urlscan.io logo urlscan.io
SecurityTrails logo

lietuve.lt Open in urlscan Pro
79.98.24.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lietuve.lt/
Effective URL: https://lietuve.lt/
Submission: On September 14 via manual from LT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 12 countries across 54 domains to perform 383 HTTP transactions. The main IP is 79.98.24.93, located in Lithuania and belongs to INTERNETO-VIZIJA, LT. The main domain is lietuve.lt.
TLS certificate: Issued by R3 on August 10th 2022. Valid for: 3 months.
This is the only time lietuve.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34 79.98.24.93 212531 (INTERNETO...)
3 2a00:1450:400... 15169 (GOOGLE)
7 192.0.77.37 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
2 7 54.38.133.13 16276 (OVH)
1 2a04:4e42:200... 54113 (FASTLY)
12 2a00:1450:400... 15169 (GOOGLE)
13 192.0.77.2 2635 (AUTOMATTIC)
1 143.204.211.232 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2a00:1450:400... 15169 (GOOGLE)
4 15 54.38.133.12 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 12 2a02:2638::1c 44788 (ASN-CRITE...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
9 178.250.0.157 44788 (ASN-CRITE...)
2 162.19.138.116 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
3 3 104.96.145.246 16625 (AKAMAI-AS)
6 23.205.235.133 16625 (AKAMAI-AS)
40 2a03:2880:f01... 32934 (FACEBOOK)
2 13 185.89.210.82 29990 (ASN-APPNEX)
3 198.47.127.22 3257 (GTT-BACKB...)
2 81.17.55.99 60781 (LEASEWEB-...)
3 178.250.2.131 44788 (ASN-CRITE...)
3 37.157.2.234 198622 (ADFORM)
3 185.184.8.90 204995 (RTB-HOUSE...)
3 69.173.144.139 26667 (RUBICONPR...)
2 2 141.95.171.140 16276 (OVH)
5 5 141.94.170.64 16276 (OVH)
1 52.223.40.198 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f10... 32934 (FACEBOOK)
2 145.239.237.56 16276 (OVH)
1 69.173.144.138 26667 (RUBICONPR...)
32 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
40 2a00:1450:400... 15169 (GOOGLE)
9 16 142.250.186.98 15169 (GOOGLE)
3 7 104.18.19.126 13335 (CLOUDFLAR...)
1 2 52.57.145.143 16509 (AMAZON-02)
4 142.250.185.162 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
3 174.137.133.49 27257 (WEBAIR-IN...)
3 3 213.19.147.45 3356 (LEVEL3)
1 2 51.89.9.253 16276 (OVH)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
2 2 52.213.127.205 16509 (AMAZON-02)
2 2 54.78.254.47 16509 (AMAZON-02)
2 2 37.157.6.253 198622 (ADFORM)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 66.155.71.25 13768 (COGECO-PEER1)
1 69.166.1.12 27630 (AS-XFERNET)
1 1 35.205.207.25 396982 (GOOGLE-CL...)
1 1 20.127.253.7 8075 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
2 159.89.25.223 14061 (DIGITALOC...)
5 2a02:2638:1::3 44788 (ASN-CRITE...)
3 151.101.193.108 54113 (FASTLY)
3 184.51.9.34 16625 (AKAMAI-AS)
1 198.47.127.19 3257 (GTT-BACKB...)
383 59
34    79.98.24.93 (Lithuania)

ASN212531 (INTERNETO-VIZIJA, LT)
PTR: lietuve.hostingas.lt
lietuve.lt
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    54.38.133.13 (France)

ASN16276 (OVH, FR)
PTR: ip13.ip-54-38-133.eu
lv.adocean.pl
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
12    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
13    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i1.wp.com
i2.wp.com
i0.wp.com
1    143.204.211.232 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-211-232.fra53.r.cloudfront.net
cdn-images.mailchimp.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
15    54.38.133.12 (France)

ASN16276 (OVH, FR)
PTR: ip12.ip-54-38-133.eu
adlv.hit.gemius.pl
5    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e997a98e7531b5d5668904d495d4a03e.safeframe.googlesyndication.com
e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
73738159ae6f9d576613740cd01160ba.safeframe.googlesyndication.com
3    2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
12    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
9    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
40    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
13    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
2    81.17.55.99 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
3    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    141.95.171.140 (France)

ASN16276 (OVH, FR)
PTR: bixel-6.cloudy.ovh
pixel-eu.onprospects.com
5    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel-eu.onaudience.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
5    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu
ls.hit.gemius.pl
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
32    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
27    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
40    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
16    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
7    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    52.57.145.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-145-143.eu-central-1.compute.amazonaws.com
d.adtriba.com
4    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a05:d018:d29:3605:c283:2fe6:5625:9484 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
rtb2-useast.e-volution.ai
3    213.19.147.45 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
2    52.213.127.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
5    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
5    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
3    184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
Apex Domain
Subdomains		 Transfer
65 googlesyndication.com
e997a98e7531b5d5668904d495d4a03e.safeframe.googlesyndication.com
e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
73738159ae6f9d576613740cd01160ba.safeframe.googlesyndication.com
554 KB
40 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
406 KB
38 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 582
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 257
728 KB
36 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
658 KB
34 lietuve.lt
lietuve.lt
1 MB
24 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 458
mug.criteo.com — Cisco Umbrella Rank: 1814
bidder.criteo.com — Cisco Umbrella Rank: 834
26 KB
22 wp.com
c0.wp.com — Cisco Umbrella Rank: 7979
i1.wp.com — Cisco Umbrella Rank: 9928
stats.wp.com — Cisco Umbrella Rank: 3365
i2.wp.com — Cisco Umbrella Rank: 9196
i0.wp.com — Cisco Umbrella Rank: 3720
pixel.wp.com — Cisco Umbrella Rank: 2898
341 KB
17 gemius.pl
adlv.hit.gemius.pl — Cisco Umbrella Rank: 130714
ls.hit.gemius.pl — Cisco Umbrella Rank: 8784
115 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
acdn.adnxs.com — Cisco Umbrella Rank: 876
74 KB
13 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1365
eus.rubiconproject.com — Cisco Umbrella Rank: 840
token.rubiconproject.com — Cisco Umbrella Rank: 1115
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3032
33 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
3 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
6 KB
7 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 702
ads.pubmatic.com — Cisco Umbrella Rank: 713
image6.pubmatic.com — Cisco Umbrella Rank: 891
42 KB
7 adocean.pl
lv.adocean.pl — Cisco Umbrella Rank: 125471
60 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2417
70 KB
5 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
145 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 305
109 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
41 KB
5 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 11621
2 KB
5 adform.net
adx.adform.net — Cisco Umbrella Rank: 3113
c1.adform.net — Cisco Umbrella Rank: 1015
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
172 KB
5 gstatic.com
fonts.gstatic.com
71 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
1 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2997
980 B
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5726
516 B
3 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 38550
425 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
124 KB
2 setupad.com
node.setupad.com — Cisco Umbrella Rank: 37022
417 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1505
s.tribalfusion.com — Cisco Umbrella Rank: 3853
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2852
mwzeom.zeotap.com — Cisco Umbrella Rank: 2511
825 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 25218
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1087
618 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
489 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 807
2 KB
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 10473
466 B
2 adtriba.com
d.adtriba.com — Cisco Umbrella Rank: 59153
757 B
2 onprospects.com
pixel-eu.onprospects.com — Cisco Umbrella Rank: 122631
480 B
2 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1864
884 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
88 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 636
2 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 3128
709 B
1 avads.net
ads.avads.net — Cisco Umbrella Rank: 21456
439 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1632
500 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 951
191 B
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 9008
233 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1901
576 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2282
351 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772
1 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
265 B
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 9318
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 493
3 KB
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
383 54
Domain Requested by
40 s0.2mdn.net lietuve.lt
s0.2mdn.net
34 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
34 lietuve.lt 1 redirects lietuve.lt
32 pagead2.googlesyndication.com e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
lietuve.lt
02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
27 tpc.googlesyndication.com e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
lietuve.lt
tpc.googlesyndication.com
02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
s0.2mdn.net
cdn.ampproject.org
16 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
15 adlv.hit.gemius.pl 4 redirects lv.adocean.pl
lietuve.lt
adlv.hit.gemius.pl
13 ib.adnxs.com 2 redirects stpd.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
12 gum.criteo.com 6 redirects static.criteo.net
12 securepubads.g.doubleclick.net lietuve.lt
securepubads.g.doubleclick.net
www.googletagservices.com
9 mug.criteo.com lietuve.lt
8 www.google.com 1 redirects e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
lietuve.lt
tpc.googlesyndication.com
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 i1.wp.com lietuve.lt
7 lv.adocean.pl 2 redirects lietuve.lt
lv.adocean.pl
7 c0.wp.com lietuve.lt
6 eus.rubiconproject.com lietuve.lt
eus.rubiconproject.com
6 script.4dex.io stpd.cloud
script.4dex.io
5 static.criteo.net stpd.cloud
static.criteo.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.facebook.com connect.facebook.net
static.xx.fbcdn.net
5 pixel-eu.onaudience.com 5 redirects
5 www.googletagservices.com lietuve.lt
e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
4 scontent.xx.fbcdn.net www.facebook.com
4 googleads4.g.doubleclick.net lietuve.lt
4 googleads.g.doubleclick.net e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
lietuve.lt
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.de securepubads.g.doubleclick.net
3 ads.pubmatic.com stpd.cloud
3 acdn.adnxs.com stpd.cloud
3 an.yandex.ru 2 redirects lietuve.lt
3 token.rubiconproject.com eus.rubiconproject.com
3 prebid-eu.creativecdn.com stpd.cloud
3 adx.adform.net stpd.cloud
3 bidder.criteo.com stpd.cloud
3 hbopenbid.pubmatic.com stpd.cloud
3 i0.wp.com lietuve.lt
3 i2.wp.com lietuve.lt
3 secure-assets.rubiconproject.com 3 redirects
3 stpd.cloud lietuve.lt
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com lietuve.lt
s0.2mdn.net
3 www.googletagmanager.com lietuve.lt
www.googletagmanager.com
2 node.setupad.com lietuve.lt
2 c1.adform.net 2 redirects
2 loada.exelator.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 onetag-sys.com 1 redirects e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
2 sync.1rx.io 2 redirects
2 dsp.adkernel.com e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
2 d.adtriba.com 1 redirects 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
2 ls.hit.gemius.pl adlv.hit.gemius.pl
2 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 pixel-eu.onprospects.com 2 redirects
2 prg.smartadserver.com stpd.cloud
2 connect.facebook.net lietuve.lt
connect.facebook.net
2 id5-sync.com stpd.cloud
02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
1 image6.pubmatic.com ads.pubmatic.com
1 sync.inmobi.com 1 redirects
1 ads.avads.net 1 redirects
1 sync.go.sonobi.com 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
1 pixel-sync.sitescout.com 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
1 s.tribalfusion.com 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 mwzeom.zeotap.com
1 spl.zeotap.com 1 redirects
1 rtb2-useast.e-volution.ai e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 rtb.openx.net e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 73738159ae6f9d576613740cd01160ba.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 match.adsrvr.org lietuve.lt
1 pixel.wp.com lietuve.lt
1 e997a98e7531b5d5668904d495d4a03e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stats.wp.com lietuve.lt
1 cdn-images.mailchimp.com lietuve.lt
1 cdn.jsdelivr.net lietuve.lt
0 cs.chocolateplatform.com Failed 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
383 81
Subject Issuer Validity Valid
lietuve.lt
R3		 2022-08-10 -
2022-11-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.adocean.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-01-24 -
2023-02-06		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
cdn-images.mailchimp.com
Amazon		 2022-07-06 -
2023-08-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
*.stpd.cloud
E1		 2022-08-30 -
2022-11-28		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-23 -
2022-09-21		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2021-09-13 -
2022-10-14		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
node.setupad.com
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh

This page contains 48 frames:

Primary Page: https://lietuve.lt/
Frame ID: C36412D72A72B92709FE8D312133B243
Requests: 89 HTTP requests in this frame

Frame: https://e997a98e7531b5d5668904d495d4a03e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 70FF2B203CB6F7D5F514767EE413E20E
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 59A7E2A33153FF7FCB016958FCAC522F
Requests: 22 HTTP requests in this frame

Frame: https://adlv.hit.gemius.pl/gdejs/xgde.html
Frame ID: 43DD23D870D858147B6ECE4B1039644D
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 1CC3C907763ED949E3F52CEC5677A527
Requests: 4 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 8F1AC88D6A6E3867F89F69814F8AE7C3
Requests: 21 HTTP requests in this frame

Frame: https://lv.adocean.pl/files/js/aomini.js
Frame ID: E4136B4543FA80302BED737EFFBDB74D
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: EA74E470912A768DA106BC3F75D7C79D
Requests: 3 HTTP requests in this frame

Frame: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 862D97201F84A5328D42E39979E2FC37
Requests: 1 HTTP requests in this frame

Frame: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D0A0342F565CD3A68D980A6D1A655BD8
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 9D1C223E47DACFC4B2BB4E33A12627AC
Requests: 1 HTTP requests in this frame

Frame: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C70CFA48B172717579FD02EB6F4D4183
Requests: 17 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: ADFD00C8A78AB7E07194C0F896F3DC93
Requests: 18 HTTP requests in this frame

Frame: https://adlv.hit.gemius.pl/gdejs/xgde.html
Frame ID: 2B0D11B4F3349CF45D847BA0E1A0CE81
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOHlgtMBMAE&v=APEucNXuD5kQDkAezkdEnqSciqRd99t6VJjSGh2OHLpxqPplCgahNa2bFAUSsh_2JSXmjMCRwdYpbsfaS0En6Kr943wOcSgGyaJc_hpaBEfEhF7wEg5zsctChfX8Ex9GHpP5SQr0Een9FF02mrSRozrFDhWPp-d0C4zB19WQ6tqyCL0rEctrj8qAUDVa2FWuZ1aeAraFJsGompocYr2V9G6oRDmRzo6w4Q
Frame ID: F9764C97E6E568457D622BB9230AD69B
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: DC849F35247E60F017229A1DC995FB70
Requests: 3 HTTP requests in this frame

