e5a8ccf041454c3613c
cache-control: max-age=30191076
served-from: 23.11.206.109
access-control-expose-headers: FW_IP
timing-allow-origin: *, *, *
x-new-origin: 1
network_info: FR_PARIS_16276
eagleid: 2ff62b9a16086377983291204e, 2ff62b9516370205843562455e
expires: Sun, 21 Jul 2024 07:55:31 GMT

GET
H2 200 gettime Show response
time-ae.akamaized.net/ Frame 7F53 26 B
116 B 147ms
36ms Script
text/html 2a02:26f0:3500:12::1730:1791

General

Check archive.org

Show headers Download Go to

Full URL: https://time-ae.akamaized.net/gettime?callback=timestampcb&_=1691357455898
Requested by: Host: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/2.0.0/channel/flash-deals/flash-deals.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:1791 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e986b48fb635432824ecf34311c41bdf3f9e0209b61d94f682ee12d747f7944

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:56 GMT
timing-allow-origin: *
content-length: 26
content-type: text/html, text/html

GET
H2 200 index.js Show response
assets.alicdn.com/g/ae-fe/g-loader/ Frame 7F53 11 KB
4 KB 61ms
60ms Script
application/javascript 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/ae-fe/g-loader/index.js
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-122-250.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 58b4190d6003b87e433cf7f59d6443ffdc502abea85c5d5e59901f7a99976574

Request headers

Referer: https://sale.aliexpress.com/
Origin: https://sale.aliexpress.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:55 GMT
content-encoding: gzip
x-oss-request-id: 64D010AB22BE813738BC98D9
content-md5: xm7bjw4FHdfiAqjZ0scLaQ==
x-swift-cachetime: 300
x-swift-savetime: Sun, 06 Aug 2023 21:29:15 GMT
content-length: 3952
x-oss-object-type: Normal
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1691357355
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300,s-maxage=300
object-status: ttl=-1,age=112
served-from: 92.123.122.139
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
x-oss-hash-crc64ecma: 14554246805459894126
network_info: FR_PARIS_16276
eagleid: a3b55c9816913573551882036e
x-oss-server-time: 24

GET
H2 200 / Show response
assets.alicdn.com/g/alilog/ Frame 7F53 175 KB
67 KB 42ms
42ms Fetch
application/javascript 23.210.122.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.alicdn.com/g/alilog/??s/8.15.22/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.22/plugin/aplus_ae.js,s/8.15.22/plugin/aplus_ac.js,s/8.15.22/aplus_int.js,s/8.15.22/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20230801200402
Requested by: Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.210.122.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-122-250.deploy.static.akamaitechnologies.com
Software: Tengine /
Resource Hash: 11c914cb33c0b403f1f01ce72220302ae736c4b6f5271669f043d3f210c000de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:55 GMT
content-encoding: gzip
x-oss-request-id: 64C8FA140833CB323293CD17
content-md5: qYmixGAcqoaHsy9TniOi1A==
x-swift-cachetime: 31104000
x-swift-savetime: Tue, 01 Aug 2023 12:27:00 GMT
content-length: 67697
x-oss-object-type: Normal
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1690892820
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=30639350, s-maxage=31104000
served-from: 92.123.122.152
x-oss-storage-class: Standard
x-source-scheme: https
timing-allow-origin: *
x-oss-hash-crc64ecma: 16531388080846265225
network_info: FR_PARIS_16276
eagleid: a3b55c9916908928740628907e
x-oss-server-time: 2

GET eg.js
ae.mmstat.com/ Frame 7F53 0
0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 7F53 172 KB
46 KB 24ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 06 Aug 2023 21:30:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: dOW/FgysIMZaRe43Maz9ps7m/Wjcsp/1q33qEabEn+rN8GBHtWu/ljytmnvH09jO6zwI6FfQxJ0HntgeoUkx6w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7F53 52 KB
21 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Aug 2023 19:49:45 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6071
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 06 Aug 2023 21:49:45 GMT

GET setCommonCookie.htm
login.aliexpress.ru/ Frame 7F53 0
0

GET setCommonCookie.htm
login.tmall.ru/ Frame 7F53 0
0

GET
H2 200 H9f160b429e0548c29e7f24631e8276e58.png
ae01.alicdn.com/kf/ Frame 7F53 106 KB
107 KB 79ms
79ms Image
image/png 47.246.48.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ae01.alicdn.com/kf/H9f160b429e0548c29e7f24631e8276e58.png

Requested by

Host: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.4/prev/front/ae-header-ru.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.48.252 -, , ASN (),

Reverse DNS

Software

Tengine /

Resource Hash

7d4347d089ea6666874d39adc4872bba71aced349ed7388a397fbbe7ec13efda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://assets.alicdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 14:08:16 GMT
strict-transport-security: max-age=0
via: cache31.l2us1[0,0,200-0,H], cache14.l2us1[8,0], cache5.nl2[0,1,200-0,H], cache5.nl2[111,0]
age: 30784960
x-swift-cachetime: 58430556
x-cache: HIT TCP_MEM_HIT dirn:1:232851960
x-swift-savetime: Wed, 05 Jul 2023 07:25:40 GMT
content-length: 109043
cdn-type: alibaba
last-modified: Mon, 16 May 2022 06:50:22 GMT
server: Tengine
ali-swift-global-savetime: 1660572496
content-type: image/png
traceid: 4f85b09716605724958854596e
access-control-allow-origin: *
cache-control: max-age=86400000
timing-allow-origin: *, *
eagleeye-traceid: 4f85b09716605724958854596e
eagleid: 2ff6309916913574560191231e

GET
H2 200 rtrg
vk.com/ Frame 7F53 49 B
577 B 180ms
65ms Image
image/gif 87.240.137.164

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-208363-3NOqH

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 -, , ASN (),

Reverse DNS

Software

kittenx / KPHP/7.4.114333

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:30:56 GMT
content-encoding: gzip
x-frontend: front512007
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.114333
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame 7F53 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 21:22:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 06 Aug 2023 22:22:49 GMT

GET
H3 200 1650958108523345 Show response
connect.facebook.net/signals/config/ Frame 7F53 408 KB
123 KB 24ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1650958108523345?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8cfc42e280a58229957a8838e0dae57b0c51060fe05e63000f5c0e2219a75da6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 06 Aug 2023 21:30:56 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 126299
x-xss-protection: 0
pragma: public
x-fb-debug: bwaBoyTYPdY1z1RA3p1O1pPIVYFPgK8iEvA4YachmJvTEZw2mAzQOundiL2edGoCS0YqKFS9onswgJCzo65z4g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 7F53 0
18 B 24ms
23ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1650958108523345&ev=PageView&dl=https%3A%2F%2Fsale.aliexpress.com%2Fru%2F__pc%2FmezfS0RxVO.htm&rl=https%3A%2F%2Fldiena.lt%2F&if=true&ts=1691357456207&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&cs_est=true&it=1691357456123&coo=false&exp=a1&rqm=GET

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 06 Aug 2023 21:30:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET setCommonCookie.htm
login.tmall.ru/ Frame 7F53 0
0

GET
H3 200 /
www.facebook.com/tr/ Frame 7F53 0
15 B 23ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1650958108523345&ev=Microdata&dl=https%3A%2F%2Fsale.aliexpress.com%2Fru%2F__pc%2FmezfS0RxVO.htm&rl=https%3A%2F%2Fldiena.lt%2F&if=true&ts=1691357456710&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22RU%20Flash%20Deals%22%2C%22meta%3Adescription%22%3A%22Online%20Shopping%20for%20Cheap%20Automotive%2C%20Phones%20Accessories%2C%20Computers%20Electronics%2C%20Fashion%2C%20Beauty%20Health%2C%20Home%20Garden%2C%20Toys%20Sports%2C%20Weddings%20Events%20from%20China%3B%20Shopping%20on%20Aliexpress%20%7Cthe%20world%27s%20Online%20Marketing%20place.%22%2C%22meta%3Akeywords%22%3A%22Aliexpress%2C%20Online%20shopping%2C%20Shopping%20Online%2C%20Online%20Marketing%2C%20Automotive%2C%20Phones%2C%20Accessories%2C%20Computers%2C%20Electronics%2C%20Fashion%2C%20Beauty%2C%20Health%2C%20Home%2C%20Garden%2C%20Toys%20%2C%20Sports%2C%20Weddings%2C%20Events%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22RU%20Flash%20Deals%22%2C%22og%3Adescription%22%3A%22Online%20Shopping%20for%20Cheap%20Automotive%2C%20Phones%20Accessories%2C%20Computers%20Electronics%2C%20Fashion%2C%20Beauty%20Health%2C%20Home%20Garden%2C%20Toys%20Sports%2C%20Weddings%20Events%20from%20China%3B%20Shopping%20on%20Aliexpress%20%7Cthe%20world%27s%20Online%20Marketing%20place.%22%2C%22og%3Atype%22%3A%22activity%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsale.aliexpress.ru%2FmezfS0RxVO.htm%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fae01.alicdn.com%2Fkf%2FHTB18eCBQXXXXXXfXXXX760XFXXXa.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&it=1691357456123&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 06 Aug 2023 21:30:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ae.mmstat.com
URL: https://ae.mmstat.com/eg.js?t=1691357456013

Domain: login.aliexpress.ru
URL: https://login.aliexpress.ru/setCommonCookie.htm?fromApp=false&currency=EUR&region=FR&bLocale=fr_FR&site=fra&province=&city=&_=1691357456070

Domain: login.tmall.ru
URL: https://login.tmall.ru/setCommonCookie.htm?fromApp=false&currency=EUR&region=FR&bLocale=fr_FR&site=fra&province=&city=&_=1691357456071

Domain: login.tmall.ru
URL: https://login.tmall.ru/setCommonCookie.htm?fromApp=false&currency=EUR&region=FR&bLocale=fr_FR&site=fra&province=&city=&_=1691357456512