Frame: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A9700FF35FEBFF15A509B10212D3F852
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1DC54ED2BCC2D1E3FF5BA8319AD97588
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi_jve2ATAB&v=APEucNX37UIHXVF5M4XHAvds5XNidnfc1Y-C4sIUjZAyS4-1lzQ-ym5ULh7vjK0KWmVgNTlS9B0YKHBmsFp25317e9vcbUTQoaDAJPrdb1uZ7FvhBl8-4bCqTqb4N55JqGgqE_HSQBckl8lCKsqkAAKcxB18yP0C49sYqFrC5OnaHEBjtfLEmbDsK9LEarDJj4GoCypdMj3AvjGDlr2X90tA6DFZNozoQA
Frame ID: 720BC2F95AF26C10CDA51DEBEB72917E
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Frame ID: 47CD9F06F5E72A137FAF4D5CD671CB36
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Frame ID: 123F40A95B99D06F951383C95671299B
Requests: 22 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: E25AD14E873FE7528DC67640424E196E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1D704E3419A06FB826BDF3C38A0D1284
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A336898A1D6A837274F9F4559B98F1FC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B368B2EAC5F52C2C6F858FA05CA678F3
Requests: 3 HTTP requests in this frame

Frame: https://73738159ae6f9d576613740cd01160ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 6BC608D40937889FD8166FD8F6E5A78F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Frame ID: 0A74EF0475BEA299539F1B916FDE2F5E
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75D823A3C5F66B45E2F8F6D4E5B5AB7F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BD5CB004BC0FCDB5FF1EAA5C11ED1831
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
Frame ID: 0A8B2BEFCE944E4560BBFF9A93F8EDE3
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 89709A85465463809A9A1331F7E227E4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 94F3161A7BCDD50C69BC9AE3170F3FFD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Frame ID: 08C5EF2885505DD1445E7547913568AC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C4C89ACED08CA86F004F809D5E14CA9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D7160BC45B97865A9879B17CE2DFBD7F
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FB0928C47A62E6884F07AB9BA3B96497
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1F8D68F581B42EB9280DA5B89C3C9047
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 57C460A482392C4542A63ED4B2C8AC31
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2A7887E7C27CB076966A87BE45C9A8A1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Frame ID: A7018459A171A064946AFA2544D19FC0
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%3D389860177798308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a39bd39eead4%2526domain%253Dlietuve.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Flietuve.lt%25252Ff796f3e76eaffc%2526relation%253Dparent.parent%26container_width%3D0%26header%3Dfalse%26height%3D350%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fzurnalas.lietuve%26locale%3Den_US%26sdk%3Djoey%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D300
Frame ID: 7400E7C8B3F505B0033EECD2BE35FD06
Requests: 30 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lietuve.lt
Frame ID: F07E3695F8FCE90ECDB895252EB6AF4F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lietuve.lt
Frame ID: E71381AC69791F12EC3E0E54726B314C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4A62CB65235EB088000D9467CADC28D2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 98BB093D21A8E24D03B8838CBE015040
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3161456DBCD2FF4DA48DFB1348FD41F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3E342FB54E63B21B979B33BAB25CEB0
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lietuve.lt
Frame ID: 7AC9A6BFBBCB3E2F8BC1A6D748A82FA8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Žurnalas Lietuvė - Mylintiems Lietuvą!

Page URL History Show full URLs

  1. http://lietuve.lt/ HTTP 302
    https://lietuve.lt/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 80%
Detected patterns
  • adocean\.pl
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 80%
Detected patterns
  • hit\.gemius\.pl
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn-images\.mailchimp\.com/[^>]*\.css
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

383
Requests

93 %
HTTPS

38 %
IPv6

54
Domains

81
Subdomains

59
IPs

12
Countries

5511 kB
Transfer

13775 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lietuve.lt/ HTTP 302
    https://lietuve.lt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://lv.adocean.pl/_1663152368039/ad.js?id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200 HTTP 301
  • https://lv.adocean.pl/__/_1663152368039/ad.js?id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200 HTTP 301
  • https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1663152368%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7%2Fx%3D1600%2Fy%3D1200 HTTP 301
  • https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1663152368%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7%2Fx%3D1600%2Fy%3D1200 HTTP 301
  • https://lv.adocean.pl/__/_1663152368/ad.js?hclsdata=&hcudata=CkOB7MaBPJJFO6NwBGZzkI3iaN16qviQcUJzMHq5y5H.P7&id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200
Request Chain 64
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flietuve.lt%2F&domain=lietuve.lt&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=4-v9w3xqdGF0bDVWcm11NHpIUDNtRFRxNDB0bmwxR3JHd2pQQ3JiTDhrSWV2VUNidjRhNzRWL0h1cGE0YldDVnBiZ0JrSjczVzJ2N1A3RTljdTZUckFmcG9YQit6NTlJUEI4SGdjMlhBczhDTldLRTgrWTZsVlN6TzAxbEZZTnJ5bXdNZWdhYW85WVhVT2pySld6b1BtVkYzc2pHaXNGSHdsdEpUc1BHU2p1RnlObUlUeGUzRGw5N0h2OWdKOTFGS0VGM3Q5OVQxdUlhOWtrNkd5Y1JoeUpTYm8xbzBYYy9EUWxiOTVDTndTS3Y2S1lRPXw&cppv=2
Request Chain 67
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 93
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flietuve.lt%2F&domain=lietuve.lt&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=xAOEFXxybCtYSGxydmZ4VG8vbUl3cUJJbnBZNHdDYVhKYVlnSmhSUmhqT2JmT1E3VFUvaUc0Z05FSnU4UXhUQWIrYzdBSUtacE1ycmxSckJYWVBQL1M1RStQYVNld3BOWkhlNmpHRHZqU29pYVppMFY0MUdiZStDaER6SFZESkJINCtORUt1Y3ZyZmZjRGhFUFJaQkp5WW5LakVwL0tsZTF0VjNPcEhQSHFCbGhvcEpmTUQzQ1ZxaWtsY2p5dDl1YjJqN05LdzB0S2VLb1RwTFJkK3p1L0R0TWRLRDBObEpmV2FVeVJWSXQ0S1NualV3PXw&cppv=2
Request Chain 102
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 116
  • https://adlv.hit.gemius.pl/dataredir?rid=xnjrkiktyj&url=pixel-eu.onprospects.com%2F%3Fpartner%3D254%26mapped%3DHCUDATA%26gdpr%3D0%26gdpr_consent%3D HTTP 301
  • https://pixel-eu.onprospects.com/?partner=254&mapped=ilFw.phAd7PByS4suiv94CtyRhH.F2nkdcw9YQn5kAf.L7&gdpr=0&gdpr_consent= HTTP 301
  • https://pixel-eu.onaudience.com/?partner=254&mapped=ilFw.phAd7PByS4suiv94CtyRhH.F2nkdcw9YQn5kAf.L7&gdpr=0&gdpr_consent=&onp HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 148
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flietuve.lt%2F&domain=lietuve.lt&bundle=dPUTTV9kNDZWTDdQS3kyMzMlMkZGazVHNVZkajRyVTNKOHdMUUtVc0hQZzY5RDVnRlhkb3FoQzQlMkI4bHFydU1ndEhONVdmMmolMkZkc0VBYmhJUnczQzB2dlJGbDdPc2t6MTZ6d0ZNcU1Ia0pHaU1yeG16NTU4WnFwSWVaY1k5ODFzMWJwa29mZg&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=1kE_UnxBd24xWkhQRUMvSUN0b1JsTzlRSEFLVjVmRmdPRFdpWVlzZkZJTWpycHpibUszR1NnTnNML0JsM1BKTVpWK1I2SEYxc2MzQXpmM3RISFlUZS9NWlhwb1R5c2xGa3p1cElMbmdlZEJPQUxvT2VBNUdZcWVyajRYaVk4ZHZaK3ovdnh3Y0Mzd2w2MTVjYTRPeFZSc1IrYndaak9XSmd3L1I2RzEyRzJucHllZCtva3F4amt5M2N1UDg1MXpDZ05ydERNQUpBTGpjZnd2cUozL1N5K0xCTXFoQmJPajBCekdYc2lXZ0ZvZVBCYUxiRm1FNUlUV2tSSTZtYnd1MHV5N2Z5fA&cppv=2
Request Chain 155
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1
Request Chain 165
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyGw8.I3fqf.o.aDcCJbRQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1&google_hm=2
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL106isl3PL8by7mCtI1qp0&google_cver=1
Request Chain 167
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTIwNTU4NjA2NjI2MDYw
Request Chain 179
  • https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_always_on_hw HTTP 302
  • https://d.adtriba.com/px.gif
Request Chain 196
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDE1zzZz4gkr_A4co6z1uYw&google_cver=1&google_push=AehlK4CV4_XZmi-OWFMKncUzW7145wS0DO1X3KpWjXnfYHlX1VyG5YlsvfS0Hr-NmDs0OsCdK_mFhfuvvRWARALimSBrau7GM9JtSw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CV4_XZmi-OWFMKncUzW7145wS0DO1X3KpWjXnfYHlX1VyG5YlsvfS0Hr-NmDs0OsCdK_mFhfuvvRWARALimSBrau7GM9JtSw&google_hm=MTc1ODczODExNTY2NzY4MTg1
Request Chain 199
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJxy73djXLlR9wrhlCxpJ0w&google_cver=1&google_push=AehlK4BKrZFzr3ozx6SaM4HfKbZOy17IiK4EBMk0ZKGzdVKpcJ4AL-PjwLgRuLsbFaUSQXj5_UaBh8GDiBYIpBCj5nPAx7Mr8zb6mA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4BKrZFzr3ozx6SaM4HfKbZOy17IiK4EBMk0ZKGzdVKpcJ4AL-PjwLgRuLsbFaUSQXj5_UaBh8GDiBYIpBCj5nPAx7Mr8zb6mA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1663152371649 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-000ba9d7-46e0-435d-ab76-84641dc39f58-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BKrZFzr3ozx6SaM4HfKbZOy17IiK4EBMk0ZKGzdVKpcJ4AL-PjwLgRuLsbFaUSQXj5_UaBh8GDiBYIpBCj5nPAx7Mr8zb6mA%26google_hm%3DAwALqddG4ENdq3aEZB3Dn1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BKrZFzr3ozx6SaM4HfKbZOy17IiK4EBMk0ZKGzdVKpcJ4AL-PjwLgRuLsbFaUSQXj5_UaBh8GDiBYIpBCj5nPAx7Mr8zb6mA&google_hm=AwALqddG4ENdq3aEZB3Dn1g
Request Chain 201
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHh1F-gL4pj-l_y656NVNfM&google_cver=1&google_push=AehlK4AAd3kdLUE1EFYoQoNSznxdhHkJMTpMkrBTf_q81FE-uT0rGRmuOQH5-hcjNSWdMwdQq64tEWS7dleIHTNv6v-U2jkDoJlAIHY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4AAd3kdLUE1EFYoQoNSznxdhHkJMTpMkrBTf_q81FE-uT0rGRmuOQH5-hcjNSWdMwdQq64tEWS7dleIHTNv6v-U2jkDoJlAIHY HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 202
  • https://an.yandex.ru/mapuid/google/CAESEFCzqUkRXUnoHiq1EMfXTpc?ext-param=AehlK4ChW7TQDfww1qRquA61thpPdlFCoaIDFRFh6F628WjmBiDvQsX9fT4giNrONfpvOK-2J-RQAD9KU_jMtIFzQVSbIVelH4awa84&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEFCzqUkRXUnoHiq1EMfXTpc?redir-setuniq=1&ext-param=AehlK4ChW7TQDfww1qRquA61thpPdlFCoaIDFRFh6F628WjmBiDvQsX9fT4giNrONfpvOK-2J-RQAD9KU_jMtIFzQVSbIVelH4awa84&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEFCzqUkRXUnoHiq1EMfXTpc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1
Request Chain 205
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyGw8.I3fqf.o.aDcCJbRQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1&google_hm=2
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL106isl3PL8by7mCtI1qp0&google_cver=1
Request Chain 207
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTIwNTU4NjA2NjI2MDYw
Request Chain 230
  • https://adlv.hit.gemius.pl/dataredir?rid=xnjrkiktyj&url=pixel-eu.onprospects.com%2F%3Fpartner%3D254%26mapped%3DHCUDATA%26gdpr%3D0%26gdpr_consent%3D HTTP 301
  • https://pixel-eu.onprospects.com/?partner=254&mapped=ilFw.phAd7PByS4suiv94CtyRhH.F2nkdcw9YQn5kAf.L7&gdpr=0&gdpr_consent= HTTP 301
  • https://pixel-eu.onaudience.com/?partner=254&mapped=ilFw.phAd7PByS4suiv94CtyRhH.F2nkdcw9YQn5kAf.L7&gdpr=0&gdpr_consent=&onp HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a88ee0d728760615/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=a88ee0d728760615/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=39034a3066d2175ff6ba583b8d888067&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1242&redirect=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
  • https://pixel-eu.onaudience.com/?partner=68&icm&cver&mapped=1220539229211126160&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=a88ee0d728760615 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3baef7b8-bd20-494a-45ff-24e694ea19da&reqId=1dc7d27f-95c9-41f8-5ecf-7eef4bf66926&zcluid=a88ee0d728760615&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECkT5_Y4AD-MUoCm2KeQXPQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3baef7b8-bd20-494a-45ff-24e694ea19da&reqId=1dc7d27f-95c9-41f8-5ecf-7eef4bf66926&zcluid=a88ee0d728760615&zdid=1332
Request Chain 241
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOAcQzOYM1aZZAtewf-ROa4&google_cver=1&google_push=AehlK4BiNbu6PBEKR-18OL4hR0sQOJRrjf1MA2EQ1nM_UfYoEnO3W0O9jVsulqV9FV7Fb-g7j50QXYYg9aBGnwXrNrxeM1CppDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BiNbu6PBEKR-18OL4hR0sQOJRrjf1MA2EQ1nM_UfYoEnO3W0O9jVsulqV9FV7Fb-g7j50QXYYg9aBGnwXrNrxeM1CppDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOAcQzOYM1aZZAtewf-ROa4&google_cver=1&google_push=AehlK4BiNbu6PBEKR-18OL4hR0sQOJRrjf1MA2EQ1nM_UfYoEnO3W0O9jVsulqV9FV7Fb-g7j50QXYYg9aBGnwXrNrxeM1CppDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BiNbu6PBEKR-18OL4hR0sQOJRrjf1MA2EQ1nM_UfYoEnO3W0O9jVsulqV9FV7Fb-g7j50QXYYg9aBGnwXrNrxeM1CppDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 246
  • https://ads.avads.net/sync/ggl?google_gid=CAESEDmELjATbCQyYorTXgchOYM&google_cver=1&google_push=AehlK4B3aVgCPeROkcDuOJiBEmXq-e5SZ5i3RVKuTtUOBrw-JKLuJLqoE6dXtO-bvLviQ9ly7H1p6sBGN_Uyr34jHPEl1n1IdAFG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OTM0NDhjOGUtM2Q5MC00ZjQ1LTllNTktM2FmOTBhYzM4ZmRj&google_push=AehlK4B3aVgCPeROkcDuOJiBEmXq-e5SZ5i3RVKuTtUOBrw-JKLuJLqoE6dXtO-bvLviQ9ly7H1p6sBGN_Uyr34jHPEl1n1IdAFG
Request Chain 247
  • https://sync.inmobi.com/gob?google_gid=CAESEACZdT_YPLyBwsii22_bVTY&google_cver=1&google_push=AehlK4AEUBWKydGzStpRuTQxJebNm3CKye1N4LArJ_UA5kjbNd9YRJV7eqy3NBIxr4vg2ZtQAVtpwl8iU2ia94zKdInV9J_pYVSM HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4AEUBWKydGzStpRuTQxJebNm3CKye1N4LArJ_UA5kjbNd9YRJV7eqy3NBIxr4vg2ZtQAVtpwl8iU2ia94zKdInV9J_pYVSM&gdpr_consent=&gdpr=
Request Chain 282
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 337
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lietuve.lt&sn=ChromeSyncframe&so=3&topUrl=lietuve.lt&bundle=YjL6719kNDZWTDdQS3kyMzMlMkZGazVHNVZkajlyZk1jTFdUcVhVN0lxRVlKUDFsaXptMUFRZFpUUXhRd2VtY3JBT2psZHZ1ZEdHczcxWXRaaElwZEtIZmFMakx6bnc4UW5oYSUyRjB5U21KREYlMkJDOGNqcTVUb3BESDdnM1dlQlVwOUhJZGZscA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=OCsvfnxsUDJTMUdHeXRyVmo2NEdUV2pwcGxFQWtMVkxMZjhFSmhSZTlNd1p2K1I0Ri90V21IZlYrMnc5b0lsMW1WL3BPVXVJV1p5Zk45dDY0amdFZ1hpb1VkNmkyWDdZZHhIZ0t2amxVRHRVR3l3UDA4ZlFVZ2dkbDZJQUVMVUNvSG5mb2E2QitwRXprdzFMdkpIZHM1QTdTM0I1Y2JkcTNSSGt6M0JuMjM2L2Mxc2oxZ2dzUlpOTFpSSnc5K3RpMWpDVExCdGNwOEhpU05pSS9WejZjeG5vOWo5UWNHREJBR0t1NEdLdytiZ3JONi9WNjVYZkFqUjRjb3g1M2hhZEZ2eHV4ajNBQmZFVm0zd2xkaVkzZFhya3YvYUdINnd5K3lva2xmMjlCOXdRZVZLZz18&cppv=2
Request Chain 338
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lietuve.lt&sn=ChromeSyncframe&so=3&topUrl=lietuve.lt&bundle=YjL6719kNDZWTDdQS3kyMzMlMkZGazVHNVZkajlyZk1jTFdUcVhVN0lxRVlKUDFsaXptMUFRZFpUUXhRd2VtY3JBT2psZHZ1ZEdHczcxWXRaaElwZEtIZmFMakx6bnc4UW5oYSUyRjB5U21KREYlMkJDOGNqcTVUb3BESDdnM1dlQlVwOUhJZGZscA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=RIecenw0UmVVSzJoT04yeFZzUUhvYmczL25QZkFoQlV5blNEUGc0bkhCajZxVGNudmtNRlFVcDlpd1dQMkd3bFM3VDA4Y2lsdDRCNDB4eVMrYUdQUElDOHc1b015ZnJ0N2F6Z2NjYXVSeDg1anlWNit2UXpOeWk5TUJZMGlyOUxWU1E3MHoxTG1LcjhaMXRXVElocFlKb2JBT3ppRjNjS0dyaG8zcDd5UFdWWWFZckw5NStacEdSVmsxZHpyRWptelVQd3J5TjRnclFRa3F6K0xEbVhVQTZhYW0reXZHd0F3Zm43SDZEWStOWEFwYTV6dE1uOE80b0xTK2NydmxncitHbUMvY0xrQ09mR3E0Q1JUdHJsQWRzaEE1VFVUdlBNdHRMZjl3eDhXbEdUTjZZYz18&cppv=2
Request Chain 340
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lietuve.lt&sn=ChromeSyncframe&so=3&topUrl=lietuve.lt&bundle=YjL6719kNDZWTDdQS3kyMzMlMkZGazVHNVZkajlyZk1jTFdUcVhVN0lxRVlKUDFsaXptMUFRZFpUUXhRd2VtY3JBT2psZHZ1ZEdHczcxWXRaaElwZEtIZmFMakx6bnc4UW5oYSUyRjB5U21KREYlMkJDOGNqcTVUb3BESDdnM1dlQlVwOUhJZGZscA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3CD_4nwvMFByU3gxK1ZMT1Q4YXNCamN0QXNjTEFtL3BqQktFa3U0RHcwTWp5c2FLcWlLaFBtTFlhQ1ZweGdrRHRDTk9acnVnK0NSbkJYbTlFbWpITHN0K0FnVENRNStWMmdnSVNZRzdkN1lZTmllVElBYkw1OU5ZbkNIYlJ3eTNtcU8xdmROa0ZjY1pFL2hDdmlmQ2NPZmhaMm1KL054ZzBTUTBka0tiSzJNZWordTR4ZVcyYkRmeTMwVGxBU01tUDBuai9keG9JRURIUWFXSTFIUktVbEV4VlYydFA0bG5ENzlWUWdLNnEyYjRvK0hWQ1JZNHJrWWNBOHFsR2lpL09pZkUxWkVPZkVrUUN2enAxcjlPbGJYdG9udzhnWlBaQ2VPa1NITnV2eS9mczNLST18&cppv=2