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ldiena.lt/	1969-12-31 23:59:59	Name: advanced-frontend Value: up4qg9lot1h856asemnq1j5kju
ldiena.lt/	1969-12-31 23:59:59	Name: _csrf Value: 535a03dbc016b6e47df705cf896f8615ccf97196a4370248f4ca5a0e4ab1d586a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22%D6%F4%1Cj%AE%91%A7%82%AF%B7O0U%8C%95%C3%AC%BC%95%21%1Bkt%0A%00%899%EBS%2B%C9s%22%3B%7D
.ldiena.lt/	1970-01-20 23:25:17	Name: sc_is_visitor_unique Value: rx10241118.1691357426.E862F7665E774F18DEBA6570EB0D7C8D.1.1.1.1.1.1.1.1.1
.w.uptolike.com/	1970-01-20 23:25:17	Name: utl_id2 Value: 32428309070
.w.uptolike.com/	1970-01-20 23:25:17	Name: utl_dat Value: "CMXgiOacMRAAIMWx0+6cMSjFsdPunDEwAKAjlSmu1JzoiddgBWaqgBI="
.statcounter.com/	1970-01-20 23:25:17	Name: is_unique Value: sc10241118.1691357425.0
.statcounter.com/	1970-01-20 23:25:17	Name: is_visitor_unique Value: 1691357425104544682
.ldiena.lt/	1970-01-20 23:25:17	Name: _ga_B41L423S6L Value: GS1.1.1691357426.1.0.1691357426.0.0.0
.ldiena.lt/	1970-01-20 23:25:17	Name: _ga Value: GA1.2.653081757.1691357426
.ldiena.lt/	1970-01-20 13:50:43	Name: _gid Value: GA1.2.321989847.1691357426
.ldiena.lt/	1970-01-20 13:49:17	Name: _gat Value: 1
.ldiena.lt/	1970-01-20 13:49:17	Name: _gat_gtag_UA_11131269_2 Value: 1
.ldiena.lt/	1970-01-20 22:34:53	Name: _ym_uid Value: 1691357426208157105
.ldiena.lt/	1970-01-20 22:34:53	Name: _ym_d Value: 1691357426
.ldiena.lt/	1970-01-20 23:25:17	Name: _ga_0H5YV1RPSL Value: GS1.2.1691357426.1.0.1691357426.0.0.0
.ldiena.lt/	1970-01-20 23:10:53	Name: __gads Value: ID=3c2c5c93504950ec-22a9bc444cde0049:T=1691357426:RT=1691357426:S=ALNI_MYfF_j_KafU03PXlWGjQEMMHuHd-Q
.ldiena.lt/	1970-01-20 23:10:53	Name: __gpi Value: UID=00000c5007ac9850:T=1691357426:RT=1691357426:S=ALNI_MaddRsrbLPiW_S0DhcJaqzMIMj_kQ
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1059160851691357426
.yandex.ru/	1970-01-20 23:25:17	Name: i Value: 3oUHhK4UIJCRtTYq1wXDl7AL/FwSt+MmisPeB/pkF3ZxHi/EzsyYGfNPySSvzyDiW0FJCRwZ5wUaIRGmFapyIzVYyfM=
.yandex.ru/	1970-01-20 23:25:17	Name: yandexuid Value: 2764509961691357426
.yandex.ru/	1970-01-20 22:34:53	Name: yuidss Value: 2764509961691357426
.yandex.ru/	1970-01-20 22:34:53	Name: bh Value: KgI/MA==
.ldiena.lt/	1970-01-20 13:50:29	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 22:34:53	Name: ymex Value: 1722893426.yrts.1691357426#1722893426.yrtsi.1691357426
.ldiena.lt/	1970-01-20 13:49:19	Name: _ym_visorc Value: w
.tiktok.com/	1970-01-20 22:27:41	Name: ttwid Value: 1%7CRkY3evnvYBr4JxvPNqkinRGdwFetqrqghiSvEuQofsY%7C1691357426%7C2337106d7c5dedb3f00d364ce746150166513a140520057a920d4b7ce009e792
.doubleclick.net/	1970-01-20 23:10:53	Name: IDE Value: AHWqTUmwU9s3tWKwznaZDbUl9AjJ_apParM1zzdRwKQpbENnnE-9FQjgNUwuIAr6OPw
.doubleclick.net/	1970-01-20 13:49:21	Name: DSID Value: NO_DATA
.byteoversea.com/	1970-01-20 14:03:41	Name: msToken Value: 17498dylL5nbJz5nWGiYytDhWdaMxRrGBeuVFpW9v82Zsixp1neTCBON8in60CxI-puhHXO4_Rr0nEas-HIzwSNBWRWK_ATi41PjCQJScn0=
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=19fta_gfez7e9&acs_rt=4eee4f43226e49e4b9b2209796ac5da3
.aliexpress.com/	1970-01-20 23:25:17	Name: aeu_cid Value: 9ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH
.aliexpress.com/	1970-01-20 15:58:53	Name: xman_t Value: s3IKIojdtsl8DGBbQz0jKnXXZKVDfHeqDvUf80kxwTYDoeXLA/0hh3SrRH+CN+Le
.aliexpress.com/	1970-01-20 23:25:17	Name: xman_f Value: xXG/EfVdqPJxT6t1K4wcNDDSXUGUvakOyaxRqDBrzSzzkaB3UNvgQcgsC4ITF2NW6Ro9vO0SoEZkdNwozKzrkekm1Sp8LElVja+yWVZNBi1SggkUh9y2vg==
.aliexpress.com/	1970-01-20 23:25:17	Name: af_ss_a Value: 1
.aliexpress.com/	1970-01-20 23:25:17	Name: xman_us_f Value: x_locale=fr_FR&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%229ba9c6b8c5dd42968c3f09fdaf5f5ca4-1691357430752-07977-_DB8znJH%22%2C%22affiliateKey%22%3A%22_DB8znJH%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%223293011531%22%2C%22tagtime%22%3A1691357430752%7D&acs_rt=4eee4f43226e49e4b9b2209796ac5da3
.aliexpress.com/	1970-01-20 23:25:17	Name: aep_usuc_f Value: site=fra&c_tp=EUR&region=FR&b_locale=fr_FR
.tiktok.com/	1970-01-20 14:03:41	Name: msToken Value: Top4w_9rUpvXFPtaY95T54Rvv-U2AeyQIGa2tzkZ3-KO8z1IS4Um3EqVlT0f88ESAbVeegFLDP6Ik4Z0l-8UoiulzDr9zOeohTOZf6f5nJKH1OBbYhv3

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ldiena.lt/ Message: Mixed Content: The page at 'https://ldiena.lt/' was loaded over HTTPS, but requested an insecure element 'http://ekspertai.eu/static/uploads/2014/durnlaiv.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ldiena.lt/ Message: Mixed Content: The page at 'https://ldiena.lt/' was loaded over HTTPS, but requested an insecure element 'http://b1.culture.ru/c/270024.550xp.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ldiena.lt/(Line 1510) Message: Mixed Content: The page at 'https://ldiena.lt/' was loaded over HTTPS, but requested an insecure element 'http://ekspertai.eu/static/uploads/2014/durnlaiv.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ldiena.lt/(Line 1510) Message: Mixed Content: The page at 'https://ldiena.lt/' was loaded over HTTPS, but requested an insecure element 'http://b1.culture.ru/c/270024.550xp.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://ldiena.com/uploads/str/lg/28881.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.471/index.js(Line 3) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://best.aliexpress.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	error	URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm Message: Access to XMLHttpRequest at 'https://login.tmall.ru/setCommonCookie.htm?fromApp=false&currency=EUR&region=FR&bLocale=fr_FR&site=fra&province=&city=&_=1691357456071' from origin 'https://sale.aliexpress.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://login.tmall.ru/setCommonCookie.htm?fromApp=false&currency=EUR&region=FR&bLocale=fr_FR&site=fra&province=&city=&_=1691357456071 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sale.aliexpress.com/ru/__pc/mezfS0RxVO.htm Message: Access to XMLHttpRequest at 'https://login.tmall.ru/setCommonCookie.htm?fromApp=false&currency=EUR&region=FR&bLocale=fr_FR&site=fra&province=&city=&_=1691357456512' from origin 'https://sale.aliexpress.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://login.tmall.ru/setCommonCookie.htm?fromApp=false&currency=EUR&region=FR&bLocale=fr_FR&site=fra&province=&city=&_=1691357456512 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae.mmstat.com
ae01.alicdn.com
af.click.ru
apis.google.com
assets.alicdn.com
b1.culture.ru
best.aliexpress.com
c.statcounter.com
cdn-rtb.sape.ru
cdn.ampproject.org
checkersync.ru
code.jquery.com
connect.facebook.net
ekspertai.eu
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
evaizdai.lt
fonts.googleapis.com
fonts.gstatic.com
fr.aliexpress.com
googleads.g.doubleclick.net
i.alicdn.com
i.postimg.cc
img.youtube.com
ldiena.com
ldiena.lt
lf16-tiktok-common.ibytedtos.com
lf16-tiktok-web.ttwstatic.com
login.aliexpress.ru
login.tmall.ru
mc.yandex.ru
mcs-va-useast2a.tiktokv.com
mon-va.byteoversea.com
mon.tiktokv.com
mssdk-va.byteoversea.com
mssdk-va.tiktok.com
ost1.gismeteo.lt
p16-sign-useast2a.tiktokcdn.com
p16-sign-va.tiktokcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.instagram.com
platform.twitter.com
region1.google-analytics.com
s.click.aliexpress.com
sale.aliexpress.com
scontent-lhr8-1.xx.fbcdn.net
sf16-secsdk.ttwstatic.com
sf16-short-va.bytedapm.com
sf16-website-login.neutral.ttwstatic.com
stackpath.bootstrapcdn.com
static.xx.fbcdn.net
stats.g.doubleclick.net
supraneet.ru
syndication.twitter.com
time-ae.akamaized.net
tpc.googlesyndication.com
use.fontawesome.com
v19-web-newkey.tiktokcdn.com
vk.com
vmweb-va.byteoversea.com
w.uptolike.com
www.aliexpress.com
www.facebook.com
www.gismeteo.lt
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hey.lt
www.instagram.com
www.paypalobjects.com
www.statcounter.com
www.tiktok.com
ae.mmstat.com
login.aliexpress.ru
login.tmall.ru
104.126.37.162
104.126.37.168
104.126.37.179
104.20.219.77
104.244.42.72
109.235.67.100
139.177.230.161
146.75.122.113
151.101.2.133
162.19.88.68
185.12.127.178
185.134.203.247
193.108.153.21
193.108.153.23
193.108.153.24
193.108.153.29
193.16.47.245
2.16.1.26
2.21.20.151
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1a
217.197.112.80
23.210.122.250
23.210.123.5
23.32.238.51
23.48.23.143
23.48.23.157
23.48.23.159
2606:4700::6812:acf
2606:4700:e0::ac40:670b
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:813::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c03::9a
2a02:26f0:3500:12::1730:1791
2a02:6b8::1:119