383 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lietuve.lt/
Redirect Chain
  • http://lietuve.lt/
  • https://lietuve.lt/
721 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
d15adaffa7a20f7ee00576e77b4480ffcdb867e973971d4bd1552839ec52e187

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 10:46:06 GMT
link
<https://lietuve.lt/wp-json/>; rel="https://api.w.org/" <https://wp.me/2JWZ2>; rel=shortlink
server
Apache
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
203
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 14 Sep 2022 10:46:06 GMT
Keep-Alive
timeout=2, max=100
Location
https://lietuve.lt/
Server
Apache
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-34858127-1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
78f43937cbfadf75797f408ea3c6b3bf8512baeee7d2ebd37eb79cf60cb9b92b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42135
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Sep 2022 10:46:07 GMT
style.min.css
c0.wp.com/c/5.5/wp-includes/css/dist/block-library/ 		53 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.5/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0ddc6189bb154a5d341e7a1336f88a576398c4ca58d854c013c5d507c47a2db2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
br
last-modified
Tue, 07 Jul 2020 14:43:35 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 14 Sep 2023 10:46:07 GMT
styles.css
lietuve.lt/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Sun, 20 Jun 2021 15:43:07 GMT
server
Apache
etag
"a50-5c53469c458c0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
932
expires
Wed, 21 Sep 2022 10:46:07 GMT
style.css
lietuve.lt/wp-content/themes/jarida/ 		115 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/themes/jarida/style.css?v=1&ver=5.5
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
fb543f247093086bdc9ec9f0af8fae74fe2f76b1d13139cad570902beb0ff477

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Fri, 31 Jul 2020 08:29:57 GMT
server
Apache
etag
"1cafe-5abb8980eeb40-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
22883
expires
Wed, 21 Sep 2022 10:46:07 GMT
style.css
lietuve.lt/wp-content/themes/jarida-child/ 		125 B
269 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/themes/jarida-child/style.css?ver=5.5
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
b5c94150ba857f8ccc4e83830902c699858306936b7866cf6633ba2dc4a1350a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Wed, 27 May 2020 06:34:49 GMT
server
Apache
etag
"7d-5a69b689fd440-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
123
expires
Wed, 21 Sep 2022 10:46:07 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700&ver=5.5
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67596f497ba9670488a07493b079a6c8d32fb1714209db992e1e32a99c4dffe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 10:29:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 10:46:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Sep 2022 10:46:07 GMT
app.css
lietuve.lt/wp-content/plugins/simple-lightbox/client/css/ 		232 B
190 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 08:29:55 GMT
server
Apache
etag
"e8-5ae648e8b26c0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
113
expires
Wed, 21 Sep 2022 10:46:07 GMT
front.min.css
lietuve.lt/wp-content/plugins/cookie-notice/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.5
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 09:33:58 GMT
server
Apache
etag
"14ce-5e2a6f8130d80-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
1106
expires
Wed, 21 Sep 2022 10:46:07 GMT
royalslider.css
lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/royalslider.css?ver=3.1.4
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
50abfad217fbf30268524053fb021b78fb176178f905330218a830457611f8f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2013 09:50:34 GMT
server
Apache
etag
"1320-4e7e73bd32e80-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
1342
expires
Wed, 21 Sep 2022 10:46:07 GMT
rs-universal.css
lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/universal/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/universal/rs-universal.css?ver=3.1.4
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
1b56a3ecf80d6775e8eecdbd5c41a6a4f2957298197b1a49e091360ac860352b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2013 09:50:35 GMT
server
Apache
etag
"1f12-4e7e73be270c0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
1962
expires
Wed, 21 Sep 2022 10:46:07 GMT
rs-minimal-white.css
lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/minimal-white/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/minimal-white/rs-minimal-white.css?ver=3.1.4
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
446eaa241abd1a6af539238206e88de5232269acb075c6d0df50ffbeeb4c3634

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2013 09:50:35 GMT
server
Apache
etag
"2093-4e7e73be270c0-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
2090
expires
Wed, 21 Sep 2022 10:46:07 GMT
jetpack.css
c0.wp.com/p/jetpack/9.1.1/css/ 		75 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.1.1/css/jetpack.css
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7772a9cc35fc902c0cccb8871670ec3e45e4695e1bc6941aee1c24db3de8c544
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
br
last-modified
Tue, 25 Aug 2020 15:45:57 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 14 Sep 2023 10:46:07 GMT
frontend-gtag.min.js
lietuve.lt/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.6.0
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 09:34:01 GMT
server
Apache
etag
"2e7a-5e2a6f840d440-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3246
jquery.js
c0.wp.com/c/5.5/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.5/wp-includes/js/jquery/jquery.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
br
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 14 Sep 2023 10:46:07 GMT
tie-scripts.js
lietuve.lt/wp-content/themes/jarida/js/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/themes/jarida/js/tie-scripts.js?ver=5.5
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
af0caa01b464fc3e202959e5a37835f48ad10bd111695da0d515752e66d75ee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2013 09:55:56 GMT
server
Apache
etag
"1010a-4e7e74f048300-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
17883
css
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300|Roboto:400,500,700,400italic,300,100&subset=latin,latin-ext
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a6e90e07079e6f43246e28bcf6844bff3086c5abf26bc9aacdf7077dda51b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 10:46:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 10:46:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Sep 2022 10:46:07 GMT
aomini.js
lv.adocean.pl/files/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lv.adocean.pl/files/js/aomini.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-54-38-133.eu
Software
GAD /
Resource Hash
97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2022 06:32:47 GMT
server
GAD
etag
"00001FCFAF20B624"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
public, must-revalidate, max-age=14400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-type
application/x-javascript
content-length
3211
expires
Wed, 14 Sep 2022 14:46:07 GMT
in-view.min.js
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1939544
x-jsd-version
0.6.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2129
etag
W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
x-served-by
cache-fra19174-FRA, cache-hhn4045-HHN
x-jsd-version-type
version
date
Wed, 14 Sep 2022 10:46:07 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
inview.js
lietuve.lt/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/inview.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:07 GMT
content-encoding
gzip
last-modified
Mon, 22 Jun 2020 13:03:45 GMT
server
Apache
etag
"14be-5a8abdf6eae40-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2129
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-177608189-1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
372209265c427d40a8e474047a58a1a33c656840054bb4ca67c085e66ff2fe50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42160
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Sep 2022 10:46:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f046144ca19df3580d195a7e673bc6a063924bb58f58338074f936706172d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29155
x-xss-protection
0
server
sffe
etag
"1333 / 518 of 1000 / last-modified: 1663151467"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Sep 2022 10:46:08 GMT
wp-emoji-release.min.js
lietuve.lt/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-includes/js/wp-emoji-release.min.js?ver=5.5
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
last-modified
Mon, 31 Aug 2020 14:09:53 GMT
server
Apache
etag
"37a6-5ae2cf4d5ce40-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4671
A.-Andrulevi%C4%8Dien%C4%97s-papuo%C5%A1al%C5%B3-paroda-2.jpg
i1.wp.com/lietuve.lt/wp-content/uploads/2016/04/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/lietuve.lt/wp-content/uploads/2016/04/A.-Andrulevi%C4%8Dien%C4%97s-papuo%C5%A1al%C5%B3-paroda-2.jpg?w=1024&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
c6e4a4ca9ccedaeb7e38f10e9558a2800c36a3f801bae12866c4d7faa29bb3d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 14 Sep 2022 10:46:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 05:09:09 GMT
server
nginx
etag
"cc1413edcd4f8e2c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2016/04/A.-Andrulevi%C4%8Dien%C4%97s-papuo%C5%A1al%C5%B3-paroda-2.jpg>; rel="canonical"
content-length
58238
expires
Thu, 13 Jul 2023 17:09:09 GMT
slim-081711.css
cdn-images.mailchimp.com/embedcode/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/slim-081711.css
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.211.232 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-211-232.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca7f7f2f1530f32622fc0c76791f400659a18bf740f4ccf34be404d923a0f4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
ETag
W/"e52c5f8fc4367efbe2ae0a64f41ceb79"
Age
29665
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 17 Aug 2011 20:36:36 GMT
Server
AmazonS3
Date
Wed, 14 Sep 2022 02:32:46 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-meta-s3fox-filesize
1889
x-amz-meta-s3fox-modifiedtime
1313613307000
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
1R12wPSDALOXsBhsRdMHpuMcQjQ6HRgeFQ3bZd7Uubzccps9f7Xgwg==
photon.min.js
c0.wp.com/p/jetpack/9.1.1/_inc/build/photon/ 		758 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.1.1/_inc/build/photon/photon.min.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 14 Sep 2023 10:46:08 GMT
wp-polyfill.min.js
c0.wp.com/c/5.5/wp-includes/js/dist/vendor/ 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.5/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
br
last-modified
Mon, 29 Jun 2020 11:50:29 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 14 Sep 2023 10:46:08 GMT
index.js
lietuve.lt/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
last-modified
Sun, 20 Jun 2021 15:43:07 GMT
server
Apache
etag
"34ad-5c53469c458c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4004
front.min.js
lietuve.lt/wp-content/plugins/cookie-notice/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 09:33:58 GMT
server
Apache
etag
"20ec-5e2a6f8130d80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1933
smush-lazy-load.min.js
lietuve.lt/wp-content/plugins/wp-smushit/app/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.10.2
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 09:34:06 GMT
server
Apache
etag
"1eee-5e2a6f88d1f80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3684
wp-embed.min.js
c0.wp.com/c/5.5/wp-includes/js/ 		1 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.5/wp-includes/js/wp-embed.min.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
br
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 14 Sep 2023 10:46:08 GMT
jquery.cycle.all.js
lietuve.lt/wp-content/themes/jarida/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/themes/jarida/js/jquery.cycle.all.js?ver=5.5
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
5639a8a45f34fb980687b4f454a829020f58cc9a7c4d7dfe4b97877e3614adda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2013 09:55:56 GMT
server
Apache
etag
"6ae7-4e7e74f048300-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7772
jetpack-carousel.min.js
c0.wp.com/p/jetpack/9.1.1/_inc/build/carousel/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.1.1/_inc/build/carousel/jetpack-carousel.min.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5d6d3933c5bad83e6337d5405bb8afe724adcd2fd10ce0cba2500d200e4501d8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 14:24:10 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Thu, 14 Sep 2023 10:46:08 GMT
jquery.royalslider.min.js
lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/jquery.royalslider.min.js?ver=3.1.4
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
e98502e3e7adbddfb9fff9a3881f36c39d5e5b4caf01d71ac61bbef2451a2800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2013 09:50:34 GMT
server
Apache
etag
"c6aa-4e7e73bd32e80-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
16931
e-202237.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202237.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 03 Sep 2023 22:05:59 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34858127-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5410
date
Wed, 14 Sep 2022 09:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 14 Sep 2022 11:15:58 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-177608189-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34858127-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94ebd06f657221747bf9027f15436042fb0b3772d60dca9cd0385183f86afa8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42181
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Sep 2022 10:46:08 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/gif
ad.js
lv.adocean.pl/__/_1663152368/
Redirect Chain
  • https://lv.adocean.pl/_1663152368039/ad.js?id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200
  • https://lv.adocean.pl/__/_1663152368039/ad.js?id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200
  • https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1663152368%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7%2Fx...
  • https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1663152368%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7%...
  • https://lv.adocean.pl/__/_1663152368/ad.js?hclsdata=&hcudata=CkOB7MaBPJJFO6NwBGZzkI3iaN16qviQcUJzMHq5y5H.P7&id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200
58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lv.adocean.pl/__/_1663152368/ad.js?hclsdata=&hcudata=CkOB7MaBPJJFO6NwBGZzkI3iaN16qviQcUJzMHq5y5H.P7&id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Server
54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-54-38-133.eu
Software
GAD /
Resource Hash
e8eb7597ea2cb171bc71728ac4bcbfaa6e6a593cd8e6052ba57c04fc8257c5d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
server
GAD
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
17755
expires
Tue, 13 Sep 2022 10:46:08 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://lv.adocean.pl/__/_1663152368/ad.js?hclsdata=&hcudata=CkOB7MaBPJJFO6NwBGZzkI3iaN16qviQcUJzMHq5y5H.P7&id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
server
GHC
expires
Tue, 13 Sep 2022 10:46:08 GMT
/
lietuve.lt/ 		721 KB
721 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
server
Apache
link
<https://lietuve.lt/wp-json/>; rel="https://api.w.org/", <https://wp.me/2JWZ2>; rel=shortlink
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
separate.png
lietuve.lt/wp-content/themes/jarida/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/themes/jarida/images/separate.png
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/wp-content/themes/jarida/style.css?v=1&ver=5.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
ff75fb53381a8dfb564b4158ef6b07e4c55c8901eedfd7c9fb5692fb39ca72b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/wp-content/themes/jarida/style.css?v=1&ver=5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
last-modified
Fri, 04 Oct 2013 09:55:45 GMT
server
Apache
etag
"3ddc-4e7e74e5caa40"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
15836
expires
Wed, 21 Sep 2022 10:46:08 GMT
social-icons.png
lietuve.lt/wp-content/themes/jarida/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/themes/jarida/images/social-icons.png
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/wp-content/themes/jarida/style.css?v=1&ver=5.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
8ea3f1ebaa01dc1e35a028505a6b58d28079b1583db379c8a331656dcbdba121

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/wp-content/themes/jarida/style.css?v=1&ver=5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
last-modified
Fri, 04 Oct 2013 09:55:45 GMT
server
Apache
etag
"2756-4e7e74e5caa40"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
10070
expires
Wed, 21 Sep 2022 10:46:08 GMT
top-shadow.png
lietuve.lt/wp-content/themes/jarida/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/themes/jarida/images/top-shadow.png
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/wp-content/themes/jarida/style.css?v=1&ver=5.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
e280f2744f969aa0567a1eb54a550f8b01fdb30912c27c107e02370bef9e4793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/wp-content/themes/jarida/style.css?v=1&ver=5.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
last-modified
Fri, 04 Oct 2013 09:55:51 GMT
server
Apache
etag
"1877-4e7e74eb837c0"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
6263
expires
Wed, 21 Sep 2022 10:46:08 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300|Roboto:400,500,700,400italic,300,100&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lietuve.lt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 08:45:21 GMT
x-content-type-options
nosniff
age
93647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:45:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300|Roboto:400,500,700,400italic,300,100&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lietuve.lt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 13:27:29 GMT
x-content-type-options
nosniff
age
422319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 13:27:29 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300|Roboto:400,500,700,400italic,300,100&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lietuve.lt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 08:45:52 GMT
x-content-type-options
nosniff
age
93616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11816
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:52:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:45:52 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=870743947&t=pageview&_s=1&dl=https%3A%2F%2Flietuve.lt%2F&ul=en-us&de=UTF-8&dt=%C5%BDurnalas%20Lietuv%C4%97%20-%20Mylintiems%20Lietuv%C4%85!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=377588707&gjid=11055948&cid=745218319.1663152368&tid=UA-34858127-1&_gid=1511320456.1663152368&_r=1&gtm=2ou9c0&did=dZGIzZG&gdid=dZGIzZG&z=1628448313
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=870743947&t=pageview&_s=1&dl=https%3A%2F%2Flietuve.lt%2F&ul=en-us&de=UTF-8&dt=%C5%BDurnalas%20Lietuv%C4%97%20-%20Mylintiems%20Lietuv%C4%85!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=865292051&gjid=325916934&cid=745218319.1663152368&tid=UA-177608189-1&_gid=1511320456.1663152368&_r=1&gtm=2ou9c0&did=dZGIzZG&gdid=dZGIzZG&z=2031607943
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022090801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 09:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133090
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:35:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Sep 2023 09:09:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		112 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lietuve.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b766a957071fa0a30f3bf548ad2e488253220101e5dbbc770ed4284e60eedc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Wed, 14 Sep 2022 10:46:08 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=lietuve.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=lietuve.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1832771760295846&correlator=1051964160767350&eid=31068501%2C31069404%2C31068528%2C44773130&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=147246189%2Clietuve.lt_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1302492895&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1663152368462&lmt=1663152368&dlt=1663152367757&idt=642&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flietuve.lt%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=745218319.1663152368&ga_sid=1663152368&ga_hid=870743947&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77b00128314563f17a2336ed40c15b66a4e9fd90a003817019c64a29b442dfb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
606
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e997a98e7531b5d5668904d495d4a03e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 70FF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e997a98e7531b5d5668904d495d4a03e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:08 GMT
expires
Thu, 14 Sep 2023 10:46:08 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022090801.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022090801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a675ecfef5937c8c45a95db9566e42c79e8058b554901336974c399d6b53bbe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 10:31:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13609
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:35:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Sep 2023 10:31:01 GMT
xgde.js
adlv.hit.gemius.pl/gdejs/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/_1663152368039/ad.js?id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
a957d85b13842f9c53f551ac2e1f891562e588b14892b9384a6b0f6e1f9d59c1

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 06:49:43 GMT
server
GHC
etag
"630F04870000D964BC018988"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
19348
expires
Thu, 15 Sep 2022 10:46:08 GMT
extra=;
adlv.hit.gemius.pl/_1663152368824/redot.js/id=.Fg6uH.oJ0sByCkfHlfG4beO3whYFYb2IgngEEm4BQP.w7/stparam=obfkgmipmw/fastid=fbjdmbzcbkfbslamyiapezynrvkh/sarg=6321B0F0E836E7E7/inner=;/ 		2 B
207 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/_1663152368824/redot.js/id=.Fg6uH.oJ0sByCkfHlfG4beO3whYFYb2IgngEEm4BQP.w7/stparam=obfkgmipmw/fastid=fbjdmbzcbkfbslamyiapezynrvkh/sarg=6321B0F0E836E7E7/inner=;/extra=;
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:08 GMT
server
GHC
access-control-allow-origin
https://lietuve.lt
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
2
expires
Tue, 13 Sep 2022 10:46:08 GMT
stpd201221.js
stpd.cloud/assets/postbid/ Frame 59A7 		461 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
/FnTyG7mivuubIGMmM4B7Q==
age
5397
x-ms-lease-status
unlocked
last-modified
Wed, 14 Sep 2022 07:15:32 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
62fb5622-101e-0000-1e09-c8ff97000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
74a88981bde95bdd-FRA
expires
Wed, 14 Sep 2022 14:46:08 GMT
blank.gif
lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/ 		49 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/blank.gif
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/royalslider.css?ver=3.1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/royalslider.css?ver=3.1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
last-modified
Fri, 04 Oct 2013 09:50:34 GMT
server
Apache
etag
"31-4e7e73bd32e80"
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
49
expires
Wed, 21 Sep 2022 10:46:08 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300|Roboto:400,500,700,400italic,300,100&subset=latin,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lietuve.lt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 21:35:52 GMT
x-content-type-options
nosniff
age
133816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 21:35:52 GMT
ad.js
lv.adocean.pl/_1663152368878/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lv.adocean.pl/_1663152368878/ad.js?id=7x1bGkm0_JGI3IMBuLxHSSYDzYmFhieS5HtFI2P1YJD.A7/x=1600/y=1200
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/js/aomini.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-54-38-133.eu
Software
GAD /
Resource Hash
b77aa1d89ad2cfc3ff7d407fa9922c4fb72fe850ae10d0e9e2777ce6c075b3f8