2a03:2880:f058:f:face:b00c:0:3
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a03:2880:f276:d2:face:b00c:0:43fe
2a03:2880:f276:e8:face:b00c:0:4420
2a06:98c1:3121::3
47.246.146.202
47.246.48.252
62.109.6.15
62.210.189.174
82.151.106.131
87.240.137.164
92.63.192.10
93.184.220.66
95.163.114.203
00f354f0294e5eced79aae36156db28dd453b002edfa02428339f05bac292e74
017d4d5bfadb9fba975f150968587f3cb46c17014a58de3230c77a15e912bda1
026656870f084aad6b8f609358cdcd30a773ec94b67caef4efe0096c4f70277b
027bc31f43449cdbbe3a18770745f06f32ae71ccfb0f16fb46ae31f0d3dd075b
029a3b23f52c772496736dec2cb2991f83ce7e0562c935564e6d976434b10914
03432786f87a79db2089b73ec93a6687a64f02bfc3fa9c7ec3f989abbb9215c8
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a
03c0638f9077740737ec996407194737b6170db3ef1d736632df0fe2fc71f8ae
04d12f4f5cc39b7a851228492557b83c0a470b8bb96d3f55750c4163b4d4309d
04ef638f6dbee1ba0b4b94860aebd2767dd9a249f118a72265810ab146bb8d53
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
08d75b5efe81a77e5662b604db053d1d0ff9e0d8e9625d480543e1c5b68afb49
099baa18a1a63c26de3d955f810e8198c982e27995be08802257d5a879df084c
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0e291004f1e270cff8a48e17f0aa7d09707fcd3a2d6bb154c88242cabf4d9c4d
0eb985dec68adbbd8a8e5410806ceb817a23fd3e7d9a461c7691e085318dc986
0ed9efdb5b9dbd4cc2b257e8eda560c836f46848cd02620c6d0ff4865479926c
108bda49c59526dec79b0384df0768cc5ef91735772a60acfef24322fc743a9e
11c914cb33c0b403f1f01ce72220302ae736c4b6f5271669f043d3f210c000de
11f57321918c52959cd47dfbc8a1adb476c69b428f64064e77d7f754ca421c62
13eafced6e4d89ca730683b212509d3efb57c6a8b75503cb02b66fe3352ce370
14a58481f4ae2bcd2887b9ed07d06601d92c9d8e133c9c225ebfc2f576820fee
15669ee5ed8e7be020a4f5239730fd0141fae0874b9ca3e374c6cf850a318ff5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1b3c20ca0e654efd9729a299e9b4cb6b691e9aa25baf297546b4a4dcddbf05ab
1c19fd6f94185384a2bb6bd132bd1c3446c1f24e54e3899dc4e4f16f7a67e509
1c37842faf2d35dbed89fab63f431a9ae1f4ed14ce20152f11f5167ffd5b0335
1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963
1e5e5df1d130dd028db61bd811eaed4705eaff95034fe3f8a86ba6a85e77af5f
1e70204c1ff4e4a480bfd16f40c8ab3062f720ccf6e5a358ac861a7fc937f8a7
2046833c0631f7937be9e10891ef57ac5e3012128c57a77e8f71186c6793f448
21017fd31582e3295c114a03a3ae2aeb3d8608ceff8ccc4f44ffb81cfe9fdc0d
2147fb9b31ad9e712219cd3046a544dfb7ad25545e3171a96eb460faaf1ffe9f
22eb537ab9a4652390b1dd727b804cea08fdbc75ff1063c7cfc46f5abfe6f4be
23162f6e2b9ad48c0c58da1ec5a40f250d5cfcb13f8ff666bb096502c4a44d63
24f951604079e04853fa2530c81c65bd3527ee9b8bb3a47f353b83d110d0fc3b
24fe63307e2903b2a4b2d80c28383d91861dc9ade1b28feac920e9f5f7b7dddd
254a45df83e69bc0add776bf0b10e14240b78fab11f0dd17f0ae903aff269261
25fb2ec3af1063d8a82deb558578549677bda5638f2d1bd1883320ed1b7edc1d
27735786662c0d84226430a5acd5cfeac63b593e39351fd28321091cafed725e
2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
29a3026ef5317f7817c03732d8a39565b42ba8dbc731450565bc5d2eb65d081b
2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65
2bcd889ef0f28809e23021ead3cb779fb49a15967cf551160d928c2c74edd279
2c6f05eaae17efc970b1b61dbfb4d203ba2178bd0b67fe06842fbce69585af18
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d9d14fb472222d49d6226fc13d88f55f2314e2384703c4db61532fc633632fc
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
303791692bb0264fcf09d5e66ae5aa438066b6004e7a46a5a86ad0f3224cf6b3
3092d518851dbfb0f62fb54828de6377929d8280e0037d11b1c9c3931a1089d9
30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b
311bece61c46caaee7c7ffe7fb9ea30388b35aa3d4d1d18eabd4613286c0d09f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7
3318ca6cb65f7f6e15ae563cbecc18da589292410eed19ade91b72da190e6a9f
34c6c1bb0a5a0bf9bab65f4f347106505abcd0fab729a9dbe4b1567190ee8fcf
3519120aab26baf977cbc85931a43758d555befe3373af03135dd5ad88a9bd9f
36468b8d1a1259b303379e831c650718deb0ef0eb12197298f6cee8640d65190
365a6d1bc9e2663b7e174e27b3533b361a7511bbd925b2c0ede15179e644185c
388295472e8db4e63beccc6c3d53e266883b6ae8145d9fc08604e6fa69388824
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e986b48fb635432824ecf34311c41bdf3f9e0209b61d94f682ee12d747f7944
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4082d3b6ad33858e4af76a7b20b0d38ba246f4c680dd249a601572c9006903e2
415d84b4223609d354a1c6a3b30025c375caa356c4f79e754e3a0c9343373412