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
server
GAD
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
17744
expires
Tue, 13 Sep 2022 10:46:08 GMT
xgde.html
adlv.hit.gemius.pl/gdejs/ Frame 43DD 		303 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/gdejs/xgde.html
Requested by
Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
public, max-age=86400
content-encoding
gzip
content-length
215
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:08 GMT
etag
"5996D7A50000012F9178E011"
expires
Thu, 15 Sep 2022 10:46:08 GMT
last-modified
Fri, 18 Aug 2017 12:03:49 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin
extra=;
adlv.hit.gemius.pl/_1663152369013/redot.js/id=.Fg6uH.oJ0sByCkfHlfG4beO3whYFYb2IgngEEm4BQP.w7/stparam=ycdhnwlifq/fastid=hmvctiomlpvatcjbeioawrjkgfki/sarg=6321B0F0E836E7E7/inner=;/ 		2 B
216 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/_1663152369013/redot.js/id=.Fg6uH.oJ0sByCkfHlfG4beO3whYFYb2IgngEEm4BQP.w7/stparam=ycdhnwlifq/fastid=hmvctiomlpvatcjbeioawrjkgfki/sarg=6321B0F0E836E7E7/inner=;/extra=;
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:09 GMT
server
GHC
access-control-allow-origin
https://lietuve.lt
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
2
expires
Tue, 13 Sep 2022 10:46:09 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flietuve.lt%2F&domain=lietuve.lt&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://lietuve.lt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 14 Sep 2022 10:46:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
553215
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame 59A7 		483 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413082
x-amz-request-id
txaf6e2c1c2f9f41df87375-00631b6357
x-amz-id-2
txaf6e2c1c2f9f41df87375-00631b6357
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5VXOnm8Uu3KcZLrufuSq8amG15auvXM%2BPwAE0qpYZu5vxaH%2F7lmFZa3%2FXJki0NnVF5lilnM%2B7vdb3LyZaRa%2FgTMAPurw8V1r%2FFacYBW1BZv8TJ8u%2BN37TU5vWrbI9%2FGy6I3xJAIM3LH%2FU2Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1662739245697142
cf-ray
74a8898348309b31-FRA
sid
mug.criteo.com/ Frame 59A7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flietuve.lt%2F&domain=lietuve.lt&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=4-v9w3xqdGF0bDVWcm11NHpIUDNtRFRxNDB0bmwxR3JHd2pQQ3JiTDhrSWV2VUNidjRhNzRWL0h1cGE0YldDVnBiZ0JrSjczVzJ2N1A3RTljdTZUckFmcG9YQit6NTlJUEI4SGdjMlhBczhDTldLRTgrWTZsVlN6TzAxbE...
362 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=4-v9w3xqdGF0bDVWcm11NHpIUDNtRFRxNDB0bmwxR3JHd2pQQ3JiTDhrSWV2VUNidjRhNzRWL0h1cGE0YldDVnBiZ0JrSjczVzJ2N1A3RTljdTZUckFmcG9YQit6NTlJUEI4SGdjMlhBczhDTldLRTgrWTZsVlN6TzAxbEZZTnJ5bXdNZWdhYW85WVhVT2pySld6b1BtVkYzc2pHaXNGSHdsdEpUc1BHU2p1RnlObUlUeGUzRGw5N0h2OWdKOTFGS0VGM3Q5OVQxdUlhOWtrNkd5Y1JoeUpTYm8xbzBYYy9EUWxiOTVDTndTS3Y2S1lRPXw&cppv=2
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7ea0d367bd8a44a1ba91458ff3876a739617284679814066b7aa4dfa606682d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:08 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1219022
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:08 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=4-v9w3xqdGF0bDVWcm11NHpIUDNtRFRxNDB0bmwxR3JHd2pQQ3JiTDhrSWV2VUNidjRhNzRWL0h1cGE0YldDVnBiZ0JrSjczVzJ2N1A3RTljdTZUckFmcG9YQit6NTlJUEI4SGdjMlhBczhDTldLRTgrWTZsVlN6TzAxbEZZTnJ5bXdNZWdhYW85WVhVT2pySld6b1BtVkYzc2pHaXNGSHdsdEpUc1BHU2p1RnlObUlUeGUzRGw5N0h2OWdKOTFGS0VGM3Q5OVQxdUlhOWtrNkd5Y1JoeUpTYm8xbzBYYy9EUWxiOTVDTndTS3Y2S1lRPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
715822
content-length
0
expires
0
481.json
id5-sync.com/g/v2/ Frame 59A7 		216 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
55e41405887dd81ee72cd2556451ce167aa273704b681c1c8a35087853982984
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lietuve.lt
date
Wed, 14 Sep 2022 10:46:08 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame 59A7 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f046144ca19df3580d195a7e673bc6a063924bb58f58338074f936706172d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29155
x-xss-protection
0
server
sffe
etag
"1333 / 828 of 1000 / last-modified: 1663151467"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Sep 2022 10:46:09 GMT
usync.html
eus.rubiconproject.com/ Frame 1CC3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Sep 2022 10:46:09 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 14 Sep 2022 10:46:09 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
stpd201221.js
stpd.cloud/assets/postbid/ Frame 8F1A 		461 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
/FnTyG7mivuubIGMmM4B7Q==
age
5398
x-ms-lease-status
unlocked
last-modified
Wed, 14 Sep 2022 07:15:32 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
62fb5622-101e-0000-1e09-c8ff97000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
74a889831f3f5bdd-FRA
expires
Wed, 14 Sep 2022 14:46:09 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
727ea7aefe3333baec576164b879c38f9d15f44af003d17256844a1e87b0e651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DtchoTle/ODtHFQMRNtueg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
Vg+duRw8Gb3j/MT+J42pkny1UOdQzgktE07sl2incIIVsT1M5+KQXBkBhw322Hg2hZzpeYRimlKCidHXhnfabQ==
x-fb-trip-id
2050670934
x-fb-content-md5
15b2463ac6602f394a235096486546f8
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 14 Sep 2022 10:46:09 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a351bdc7ac895dfd44e6a0526c84f888"
timing-allow-origin
*
priority
u=1,i
expires
Wed, 14 Sep 2022 10:49:57 GMT
zurnalas_lietuve_logo@2x.png
lietuve.lt/wp-content/uploads/2020/07/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/uploads/2020/07/zurnalas_lietuve_logo@2x.png
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
3914f35e1f13e77bd66a29c0f693e989e4d4d94f833568fe4aab6bf59519eae0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
last-modified
Tue, 28 Jul 2020 09:56:07 GMT
server
Apache
etag
"dea2-5ab7d72b0bbc0"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
56994
expires
Wed, 21 Sep 2022 10:46:09 GMT
LT-6.png
lietuve.lt/wp-content/uploads/2020/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/uploads/2020/09/LT-6.png
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
9c5e991424b687398a8c0583448194e5863f4343c1e0d00aecba3417f8ad977c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
last-modified
Mon, 14 Sep 2020 11:42:11 GMT
server
Apache
etag
"103e-5af448665aac0"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
4158
expires
Wed, 21 Sep 2022 10:46:09 GMT
1-10-scaled-497x300.jpg
lietuve.lt/wp-content/uploads/2022/08/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/uploads/2022/08/1-10-scaled-497x300.jpg
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
060a3c60456613b7edbfb77793b6ba99e6b304e9fdb92191697e87a59cc8563f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
last-modified
Thu, 11 Aug 2022 14:56:07 GMT
server
Apache
etag
"842c-5e5f85d84b5b7"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
33836
expires
Wed, 21 Sep 2022 10:46:09 GMT
Kurybos30-scaled-497x300.jpg
lietuve.lt/wp-content/uploads/2022/07/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/uploads/2022/07/Kurybos30-scaled-497x300.jpg
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
ec19652ecb15c7d4f59dc1f468153a2930925ce1afd91eeea2a32678e8d3bff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
last-modified
Thu, 11 Aug 2022 14:56:07 GMT
server
Apache
etag
"a9c0-5e5f85d8588a6"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
43456
expires
Wed, 21 Sep 2022 10:46:09 GMT
pexels-ekaterina-bolovtsova-4051507-497x300.jpg
lietuve.lt/wp-content/uploads/2022/06/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/uploads/2022/06/pexels-ekaterina-bolovtsova-4051507-497x300.jpg
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
82e1c00b8956ccb9fe77f34f93763f2b8a06048a464d8d864c8d0793a90b46de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
last-modified
Thu, 11 Aug 2022 14:58:50 GMT
server
Apache
etag
"5aab-5e5f86747bdbc"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
23211
expires
Wed, 21 Sep 2022 10:46:09 GMT
Aura-111A-1-scaled-497x300.jpg
lietuve.lt/wp-content/uploads/2022/06/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/uploads/2022/06/Aura-111A-1-scaled-497x300.jpg
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
b6d266a12afb3d1fa2f9ec42c0ea3093d524329853d6fe3f60271570324d2c06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
last-modified
Thu, 11 Aug 2022 14:56:07 GMT
server
Apache
etag
"7fc0-5e5f85d869245"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
32704
expires
Wed, 21 Sep 2022 10:46:09 GMT
Virselis-Zurnalas-Lietuve-151-%E2%80%93-kopija-scaled.jpg
i2.wp.com/lietuve.lt/wp-content/uploads/2022/08/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/lietuve.lt/wp-content/uploads/2022/08/Virselis-Zurnalas-Lietuve-151-%E2%80%93-kopija-scaled.jpg?fit=620%2C876&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
c291e092938245b3f0a7b4507fab2bc50d2dfc042d741e64094c9784a5856609
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 14 Sep 2022 10:46:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Aug 2022 07:49:30 GMT
server
nginx
etag
"a33a75addf61b6fd"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/08/Virselis-Zurnalas-Lietuve-151-%E2%80%93-kopija-scaled.jpg>; rel="canonical"
content-length
61442
expires
Thu, 29 Aug 2024 19:49:30 GMT
zygimantas_mauricas_luminor-min_0.jpg
i0.wp.com/lietuve.lt/wp-content/uploads/2022/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/lietuve.lt/wp-content/uploads/2022/09/zygimantas_mauricas_luminor-min_0.jpg?resize=300%2C208&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9dbe6ce4aae277290a6e091136f41bcd3920ae845c7e35d9d75ca54c83efbc45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 14 Sep 2022 10:46:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Sep 2022 08:31:13 GMT
server
nginx
etag
"055993347df8efbe"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/09/zygimantas_mauricas_luminor-min_0.jpg>; rel="canonical"
content-length
5088
expires
Fri, 13 Sep 2024 20:31:13 GMT
1-5-scaled.jpg
i2.wp.com/lietuve.lt/wp-content/uploads/2022/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/lietuve.lt/wp-content/uploads/2022/09/1-5-scaled.jpg?resize=300%2C200&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
6497aec81a8d7670b28cea8fd6280be810aea4d3aea7af70600f8efbd4dd0443
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 14 Sep 2022 10:46:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 12:17:38 GMT
server
nginx
etag
"069b7fd2d8708829"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/09/1-5-scaled.jpg>; rel="canonical"
content-length
6766
expires
Thu, 12 Sep 2024 00:17:38 GMT
1-4-scaled.jpg
i1.wp.com/lietuve.lt/wp-content/uploads/2022/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/lietuve.lt/wp-content/uploads/2022/09/1-4-scaled.jpg?resize=300%2C225&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
112dbb475c3a0ee5f40687883c3cd8038f12909929f829b6604756d933ba9515
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 14 Sep 2022 10:46:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Sep 2022 12:17:38 GMT
server
nginx
etag
"bf0711f7ca739748"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/09/1-4-scaled.jpg>; rel="canonical"
content-length
9278
expires
Thu, 12 Sep 2024 00:17:38 GMT
xgde.js
adlv.hit.gemius.pl/gdejs/ Frame 43DD 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by
Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
a957d85b13842f9c53f551ac2e1f891562e588b14892b9384a6b0f6e1f9d59c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adlv.hit.gemius.pl/gdejs/xgde.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 06:49:43 GMT
server
GHC
etag
"630F04870000D964BC018988"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
19348
expires
Thu, 15 Sep 2022 10:46:09 GMT
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.1.1&blog=40504168&post=0&tz=3&srv=lietuve.lt&host=lietuve.lt&ref=&fcp=1964&rand=0.40570404565955176
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Sep 2022 10:46:09 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
grab.png
lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/ 		99 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/grab.png
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/royalslider.css?ver=3.1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
0bbc958f25216ff5c2fe09e3acae81c47b34b1308a1899b9f4444b4577bd2204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/royalslider.css?ver=3.1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
last-modified
Fri, 04 Oct 2013 09:50:34 GMT
server
Apache
etag
"63-4e7e73bd32e80"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
99
expires
Wed, 21 Sep 2022 10:46:09 GMT
preloader-white.gif
lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/preloaders/ 		869 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/preloaders/preloader-white.gif
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/minimal-white/rs-minimal-white.css?ver=3.1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
6833f7524e9ca01f3d6bc9a0ebbaf5fcc75f54dc5455de86eed6580f6f583342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/minimal-white/rs-minimal-white.css?ver=3.1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
last-modified
Fri, 04 Oct 2013 09:50:35 GMT
server
Apache
etag
"365-4e7e73be270c0"
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
869
expires
Wed, 21 Sep 2022 10:46:09 GMT
rs-minimal-white.png
lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/minimal-white/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/minimal-white/rs-minimal-white.png
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/minimal-white/rs-minimal-white.css?ver=3.1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
55d73a76b02be68b86b799ecee2ca9fcddc53c998ed6aad824a4c24ad780ad00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/wp-content/plugins/new-royalslider/lib/royalslider/skins/minimal-white/rs-minimal-white.css?ver=3.1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
last-modified
Fri, 04 Oct 2013 09:50:35 GMT
server
Apache
etag
"1552-4e7e73be270c0"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
5458
expires
Wed, 21 Sep 2022 10:46:09 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 59A7 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
02a96eefe88ae712af17f549a6d76f757333449ac02f96a3fff4f41aeccb4a2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 14 Sep 2022 10:46:09 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3b6faa04-c99e-46db-9163-8cf6273b7cc5
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://lietuve.lt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 59A7 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lietuve.lt
date
Wed, 14 Sep 2022 10:46:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 59A7 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:08 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ Frame 59A7 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=55294250108
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Sep 2022 10:46:08 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://lietuve.lt
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
adx.adform.net/adx/ Frame 59A7 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyMjk0OCZ0cmFuc2FjdGlvbklkPTZlYmFkZjVhLTE2ZWMtNGZkNi05ZTE0LWZlYjcyZWU0ZWNkZg%3D%3D&pt=gross&stid=9bd9792d-e271-4faa-9f08-b456ea8e96be&fd=1&eids=eyJwdWJjaWQub3JnIjp7Ijc0YjZmNmZlLTdiM2YtNGQxYi05NDU3LTUzYWY4OTM0MmE0NSI6WzFdfX0%3D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dd50c997c969398418d1f70669723e525890a6ffd247a5d88b89c5c498fb8813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://lietuve.lt
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 59A7 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lietuve.lt
date
Wed, 14 Sep 2022 10:46:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flietuve.lt%2F&domain=lietuve.lt&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://lietuve.lt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 14 Sep 2022 10:46:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
513902
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame 8F1A 		483 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413082
x-amz-request-id
txaf6e2c1c2f9f41df87375-00631b6357
x-amz-id-2
txaf6e2c1c2f9f41df87375-00631b6357
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6FacsLUFJyAYMpqZvsW5UudpKEAMW77hcMGloj5HCizOgDJC9cYQ27NRHJdUq0JfvZINdPPNt%2BLPTjTq5uPw3wBMiGhi68YdyVoFMZe1PRKMmJ%2FyEeESwpMy1jCGhhypfKKKVIUwcd5m%2FDb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1662739245697142
cf-ray
74a889857c1a9b31-FRA
sid
mug.criteo.com/ Frame 8F1A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flietuve.lt%2F&domain=lietuve.lt&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=xAOEFXxybCtYSGxydmZ4VG8vbUl3cUJJbnBZNHdDYVhKYVlnSmhSUmhqT2JmT1E3VFUvaUc0Z05FSnU4UXhUQWIrYzdBSUtacE1ycmxSckJYWVBQL1M1RStQYVNld3BOWkhlNmpHRHZqU29pYVppMFY0MUdiZStDaER6SF...
360 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=xAOEFXxybCtYSGxydmZ4VG8vbUl3cUJJbnBZNHdDYVhKYVlnSmhSUmhqT2JmT1E3VFUvaUc0Z05FSnU4UXhUQWIrYzdBSUtacE1ycmxSckJYWVBQL1M1RStQYVNld3BOWkhlNmpHRHZqU29pYVppMFY0MUdiZStDaER6SFZESkJINCtORUt1Y3ZyZmZjRGhFUFJaQkp5WW5LakVwL0tsZTF0VjNPcEhQSHFCbGhvcEpmTUQzQ1ZxaWtsY2p5dDl1YjJqN05LdzB0S2VLb1RwTFJkK3p1L0R0TWRLRDBObEpmV2FVeVJWSXQ0S1NualV3PXw&cppv=2