43b1e9923fec49355cd708d5fa5554d2f7876b4f5084e259c156c6ecfb63ede3
43f95a81b685143519c9aee4964e776038f87c97a03c6adf1eb8daa48d392678
44566ebe2b3c8736d69cfa1aeb2c4d07136d5dd938ad38cafe0d2f30c2d71455
454aa60a57242adb6bc98f0b09517c5fa2a3d75f7d11e09e3b82ab9b505033c2
45a05e007f6c78e9234df6acab0f6cac5c6e1e57e107832414469f8fd6a8ef74
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
45e61f3245314d79aba083fe734710a1d3018ef1d7da66888d39971fc4c59ceb
48f37cd5ef021b85d18fa40080c3b03a175d05465d9933552e37a67a2c68aa10
491a72f4dd6fb1501f2cfb4b60754b39170a773c5b3cee8d15e70e2e464851eb
4a3e6ec11bb876d43db91a92fc49c6e93ff5ee9b735f45aa758f95d3bdc54884
4c3dcce94b9583dcb52fce641103e074da349da0ce7faf8d38cd39f14dd7a829
4d0cdf4636bcc2d9006a56942c473997c99518baad1737debc1ad0f0a9343c67
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d52f809cf301db31ff122cb4514227850b1f3b5f81f09dadacc8aae3f3315f9
4e79e61b0934ab0b567ad6c34de73e2551dd37bad562d9dba1c6b91efa6a2728
4ef9c6b37d1a2e918d9a48f2f127d030212e05e1ee55d10d133df3656d6b87d8
5051441dfb45e3716e56201a81ca575048f474deaa1439917c896bab96a8e16a
526ecabda69a7020f833b1fcf62af0c4a426c5710b3eb67575eb48adfd59ebd6
52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972
53d82404c5b0e9d6e365013d7510d2895ff86dd2e5668412a396f2d0b3762cf1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54de913295caddd62057113241fd1869e9eed6c21dee5a01d3881446888d8f32
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f46a924667d16baad3bb093821df7634ffee17a7cb1c9c9b8fa9a8ea6e92d8
563076b80f0f355b91fb7cc5eb9a0c4f564802cc04d1c76d5f92064d638268d5
56d989eabce7e1f6ba7b90ccae9a241398f2f92e80315d15a48f9c12ac0f36fa
57034146eeb6626976bc238d640836e5580c921fbb33a51f0b4ae500226a4005
58b4190d6003b87e433cf7f59d6443ffdc502abea85c5d5e59901f7a99976574
593ddd828505463163d4765f4d9ba067ddeba59ef91f4383f4fe0ab8cc5f2fbf
5bd00cf71c0590270166b807a666d0d6f447c2d3a0f0ebc7728161c5e3673828
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806
5c660f15c14fe5b35cd60cdcd493bc6bd5b4787833fe6bed172c9596b7cd34d7
5ced7d22e43f831fe94c260885cd2254494d5a3714ec694c08befa54703f57d1
5d6518513ae6fef5cb6d97c94a14dcbde416b70c2055256424f21f3e2a4d55da
5e24f0966b67b9fa4c1d0f24d6ea96c9b07f65bcd29101ea283316549a2676e8
61363f1bed751d9a3278fb39e2fbeafa6f9d80d1fdd5688c246662f5d19b8aad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621eb31a042dfdb94709e28253cb109564e6903868f685c1604e58a38b14d77d
6446a97d50c5528a2b03166b564b1ff7b3e7ef4921db9288e6fa5ba1edae5d2a
657c0f3bcb0b824ef7e44e98057ea1a4830317ee4e6cafc5c7234070c23336a3
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67f07ab1cc488f19d147044efb5bdd9086d2b71320f88d383254a0092271e53e
68142d533daf2fc51c1f8ca03d4c1ae809b847048a6c406dc67c31e4e5ed98f2
69a20ee0767a760b72d2285f1a49d3ebc2254f1a09f4a92176526e99aab67ee1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cfc6e1a3c159e27b8143820ea6cda8ee427d528462cb11d557350187ddb6089
6d347c7d562215adf1e5153e0edbe60e2ecfce0a4f0614a2b1bf6ad5ffe8d847
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6ecea49eb907310bd16815035674ca95dd8e466b6f8625c0575b6e66f5af0f64
70f06515e47160b02727a63c493c438e94c83be804116ae7fdeb656b3c3a5df6
727262b046756a4e8c0d4458294aabc01482a29f08482151d94efb91d89bff09
72a81bfc713e54dc2126f0cf578f441fdbb3b8b63cc4990672a1b20bb071a549
7327cbe00b68bd0c52043a2117ac12af02ab7ce74c70995f5bd95755d61ad946
7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68
769651ed8ed763552ff527a25a5fa5a5ead5337270bd76b03eda1e4ee8e45e8c
774b0b3fa78d445153630480c76c1eebe2903b8d4fb2bd861aa85510c0ca2784
787abd6ff6fcd7934e6aa6c400ed253127ca1c23f1f5f1d77843e0f76afe06bf
79eec51829f5a6a4d36c76a1821bdbd0de118b417b6901c1610c9cf998d731c2
7a0ffeccfec93487da459595e3988e1569115b7f06133264cdd7621fc1f90e52
7c3f6db4cc8b6446051de67f1f4e93f85917b7cc2c7ba67da9489ad964d1570d
7c43fd36c1817aca149ff0667ca6fe95665bfdc45a8850ace5c1b9e7a2e46f22
7d12f6ba940afef24b1faaf0edef1e6e6c759bee5f97c2668148717cb3099a4f
7d4347d089ea6666874d39adc4872bba71aced349ed7388a397fbbe7ec13efda
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
7ef633c40e744950a8ea91bab702ed745cff821b502cca65f69fe8aa0c37f907
7fc842b253bc1e27239eff8010e53eabf09fb275ae94eea24e12c21dbb49b68c
80061c30b8049a21a43ffc44b06bde34c0039c64e83f49d2c93234ba7984c727
8042a928f3326bc4886dfe362b46bab8e78564bc5379e29cd7b5d99ecd32fd59
81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