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f75e769fb4e38960636da68f9cb25ba809c85d0e1e0f27b4e16a19a6774fa7b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1175500
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:09 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=xAOEFXxybCtYSGxydmZ4VG8vbUl3cUJJbnBZNHdDYVhKYVlnSmhSUmhqT2JmT1E3VFUvaUc0Z05FSnU4UXhUQWIrYzdBSUtacE1ycmxSckJYWVBQL1M1RStQYVNld3BOWkhlNmpHRHZqU29pYVppMFY0MUdiZStDaER6SFZESkJINCtORUt1Y3ZyZmZjRGhFUFJaQkp5WW5LakVwL0tsZTF0VjNPcEhQSHFCbGhvcEpmTUQzQ1ZxaWtsY2p5dDl1YjJqN05LdzB0S2VLb1RwTFJkK3p1L0R0TWRLRDBObEpmV2FVeVJWSXQ0S1NualV3PXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
650817
content-length
0
expires
0
/
adx.adform.net/adx/ Frame 8F1A 		5 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyMjk0OSZ0cmFuc2FjdGlvbklkPWMxOWIyNzhiLWFlN2ItNDA2NS1iNmMxLTJjNWE5YWNlMjY0Yw%3D%3D&pt=gross&stid=aa9589b7-109e-4f91-8e96-c22e6e7ddf9c&fd=1&eids=eyJpZDUtc3luYy5jb20iOnsiMCI6WzFdfSwicHViY2lkLm9yZyI6eyI3NGI2ZjZmZS03YjNmLTRkMWItOTQ1Ny01M2FmODkzNDJhNDUiOlsxXX19
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://lietuve.lt
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 8F1A 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=73066239015
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://lietuve.lt
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8F1A 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lietuve.lt
date
Wed, 14 Sep 2022 10:46:09 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame 8F1A 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lietuve.lt
date
Wed, 14 Sep 2022 10:46:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 8F1A 		171 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.99 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
prebid
ib.adnxs.com/ut/v3/ Frame 8F1A 		138 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2892bc527442a63136a0f430e44ad52c22cfc881aa72ef0f9e62eb0949ca9f32
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:09 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
65744159-80bd-47f7-83a3-02cfb20bb1e1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://lietuve.lt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 8F1A 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
768e56d3130af428cd093ef451cdcac4d03ef6ee396ff287f7ee84d66bd2592e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27859
x-xss-protection
0
server
sffe
etag
"1333 / 477 of 1000 / last-modified: 1663145227"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Sep 2022 10:46:09 GMT
aomini.js
lv.adocean.pl/files/js/ Frame E413 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lv.adocean.pl/files/js/aomini.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-54-38-133.eu
Software
GAD /
Resource Hash
97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
last-modified
Tue, 13 Sep 2022 06:32:47 GMT
server
GAD
etag
"00001FCFAF20B624"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
public, must-revalidate, max-age=14400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-type
application/x-javascript
content-length
3211
expires
Wed, 14 Sep 2022 14:46:09 GMT
usync.html
eus.rubiconproject.com/ Frame EA74
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Sep 2022 10:46:09 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 14 Sep 2022 10:46:09 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=4-v9w3xqdGF0bDVWcm11NHpIUDNtRFRxNDB0bmwxR3JHd2pQQ3JiTDhrSWV2VUNidjRhNzRWL0h1cGE0YldDVnBiZ0JrSjczVzJ2N1A3RTljdTZUckFmcG9YQit6NTlJUEI4SGdjMlhBczhDTldLRTgrWTZsVlN6TzAxbEZZTnJ5bXdNZWdhYW85WVhVT2pySld6b1BtVkYzc2pHaXNGSHdsdEpUc1BHU2p1RnlObUlUeGUzRGw5N0h2OWdKOTFGS0VGM3Q5OVQxdUlhOWtrNkd5Y1JoeUpTYm8xbzBYYy9EUWxiOTVDTndTS3Y2S1lRPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 14 Sep 2022 10:46:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
473216
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adagio.js
script.4dex.io/ Frame 59A7 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51751
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txfb1d2a5588194ef785e0d-00631b661a
x-amz-id-2
txfb1d2a5588194ef785e0d-00631b661a
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"831813ee9b2fc0d248741417a0e3b488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AL4UhZnRGBIx%2F%2FF1JB6mbIYvZpGFXSXhPEow%2FsUkS0zYmsNTY36kz71ZJcL1PdPj6MitHH0RmtKAZfE9ShZQ98lYFnXVNo2%2BrDAd3s%2FppcMKmKFLTpA9Sr2n5KF3ysK6dysp%2BieN3sm3eY4f"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1662739245061580
cf-ray
74a889872d58bbcd-FRA
access-control-allow-headers
Authorization
pubads_impl_2022090801.js
securepubads.g.doubleclick.net/gpt/ Frame 59A7 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 09:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133090
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:35:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Sep 2023 09:09:47 GMT
usync.js
eus.rubiconproject.com/ Frame 1CC3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b083d6f8e252a0b4517aba24b98ef64c736edf01fbe64bfa3cf5d754d475e512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 10:46:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 16:52:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48397
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Thu, 15 Sep 2022 00:12:46 GMT
all.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=dd35458a9517af64e0a3a9645765d20d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01b7b52468332193ee8534a48823ad04fede4057eda0fd3ce2fea2ce19682311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lietuve.lt/
Origin
https://lietuve.lt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
S0EW2Xo5+syv0gNGSeA04g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88052
x-fb-rlafr
0
x-fb-debug
qioq3IdgFhuF6D35+8uEki21pJPjq4IZHucCuY5QEfh0VBeCFatWhghy2hXxrFsFMc6u/OB9Nt2MKjpPU6HV5A==
x-fb-content-md5
225786cd41713eb5eb3083005a3f93d8
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 14 Sep 2022 10:46:09 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f2442998c5556d4f5822ea951cfbcf99"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 14 Sep 2023 10:15:01 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=xAOEFXxybCtYSGxydmZ4VG8vbUl3cUJJbnBZNHdDYVhKYVlnSmhSUmhqT2JmT1E3VFUvaUc0Z05FSnU4UXhUQWIrYzdBSUtacE1ycmxSckJYWVBQL1M1RStQYVNld3BOWkhlNmpHRHZqU29pYVppMFY0MUdiZStDaER6SFZESkJINCtORUt1Y3ZyZmZjRGhFUFJaQkp5WW5LakVwL0tsZTF0VjNPcEhQSHFCbGhvcEpmTUQzQ1ZxaWtsY2p5dDl1YjJqN05LdzB0S2VLb1RwTFJkK3p1L0R0TWRLRDBObEpmV2FVeVJWSXQ0S1NualV3PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 14 Sep 2022 10:46:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
671478
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adagio.js
script.4dex.io/ Frame 8F1A 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51751
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txfb1d2a5588194ef785e0d-00631b661a
x-amz-id-2
txfb1d2a5588194ef785e0d-00631b661a
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"831813ee9b2fc0d248741417a0e3b488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lGvbF6HKXRNSpqpvT%2BAuHvU2rYkNhoo1xL989biOVig%2BkSNTAexiIEtghka4mlI8A49kZTkOeh5HFkdoEFC4zOweY7%2B9dZixWi8a83RAq1oS7dqfM0MweLz4opl8HJQx1Y2PLkzoB3HS8OQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1662739245061580
cf-ray
74a889872d5bbbcd-FRA
access-control-allow-headers
Authorization
usync.js
eus.rubiconproject.com/ Frame EA74 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b083d6f8e252a0b4517aba24b98ef64c736edf01fbe64bfa3cf5d754d475e512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 10:46:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 16:52:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48397
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Thu, 15 Sep 2022 00:12:46 GMT
ad.js
lv.adocean.pl/_1663152369735/ Frame E413 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lv.adocean.pl/_1663152369735/ad.js?id=u0xGQXbK4orPQmWrCCrfFzp2QStr6YbCWoVtGphAuIf..7/x=1600/y=1200
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/js/aomini.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-54-38-133.eu
Software
GAD /
Resource Hash
6ddd1c9e9f689d874d351462d18a150c684dc34ee3df10b835b83bb7b5aeb1f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
server
GAD
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
17724
expires
Tue, 13 Sep 2022 10:46:09 GMT
gemius.js
adlv.hit.gemius.pl/ Frame 43DD 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/gemius.js
Requested by
Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
384563e8d6cb2a18d1215bd4b623f6824fdeb1a420a7fb375af7e36a3c5caaab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adlv.hit.gemius.pl/gdejs/xgde.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 10:13:48 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
15796
expires
Wed, 14 Sep 2022 22:46:09 GMT
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ Frame 8F1A 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069586
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2753
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Sep 2023 10:00:16 GMT
khaos.jpg
token.rubiconproject.com/ Frame 1CC3 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame EA74 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
generic
match.adsrvr.org/track/cmf/ Frame 43DD
Redirect Chain
  • https://adlv.hit.gemius.pl/dataredir?rid=xnjrkiktyj&url=pixel-eu.onprospects.com%2F%3Fpartner%3D254%26mapped%3DHCUDATA%26gdpr%3D0%26gdpr_consent%3D
  • https://pixel-eu.onprospects.com/?partner=254&mapped=ilFw.phAd7PByS4suiv94CtyRhH.F2nkdcw9YQn5kAf.L7&gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=254&mapped=ilFw.phAd7PByS4suiv94CtyRhH.F2nkdcw9YQn5kAf.L7&gdpr=0&gdpr_consent=&onp
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adlv.hit.gemius.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
integrator.js
adservice.google.de/adsid/ Frame 59A7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=lietuve.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 59A7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=lietuve.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 59A7 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=309950001095319&correlator=830726566549478&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=147246189%3A22679444511%2Clietuve.lt_970x250_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C970x90%7C750x200&ifi=1&adks=1561111712&sfv=1-0-38&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x250%26hb_pb%3D0.16%26hb_adid%3D1494eb6bf281639%26hb_bidder%3Dappnexus&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3Dcf2c9252d34a8628-226463fc21ce006d%3AT%3D1663152368%3AS%3DALNI_MbOxvIGW56PVK3eqHEvHNDMyGL7OA&cdm=lietuve.lt&abxe=1&dt=1663152369907&dlt=1663152368813&idt=1059&adxs=315&adys=354&biw=1600&bih=1200&isw=970&ish=150&scr_x=0&scr_y=0&btvi=0&ucis=jybbkeo1q3n1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=lietuve.lt&loc=https%3A%2F%2Flietuve.lt%2F&top=lietuve.lt&frm=23&vis=1&psz=970x150&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=745218319.1663152368&ga_sid=1663152370&ga_hid=1218319137&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01cf16978ff1e926ad96d5fd6b61fe1f0030dc20cf556539e70eb59c72a450e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9774
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 862D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:10 GMT
expires
Thu, 14 Sep 2023 10:46:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 8F1A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=lietuve.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8F1A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=lietuve.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8F1A 		100 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2288171947044446&correlator=3553178835950621&eid=31069320%2C31069586%2C44768258&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&iu_parts=147246189%3A22679444511%2Clietuve.lt_300x600_sidebar_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=4057126961&sfv=1-0-38&fsapi=false&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3Dcf2c9252d34a8628-226463fc21ce006d%3AT%3D1663152368%3AS%3DALNI_MbOxvIGW56PVK3eqHEvHNDMyGL7OA&cdm=lietuve.lt&abxe=1&dt=1663152370074&dlt=1663152368970&idt=1003&adxs=978&adys=867&biw=1600&bih=1200&isw=300&ish=150&scr_x=0&scr_y=0&btvi=0&ucis=cxtd0zowfk7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=lietuve.lt&loc=https%3A%2F%2Flietuve.lt%2F&top=lietuve.lt&frm=23&vis=1&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=745218319.1663152368&ga_sid=1663152370&ga_hid=303425288&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f16ec8b6c7da07262b075a8375aceed1157febca6718b8bbddd6933666bdb499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39328
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D0A0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:10 GMT
expires
Thu, 14 Sep 2023 10:46:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
darbo-sutartis-scaled.jpg
i1.wp.com/lietuve.lt/wp-content/uploads/2022/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/lietuve.lt/wp-content/uploads/2022/09/darbo-sutartis-scaled.jpg?resize=300%2C200&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3fe826d3b105b8558932cf3aa8d4cc018238922b3a1225085b8038be65c92920
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Wed, 14 Sep 2022 10:46:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Sep 2022 19:41:24 GMT
server
nginx
etag
"4e9e13dcb18ab5b8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/09/darbo-sutartis-scaled.jpg>; rel="canonical"
content-length
3104
expires
Mon, 09 Sep 2024 07:41:24 GMT
xgde.js
adlv.hit.gemius.pl/gdejs/ Frame E413 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/_1663152369735/ad.js?id=u0xGQXbK4orPQmWrCCrfFzp2QStr6YbCWoVtGphAuIf..7/x=1600/y=1200
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
a957d85b13842f9c53f551ac2e1f891562e588b14892b9384a6b0f6e1f9d59c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 06:49:43 GMT
server
GHC
etag
"630F04870000D964BC018988"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
19348
expires
Thu, 15 Sep 2022 10:46:10 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=389860177798308&input_token&origin=1&redirect_uri=https%3A%2F%2Flietuve.lt%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=dd35458a9517af64e0a3a9645765d20d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
l2BHTQFqVSbwT9dtcZ2gu36r40uIdXMewFxwK4FZW0t4Oi8MwoUF0g2ahlMweXTYI/+TzMBmFEPW3QME0Lqgww==
fb-s
unknown
date
Wed, 14 Sep 2022 10:46:10 GMT
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lietuve.lt
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
Raimonda-scaled.jpg
i0.wp.com/lietuve.lt/wp-content/uploads/2022/09/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/lietuve.lt/wp-content/uploads/2022/09/Raimonda-scaled.jpg?resize=300%2C194&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
da718d7601a9e3602db664d501bd5482b1d82eee3fd86bc5529153a097dcbd1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 14 Sep 2022 10:46:10 GMT
x-content-type-options
nosniff
last-modified
Sat, 03 Sep 2022 07:31:42 GMT
server
nginx
etag
"b017326799439b5e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/09/Raimonda-scaled.jpg>; rel="canonical"
content-length
16804
expires
Mon, 02 Sep 2024 19:31:42 GMT
image1-scaled.jpeg
i1.wp.com/lietuve.lt/wp-content/uploads/2022/06/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/lietuve.lt/wp-content/uploads/2022/06/image1-scaled.jpeg?resize=300%2C225&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
0c6912ba74857bc22fc15f68df32d294b9832937039097f3276552b879123c96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 14 Sep 2022 10:46:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Jun 2022 21:04:23 GMT
server
nginx
etag
"378817fcb854cb1f"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/06/image1-scaled.jpeg>; rel="canonical"
content-length
15890
expires
Thu, 27 Jun 2024 09:04:23 GMT
Trispalve-diena-scaled.jpg
i1.wp.com/lietuve.lt/wp-content/uploads/2022/06/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/lietuve.lt/wp-content/uploads/2022/06/Trispalve-diena-scaled.jpg?resize=300%2C189&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
87a1e596f199db04c5e3fdacc5161c7f1a33af489f23710038eb2980c0068791
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 14 Sep 2022 10:46:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Jun 2022 10:48:04 GMT
server
nginx
etag
"d60368603ef0f412"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/06/Trispalve-diena-scaled.jpg>; rel="canonical"
content-length
19638
expires
Thu, 20 Jun 2024 22:48:04 GMT
4.png
i0.wp.com/lietuve.lt/wp-content/uploads/2021/06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/lietuve.lt/wp-content/uploads/2021/06/4.png?w=620&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
67b17f24edc7b746e7b869c1c33dcd2579ddd1fb7233933db68fc121a476fa3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 14 Sep 2022 10:46:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 19 Jan 2022 06:43:42 GMT
server
nginx
etag
"74a7fcb1f6088f79"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2021/06/4.png>; rel="canonical"
content-length
8822
expires
Fri, 19 Jan 2024 18:43:42 GMT
lsget.html
ls.hit.gemius.pl/ Frame 9D1C 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-145-239-237.eu
Software
GHC /
Resource Hash
41c08fe1cc310413c47b92fe80cf0b7b037e1399248864a1e3f7b70e31ce58a8