849f4f58df22077189f77b312aeb1bc0642288c911d346b7fa80111d1408de9f
867fcc29b69777b4e0e32977a929b76658393623e46a7ff3f00361224c709963
87953a199ac20eb6fb6adb024007fa9437e65847bc69fa241ce494694494d8ac
87b5594b8f70577e8b1597c9143865322455fc9d0bfefbddd5f85720f978b5e9
87e4d4e8eee10572b621bb8536367909f45b178b2d67ff73c66f2bddc3d68a90
893752c8713ba6eee5b13fd785172edcf59eccb406d9c7f808ed374e1264a563
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
8af933fdf42135c925a47d28b49268943fcc2c6206494a5900ced9c84d2b77f8
8b94e5d6db6e5b89ffe57d83e40a0b4c8ef542be5dc2b8d4e507437f63441897
8be68b761fd6b85b01fce2406945b5a67079388d55f3b23ae7d5e2d19d503109
8cfc42e280a58229957a8838e0dae57b0c51060fe05e63000f5c0e2219a75da6
8d50e2d1e73219e3afa25c40642f690693e8d222095422b7b565ec35879a78ec
8dacd6a60fbc85409b68a29d62d08876d2b83b2ed5b71863af2404d6482291d9
8e68adadbe29431374f400a49aacef939d00c2e08bcb60cc2e5089b6265e360d
8eb1fbc5ffbbabcac168355e4104554264a63fa4ab82005b677bf4fa0de75361
8fbba3e7d45edac067fbb61500a2b24d08ec11d9da151f68c64d405cef63a321
90bfd2a150346405da0d1599565c6fd43302b2efc9ec46155acc01d6c16f9250
90ec3c93846a1a334c31b864830f0e6c9f7837c019afffd27a8154a3f795131f
91b8f142c49841cc989494d3bf355e9e80c99dc6cd1e4b814bbe03d2076d85af
922ff506140a126dd19c8682f07013179dcec55b44ccad605dc205665e2717ab
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
9281bfcec216c374f08ddbf9f465471dff58bc37feb097efd4e074495e824f49
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f
984524e29d973d514acf58c3130594adb031a5c2c89caab4619c29dcb20523a5
991897ec1a2534e95755be260bdeea1f20e290c7740fc1cb08cbcd76d82d6f21
9ac824d8a7465d767efed78031874c1c7e5d0a4f73dc01c69b26be387b9ae095
9b11312efbc28046e8edf002308146d238246db13ad6754f1b12b67e718e89d8
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9baec4686ba1b31781d7d2aa19c900b9cea210b7a14ab41b35bede7c66f8851a
9d00ec75128d95246cc9f3018a378cce3c08381ccac54b72bdeeba28ade95ab2
9d8b10a0e33ef1202866a7045430ecc81a217a22be16569a4b528347bba6a8bb
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
a0d2a65319ca8743b05f15bc9f030945320201de8b44faacab6cd924951b1987
a5125b780f0eca91b5012fc474ef44553951196d1fe114ea0b54cfe97085ad87
a514c9f738d1417b0068fa3a0ead68825068ee298ac1bbd107d73db032198f49
a52e43e9967dcf34817bc5419b2721b6c739a1df023c74b38de46a3853c95e20
a566bbc568419b22497a08156af53e48e148fe50fea0b6ec666ceaf0c0fb12fc
a618d19eb5c85efed99be05a0dc7683427921a71396ba0355d8570c249d81ce4
a655855de8d988d1b8c656e63dd0e9cf1f7d7d61529cadfa5220e1ee39d7f757
a7725581f9b9aeff5856ef888347c7bb6d0bbb8516a7b089ab6b3443abf41976
a7837ef50c4e0f020f85c0e2c65d2adea8c04572ff75f615ffe1fb63eebe7132
a850bad1f5bc6d80df59c86ac61f7b1304490a4150bcd7fb77399990bf3a1e36
a97d688e7c8d57e612cc4f2aa9b178f8d4bd3da083af25fd634be351222e1906
a9f2f7ad522f41e86ac8dbc907d37db9cd7bdd5f3c9dc4dec9b3f7deb48ffe59
aa25b8bd8a3414337a3400426136f38549cd56761abf79da3a2df84b8d031856
ab5c1098b94f23c5e8944f0875504f4d5d9a73eeb3ae8a5ca8b7fd46b6233285
abf7d0c96a78e82f0d9360b156b45bbad399a33cf5942b0aca8e1cfd7191e5d0
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad39ca969af7f757e21ee9a26c6e9dd57ee5a5ea41fb095c047db90002a7dffc
ae57b3957a9c77fa496a3822499ac9317a3d05d16e45a788b327e1dd28adffe5
aed2267d9e3790aa8681c212ceef310f1ddcdf74a3cb7f61c023a21cce7b3484
af2dfd285587e977c1dd3f4196353cdb6e8e6d514d639705c54da9a136478f7a
b04d0648407bd9997f98f380d4d3c3e762b2d27b1b5f8fcd8ef757267248a47b
b097fc471c067f5960fbf018f38f1e00396bb71612d79be26976b8f18cf8da26
b1d3d112967cc405d05ab9315817830f2623af64402bf1361e6dc7fa6d25e954
b24202bf3013faf2986cae439c2e2503e07f0cac462bef20ec39e3062b9cc79d
b26d0ff11c4773969989c4774c870b2e6bb60d510d3f8c29e3e69c02528a54ec
b2836f1dd05f4d195cf08ac0bf80beaf0eb0774d2659a4828d5284598811017d
b30e419be860244a5c3a8ed2ae7134a11441eb4a6868a668e44cee8e6c685723
b9b633067350cbb286ebb09f863626effffbcc9be7c5dfae66b33a845116951a
ba2735c9da718210b17b73fe314fd449718a4c061d685f43a04c4ddf91b3d687
bc81ef5f7ed1554029bd7db53f641f510de4ebc6486ebd73821baf7084caf7f5
bd65382641403d980de0a37cce7d5445896373e01ac1306fcbc95cbf12eea6ad
bdb038f2eb6f08289b4c9995e3385f0ea0aab76e376c1779dfea421f07537538
bdec02a79a6c4f929cf12c9b215492a5530c489ad27487f84887466831115493
be7fe65ad1f1b9754d37709f3fed9f2852df147b4c1d07d16469962192da36db
bec3cb16212c9c09bfae569f7df7817c38b1dd96c15b632e733f45660ec4fd5f