Request headers

Referer
https://adlv.hit.gemius.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2711
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:10 GMT
etag
PRIVATE7520710249
expires
Fri, 14 Oct 2022 10:46:10 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1CC3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
01_Grandine_Barsys_Paulauskas_Vest-1-scaled.jpeg
i1.wp.com/lietuve.lt/wp-content/uploads/2022/09/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/lietuve.lt/wp-content/uploads/2022/09/01_Grandine_Barsys_Paulauskas_Vest-1-scaled.jpeg?resize=300%2C187&ssl=1
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9639a7d49e0b517f9ab9b0961250704a3c5d91778edff024610a58412b4e4003
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Wed, 14 Sep 2022 10:46:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Sep 2022 07:02:33 GMT
server
nginx
etag
"5447dba4d8549dc3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/09/01_Grandine_Barsys_Paulauskas_Vest-1-scaled.jpeg>; rel="canonical"
content-length
14490
expires
Wed, 04 Sep 2024 19:02:33 GMT
container.html
e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C70C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:10 GMT
expires
Thu, 14 Sep 2023 10:46:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
extra=;
adlv.hit.gemius.pl/_1663152370495/redot.js/id=.Fg6uH.oJ0sByCkfHlfG4beO3whYFYb2IgngEEm4BQP.w7/stparam=sertdrprzg/fastid=mgtesjqddeteqwndhweanlsvvnlp/sarg=6321B0F0E836E7E7/inner=;/ Frame E413 		2 B
193 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/_1663152370495/redot.js/id=.Fg6uH.oJ0sByCkfHlfG4beO3whYFYb2IgngEEm4BQP.w7/stparam=sertdrprzg/fastid=mgtesjqddeteqwndhweanlsvvnlp/sarg=6321B0F0E836E7E7/inner=;/extra=;
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:10 GMT
server
GHC
access-control-allow-origin
https://lietuve.lt
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
2
expires
Tue, 13 Sep 2022 10:46:10 GMT
stpd201221.js
stpd.cloud/assets/postbid/ Frame ADFD 		461 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
/FnTyG7mivuubIGMmM4B7Q==
age
5399
x-ms-lease-status
unlocked
last-modified
Wed, 14 Sep 2022 07:15:32 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
62fb5622-101e-0000-1e09-c8ff97000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
74a8898be9c05bdd-FRA
expires
Wed, 14 Sep 2022 14:46:10 GMT
xgde.html
adlv.hit.gemius.pl/gdejs/ Frame 2B0D 		303 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/gdejs/xgde.html
Requested by
Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
public, max-age=86400
content-encoding
gzip
content-length
215
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:10 GMT
etag
"5996D7A50000012F9178E011"
expires
Thu, 15 Sep 2022 10:46:10 GMT
last-modified
Fri, 18 Aug 2017 12:03:49 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin
pixel
googleads.g.doubleclick.net/xbbe/ Frame F976 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOHlgtMBMAE&v=APEucNXuD5kQDkAezkdEnqSciqRd99t6VJjSGh2OHLpxqPplCgahNa2bFAUSsh_2JSXmjMCRwdYpbsfaS0En6Kr943wOcSgGyaJc_hpaBEfEhF7wEg5zsctChfX8Ex9GHpP5SQr0Een9FF02mrSRozrFDhWPp-d0C4zB19WQ6tqyCL0rEctrj8qAUDVa2FWuZ1aeAraFJsGompocYr2V9G6oRDmRzo6w4Q
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C70C 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhuIw0zQYozFP_wC6kaUTfr5Q6MKPfKrDdFID9wG8mVjxhGrz_p11B6PboZT_fNxsY01j97lU1-lhnFe-Wy1UX0NHYu4ZMuWopL6HkvyteWtAtPb5xXc0-aVcobknAKZvX2q3PMweXjJiXF7cehhyQP_KDKw&dbm_d=AKAmf-BNQpORyy1B886FtMoxFMnhAXgtPTfVxH1nd8QOOUZqg7Od980k0egQxnIj0OlPa6Yv_M2VlPKVknoagfsHH9luAhKBQnxy3ziaCEmHcRb9soA5ATJWUrQ0S2E6KiS0OC1hufP4TWzX8KlSJXQPF78voEnzqKtdBt_lWP0xfy6bDAF5_IMLq_bO1a5Fce3p9z9JeLHxlc0jyz51Mq3FpVyGl_gCq_sBat1vqtTgN4iBuOcKab6kqOEpbY7xMQyjYmZW_sTPo6u9sMJKulOHeegxPzNHeLkHl13GSVxaHeKtwmPRiYjedLeWb7nwQLYhbJLU53SKZGJGc9lDHO7uCu73l0nt1MyE-BSgHHlkswniVuCpcfgh8c91T6pbsP4JVwWaW8fgX7t04tqRtmBmCqHqF-5VQwfGmbKEOPx42ZVOwJbkNttmPHqS2Fon2_P10l-u929T8tbY83HZD0dkU6kEX9xvFCJwVP3VvhWxgwX2hUwsmqvL_3rg6jGixUJSPfK_4brMNznoIHb7kl_rNF0uVwqQS0lbK2A4Xvv-7ufLnokO4A_-aW8P-Pwo6h59jeGo9ae7qCB_fsQJAFn4LAgWklMn6T1ziqWrDQSOI3zFfd_DtoWOQq4ovGqFRvzrdsQUwj4exsK969K642d0cY6svQ_ACUxGoniWt67VS7AXdChOe2X1aAy7WoSxRx6lJ3T1-rp1xoMpMVoSH1K1as_yUn1HdSgNzJvq1R_RIYAX9AtguDiReWPt-CRpKOTkvwTT4mObCvWdGh0HSFPEHD9-y70uqLNsr8RswbXpfb2ecHxsN9oiAKiQ9FxvplJCUHa5afNiFCuKc8ZC2EVrbXaz5mJN-SAeJGkaR93az5sM0IMEsH42P_taUm3WCDzjl0qdLrVX11Yyu8p9cOIfqePK2qk7nw6NrwDkxKLSvZWSpdtd7wGhdTitNnbnP_MSBYQFPYqHygPNYRrp0GekUxcyxWD28xv1mMeCqPdELdS0Pui9SdJZYDdz1QRHU_5AMljhnAcPN-Gs5P4b4r8UwMMEYByLa41bzhuwEGjUtypM6_F-GGBholJM5ku_PacNKftx1-gnoNUKgxtjtRffq66bFued0ivvQ-7H900AuMsEEQPb3YtExRErZQOYTdkG6hEWqADplm3A0cUzcKvWFrK-dsLzLNCMofi3laorzRThVAO0-8VhvzZ8mUDb0zf_vpx0KrvQib_JoyVesEbWmoSRa0IFYY9RSmCNnLjQyNrb3hQU2SLluiel9Ab7dowXo7I9JHRpX6_OWICvo6gLNeqm_TZVowPWImzfhLqNrC7JwmXYrvwd8cqtahrM0KlP8aNkz5T9R7kCmcEN1Q1ovx_W9ADqm-sUNaHpnuOO8dVsETdRuEQnRRGV66tS8k3Qc7s7i_Yhlg9faCNd6r9M8iNEVBVJCsVTRnCe3galM9y9CaCt0_7vOktCPUFZOUdBJYbPwtNHS7MMHTeWYYyBw_Y2lPzJeBOIkfZJxKbqbOt_SukhuyXXdUTsINSTmcgz8iL6ssdYuDB6gGuVvNRG7KoRt1EJpW3H5eCZ0wj0RV5j6dMKBImDduljq5FUyRzY5CiIyFcsXlmRU3TKr4Mdu0_2w77aIeCzqlmAMerDVlsTtiIQHO5M6zRI6uBjzeSqymiUEf3EgnZR_y6V9VZMuo4xu8VswGw7xT2GE--kx4HeD22DsWwd3-btzdhkghBpYKP65BCiAQMe-r0kyNokTl2AF6-hr6k71Kz5PMBF0KwTde5ZMJE5HcVq87oLqQCUwfoJK6R_Yg_IwYgd1YylpF_yZ5lqEM-RIVn-lrNnfmY8iz8p1UI2Wz83Wlccnkz9ix3H-woSeVhwZjglbVZQeqqDhWVw7C8EKhCaOywCXl_cMIwjwD0_ptWYqQNh2kbEQPOzCJugNbAJ7bY09DKGrEowLH5vkmO3vOJEfdYOAyEqpAHPuEJssfU2X4hIhtzvptYu8kSIB0Car-en2VCSO9Xuco-7BEU4St7zmvYc7__71OxFUwpDvZYE3_2MLgheV_pCUDrjBHk3_d8e0fXdU2RBiHkky0gxXzONIpO44cV_ppV59VSJGOMB0UppobB-WlDDnLTu8QtIxhms1da-xUTsryz1UjLDCO_fY0mE9tvStEzjnyDKqRRLvRqLzj0NOho23Ux174MgxBsBb-dzZR2ceVU6bmvhM0mi43Iiz8N5GCiO5WhD07XMpkKVt9cm0lAEt7sB_6S9LqxFUaxDiehtMxZl3uXc42El33c0CL3Oa-qvDcUw76eGd0ujzQrY7dG6SL7uDv3OKJZ4c7ew9eqNOFYrMvrOe9xEr9E2hmBYOw7MrI9WNsguf4EJ6taAJVWwTfrGRTrKa7f1iFsKDNR9YAqyIoLWdz_6G8UYCcfeZrpCLmF4KFcyGgu1MztixpvM-5Z_ESGwj9HZhgcZQMYMkHtafDqkISKJR--9NFZKYicwkfixAF227WmCquUsDB8wgV4HUOY9l0XfLBjstYWycqPgPplgiy71lHIw9DuLFQWMiAvncV_dYSIwpTrGNAI6EE_4_Rw8joGsFdVE8bVl5nkrf6rCGpWddcLRwcXf5cG-F4I66XZdN0LAmJrZ5DFwTszcQoY1cSyTkx1iGgCMP_bzJD4haVU9rX2hnd7wJ6CevNxwryVDy98rhWIhrgxQUNXntMhfjKmTu-qDS_-sFDiLsgKVAuNx5HDAM47gpb0_F8QnVaErhPjrCTuBw1Tkon0-DZCDeLdLU_tOrRWAvNQOqi5iLwSHW5sQ38E3cZHSvM5Qa0_GkWiajOWGz2hYbUb-BvuLKUmwEnSNMVxI53eGHOHmN0DadoEiHVyNvPSRdGNGh1XLcP5NBrDFVDSKE0kbIooPNZmT7JiwVUZwbcaDHhY7H-wvRUNk-4R29j3Dkt1BHKwJo6qXy5UiXHRn9z65nOvWOY04DOOdujrIaSRw_yrqBB8Rs55U2JAQbCH865bbjR4KtqOINBXW8LWLR28mgWZvvIMM0DM7PzmpWZ7TyGJVaFRjdJQCIa5zjhLyLZBI0EugOcVbfFJyN7AicbAuKd1UDqy6vHEX5mC2QkrCx8wSUmnIuVxH_a4-yLAE2lUa_oEf-vTAcOtkH-j0E4Sze1tBdWTOMBlZkHMEJ-UTsR5ZOlYNNwySNL-OYUxhFfn5TThDISdfMtXXm0QmUVnPA7YxBNho7upuUosLtR81pBpfZXoOhRRAFKnKH_ZDsz_con_gmBZe7AT-XWAfhXEP6gAPWG_aZ5qUqdgwJqKhr4zDeh0R0a8OqepbTJ8yt5EksDwxfhSRn5oeDhibpMRWX9LB63M56toiEuq9PK5dJRAyoOWLkEkNz81j26cmzmK7mcemVlpPHEXJwZ8gOpGzE5pnIiz50nie-p6t4WEcfg&cid=CAASJeRoLXTDBGAQinEFUik5BEKFSvkZcyhX1oa3zE1xJM-q1kcUcL8&rfl=2%2Chttps%253A%252F%252Flietuve.lt%242%2Chttps%253A%252F%252Flietuve.lt%252F%240
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a2c36037b3c2276080c888a413d26c60e9f75b78c4572376f5c58bcc8f2eb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35263
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C70C 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A526lmiB2nDGBLGTIuj6OJeUKwl4dhpBSka9WQ48UgS2U0ChBT4s_9jyEQ7_FGk23C9jtg4qa-ZyuCk5kfMYLiA7yq1XzLMr1dQjDraeLEWKJ4710
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame C70C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 10:44:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame C70C 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:45:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
server
cafe
etag
3190241002381566568
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 10:45:12 GMT
l
www.google.com/ads/measurement/ Frame C70C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcIK7o0GLCxDFBbXu7u3FvSP-mjPdhYGY6VMFQ0GlrqfJ6cI_QzdWSVun4KKPN9ADe_YtoXKNr_8Kdi1JEssATlhv0Fg