bf3d25421e9696d4356b3f9a93946c353fe1256207d8d69777aa6a1b5fbb55d9
bfd1c127f5e5d29a99beb95a57b5c4045e78f19d776dbe3e6f05525fa901d6d6
c07e69f51c82461bd74abd929d5432a64d2f8bf1392bd128a2f473b42ae7d34a
c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b
c14079b517bdae818033910d0fe9786523945fb34c9d9e57ff588bb9641824c6
c22797992dd1d24b0a0ca26c91d8db543627e90afcc35db9e65416373888359b
c249fdc27dd8280a4e7365018373de5f21bcee4c68203fd6ad1678951ea2fe58
c3502a6625d5c848d5519bd1c93527d9227d2840415ca8717c81e6f9b10c2d33
c3b0e8b6b1aeb8070aac3af01805fb563ca90e17cc892ac31c048ca801911924
c69425a628e39d9e2300a47a24724bfee416e64367b97aacd6d0f9a454777f47
c69b2673337a216884b799066692c542b8d0cd57b2cdddc63853ea2400920a16
c7cc5260c8b88070d349ed72df2a2cb90650cf3b8f3c95af58648f7083150709
c7df8feeccaf569823c031ab075850f380735cd81c9763bd5fcd24239b8fdc90
caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197
cbc9d7e00875004c5643cebabf4d96f1e83507d3a0eb87946bc911b29f3ba3cc
cf3d80e2bf58d36eaaa86946e1d42b63f826a3bfcef545f6ea387b7605d02856
cf9ee46b4ec120f6fc3528a4bb190300e3d03f86047239f83c7fdeb3c572c79e
d015f7fb4e7c3be7736958f22e21f8443df1266509f33983a204c2838309d0b4
d0b6c9e4702375367fa252a6c7da584984962bcabe2c87419ecd96486fb59a12
d3ffa9529361dca490a3fbf9bda3568762fd7509aedf9f4f2c5076497adea74f
d494c8910cb6e79ffcc20c64f89035e347db9ef6b41a1f684ee10814fe9daaf0
d4b4bcd0f2bea4a6011d79929d2ce3234ded819e96be691e484fd9bd324fb66f
d5c69343f17def5f178ebc0445c80f25da743b7f53322c65fbb894324145399d
d6d44b64b8036d08a423ab41c2754625ccf14371d74a9eb7d10b47b607e6c910
d6de08fe9206071c740a89eeaafd414cac67a381eaeacdaf3217d53e4d3e9ea0
d75d41880bdba497be796c37a8ce7cd16b1c02c5076072925de932e50fd2b44e
d80a7e5351c9e8b78c9932feaceadab5812c3a25ee9b84cc509dc9bbec81f735
d9837ae513cb80aecf3f53691f460a2206303e8ee8ffde87a955c11fb950dcc5
d9c4b57832a955a704d0f0ba0ee4af219889cdfff1468d08d3411625a8f969cf
d9edb58e7cb61cb239c80d45483f65e9eda75e25d3158eca05b6344bd94ea0ce
daa1ae9bfcbd9f2bdaf7a008651a9ae00f3e4d26ea3cc3608481ecb1c653391f
daa34812d33e38ee6b4e0d11da33f9450c625cfa66bcc4e1a5e680f01f5b916d
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0e934022f9db437d7376661b2125d8b394cc02bd369e1ef8410d0dd94bf903a
e1a75076d7bdcd36a8f6a12ab6c4b6b264c444d05475225d09dd58b11259364e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40392e86c82f3bce196182c21ed8467cca4aea225e451db8fd16ca727fa52d8
e452b75f3f02ecc9b8f97d126400a9525edc251069151928d97eef1026055727
e4dd3bb15ae6492d5ddff59e08075a6023463b82cfe6c284470fec0d86fe52ae
e5025f312f21469ace9e674723495440a3b01e4a2881dc54a3c081737fcd032d
e87df039a2e7c3d2700a2f5cc28a152c0e9b0e77b9b98c08d2f60695b0c0b2ca
e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334
ea33367472a438e090ede4024f11f9ef523be04ca453d5897427d767c0619402
ea46b3a13262366e0f4a5afc21872139bcb36d62b293337b801f776b7bf40c55
ec65faa0a49b147b4b081aff4a82ebfde426f210498f6e9bd8ec2f99ae0451ba
ed3feedd3817486bdb2d8db80af4d1c788038564e3e544f80d49845fd917bfc9
ef018cca916a53ab3f8b018a7abe7eef2199231c4354b4978874174a139e0748
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e151ebfe661d8b84a6f8584c3b8bdc858fed0af7672e0abf0c401e956e1b18
f1b59c28f0f6de9a87843817d437902358e4fed00a47c090cd263a357197336d
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf
f2f9430fbbc6b60e71292d12311af614fc2a197fb14a281f96c1299aebfd6642
f32ad5e5838597651b666edf629cd85d4d92df6b64c01c7055d9ae30ecd5d256
f40f73a944d4d4afb060fb91dd1258826148ce5998c1908be6037d6b8c19cead
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8a1a21276c1ae304f0214d509fa2795e466d9779148a3171be0f2e531d69656
f8bd9481730c6dd787ad7ac7886b7cb74113c38d1e3de93bb6203dcc7e288fab
fb7563dea75e6b91358d0ef891f7ed4f9b24ef905d6daf3135b4efea111cbaa4
fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

ldiena.lt Open in urlscan Pro 62.210.189.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

430 Requests

98 %HTTPS

44 %IPv6

49 Domains

76 Subdomains

62 IPs

10 Countries

11037 kBTransfer

34375 kBSize

37 Cookies

38 Outgoing links

Page URL History

Redirected requests

430 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

ldiena.lt Open in urlscan Pro
62.210.189.174 Public Scan

Screenshot
Live screenshot

Full Image

430
Requests

98 %
HTTPS

44 %
IPv6

49
Domains

76
Subdomains

62
IPs

10
Countries

11037 kB
Transfer

34375 kB
Size

37
Cookies

430 HTTP transactions
11 data transactions