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C70C 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 10:46:10 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8F1A 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bd2d40878b8a89bc5977d06ebe683b83abec08349a18d6f0ba90967e38e00de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11367
x-xss-protection
0
localstore.js
script.4dex.io/ Frame ADFD 		483 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
413083
x-amz-request-id
txaf6e2c1c2f9f41df87375-00631b6357
x-amz-id-2
txaf6e2c1c2f9f41df87375-00631b6357
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oySzF4KMjNB%2B9RdusLLdKubl%2FVFj12gsDrIPkOHHXqarcwaaqzYKpAlnyh6Q0X8rfmELp5vv8mdlpqWT2oeYeEGBQx8fvFbmSnozECRxTo4NwxsCy2HOi6b7zoPJ4KHwWrwmuAfI2xqd%2FagI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1662739245697142
cf-ray
74a8898d9a229b31-FRA
sid
mug.criteo.com/ Frame ADFD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flietuve.lt%2F&domain=lietuve.lt&bundle=dPUTTV9kNDZWTDdQS3kyMzMlMkZGazVHNVZkajRyVTNKOHdMUUtVc0hQZzY5RDVnRlhkb3FoQzQlMkI4bHFydU1ndEh...
  • https://mug.criteo.com/sid?cpp=1kE_UnxBd24xWkhQRUMvSUN0b1JsTzlRSEFLVjVmRmdPRFdpWVlzZkZJTWpycHpibUszR1NnTnNML0JsM1BKTVpWK1I2SEYxc2MzQXpmM3RISFlUZS9NWlhwb1R5c2xGa3p1cElMbmdlZEJPQUxvT2VBNUdZcWVyajRYaV...
365 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1kE_UnxBd24xWkhQRUMvSUN0b1JsTzlRSEFLVjVmRmdPRFdpWVlzZkZJTWpycHpibUszR1NnTnNML0JsM1BKTVpWK1I2SEYxc2MzQXpmM3RISFlUZS9NWlhwb1R5c2xGa3p1cElMbmdlZEJPQUxvT2VBNUdZcWVyajRYaVk4ZHZaK3ovdnh3Y0Mzd2w2MTVjYTRPeFZSc1IrYndaak9XSmd3L1I2RzEyRzJucHllZCtva3F4amt5M2N1UDg1MXpDZ05ydERNQUpBTGpjZnd2cUozL1N5K0xCTXFoQmJPajBCekdYc2lXZ0ZvZVBCYUxiRm1FNUlUV2tSSTZtYnd1MHV5N2Z5fA&cppv=2
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
64d83f2cf47e64ad5d4249a16ee4bab02cc013419d67bfd2e82ef70ceab3787e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1325116
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:10 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=1kE_UnxBd24xWkhQRUMvSUN0b1JsTzlRSEFLVjVmRmdPRFdpWVlzZkZJTWpycHpibUszR1NnTnNML0JsM1BKTVpWK1I2SEYxc2MzQXpmM3RISFlUZS9NWlhwb1R5c2xGa3p1cElMbmdlZEJPQUxvT2VBNUdZcWVyajRYaVk4ZHZaK3ovdnh3Y0Mzd2w2MTVjYTRPeFZSc1IrYndaak9XSmd3L1I2RzEyRzJucHllZCtva3F4amt5M2N1UDg1MXpDZ05ydERNQUpBTGpjZnd2cUozL1N5K0xCTXFoQmJPajBCekdYc2lXZ0ZvZVBCYUxiRm1FNUlUV2tSSTZtYnd1MHV5N2Z5fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
691016
content-length
0
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame ADFD 		137 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c8e5cb4622ceb7bf2f66fb95e90ed664e4f731c63fa60f65741edff9339f314f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:10 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
bffd5db4-84d3-4381-8e39-dcb92c28693b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://lietuve.lt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame ADFD 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lietuve.lt
date
Wed, 14 Sep 2022 10:46:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame ADFD 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=77964276367
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Sep 2022 10:46:10 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://lietuve.lt
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
adx.adform.net/adx/ Frame ADFD 		5 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyMjk1MCZ0cmFuc2FjdGlvbklkPTlhMWUzMDRkLTc4MjItNGQwZi1hNDFmLTk1YWUwYTlkMzU2OQ%3D%3D&pt=gross&stid=ea6b9166-2402-4ec7-823a-9b62531a4796&fd=1&eids=eyJjcml0ZW8uY29tIjp7ImVoM3lVMTlWUlRsM1VrTnpURmRoTkhOV0pUSkNTakZTWVdOVGFWSjFUVzlEWWpCWWExRk9OVzkwTkVwU1kwc2xNa1pFZDJ4VVVEVWxNa1paUjFwUVFrcG1hSFJQVFhOek0xUm1WVTB3VGpWQ2J6STJlbGhPTUZGeFUzbGlkazVqWnlVelJDVXpSQSI6WzFdfSwiaWQ1LXN5bmMuY29tIjp7IjAiOlsxXX0sInB1YmNpZC5vcmciOnsiNzRiNmY2ZmUtN2IzZi00ZDFiLTk0NTctNTNhZjg5MzQyYTQ1IjpbMV19fQ%3D%3D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://lietuve.lt
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame ADFD 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lietuve.lt
date
Wed, 14 Sep 2022 10:46:10 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
gpt.js
www.googletagservices.com/tag/js/ Frame ADFD 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f046144ca19df3580d195a7e673bc6a063924bb58f58338074f936706172d68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29155
x-xss-protection
0
server
sffe
etag
"1333 / 880 of 1000 / last-modified: 1663151467"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Sep 2022 10:46:10 GMT
usync.html
eus.rubiconproject.com/ Frame DC84
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Sep 2022 10:46:10 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 14 Sep 2022 10:46:10 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
xgde.js
adlv.hit.gemius.pl/gdejs/ Frame 2B0D 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/gdejs/xgde.js
Requested by
Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
a957d85b13842f9c53f551ac2e1f891562e588b14892b9384a6b0f6e1f9d59c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adlv.hit.gemius.pl/gdejs/xgde.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 06:49:43 GMT
server
GHC
etag
"630F04870000D964BC018988"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
19348
expires
Thu, 15 Sep 2022 10:46:10 GMT
container.html
02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A970 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:10 GMT
expires
Thu, 14 Sep 2023 10:46:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8F1A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js?cb=31069586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 10:46:10 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C70C 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
Origin
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 19:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Sep 2022 19:13:49 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame C70C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhuIw0zQYozFP_wC6kaUTfr5Q6MKPfKrDdFID9wG8mVjxhGrz_p11B6PboZT_fNxsY01j97lU1-lhnFe-Wy1UX0NHYu4ZMuWopL6HkvyteWtAtPb5xXc0-aVcobknAKZvX2q3PMweXjJiXF7cehhyQP_KDKw&dbm_d=AKAmf-BNQpORyy1B886FtMoxFMnhAXgtPTfVxH1nd8QOOUZqg7Od980k0egQxnIj0OlPa6Yv_M2VlPKVknoagfsHH9luAhKBQnxy3ziaCEmHcRb9soA5ATJWUrQ0S2E6KiS0OC1hufP4TWzX8KlSJXQPF78voEnzqKtdBt_lWP0xfy6bDAF5_IMLq_bO1a5Fce3p9z9JeLHxlc0jyz51Mq3FpVyGl_gCq_sBat1vqtTgN4iBuOcKab6kqOEpbY7xMQyjYmZW_sTPo6u9sMJKulOHeegxPzNHeLkHl13GSVxaHeKtwmPRiYjedLeWb7nwQLYhbJLU53SKZGJGc9lDHO7uCu73l0nt1MyE-BSgHHlkswniVuCpcfgh8c91T6pbsP4JVwWaW8fgX7t04tqRtmBmCqHqF-5VQwfGmbKEOPx42ZVOwJbkNttmPHqS2Fon2_P10l-u929T8tbY83HZD0dkU6kEX9xvFCJwVP3VvhWxgwX2hUwsmqvL_3rg6jGixUJSPfK_4brMNznoIHb7kl_rNF0uVwqQS0lbK2A4Xvv-7ufLnokO4A_-aW8P-Pwo6h59jeGo9ae7qCB_fsQJAFn4LAgWklMn6T1ziqWrDQSOI3zFfd_DtoWOQq4ovGqFRvzrdsQUwj4exsK969K642d0cY6svQ_ACUxGoniWt67VS7AXdChOe2X1aAy7WoSxRx6lJ3T1-rp1xoMpMVoSH1K1as_yUn1HdSgNzJvq1R_RIYAX9AtguDiReWPt-CRpKOTkvwTT4mObCvWdGh0HSFPEHD9-y70uqLNsr8RswbXpfb2ecHxsN9oiAKiQ9FxvplJCUHa5afNiFCuKc8ZC2EVrbXaz5mJN-SAeJGkaR93az5sM0IMEsH42P_taUm3WCDzjl0qdLrVX11Yyu8p9cOIfqePK2qk7nw6NrwDkxKLSvZWSpdtd7wGhdTitNnbnP_MSBYQFPYqHygPNYRrp0GekUxcyxWD28xv1mMeCqPdELdS0Pui9SdJZYDdz1QRHU_5AMljhnAcPN-Gs5P4b4r8UwMMEYByLa41bzhuwEGjUtypM6_F-GGBholJM5ku_PacNKftx1-gnoNUKgxtjtRffq66bFued0ivvQ-7H900AuMsEEQPb3YtExRErZQOYTdkG6hEWqADplm3A0cUzcKvWFrK-dsLzLNCMofi3laorzRThVAO0-8VhvzZ8mUDb0zf_vpx0KrvQib_JoyVesEbWmoSRa0IFYY9RSmCNnLjQyNrb3hQU2SLluiel9Ab7dowXo7I9JHRpX6_OWICvo6gLNeqm_TZVowPWImzfhLqNrC7JwmXYrvwd8cqtahrM0KlP8aNkz5T9R7kCmcEN1Q1ovx_W9ADqm-sUNaHpnuOO8dVsETdRuEQnRRGV66tS8k3Qc7s7i_Yhlg9faCNd6r9M8iNEVBVJCsVTRnCe3galM9y9CaCt0_7vOktCPUFZOUdBJYbPwtNHS7MMHTeWYYyBw_Y2lPzJeBOIkfZJxKbqbOt_SukhuyXXdUTsINSTmcgz8iL6ssdYuDB6gGuVvNRG7KoRt1EJpW3H5eCZ0wj0RV5j6dMKBImDduljq5FUyRzY5CiIyFcsXlmRU3TKr4Mdu0_2w77aIeCzqlmAMerDVlsTtiIQHO5M6zRI6uBjzeSqymiUEf3EgnZR_y6V9VZMuo4xu8VswGw7xT2GE--kx4HeD22DsWwd3-btzdhkghBpYKP65BCiAQMe-r0kyNokTl2AF6-hr6k71Kz5PMBF0KwTde5ZMJE5HcVq87oLqQCUwfoJK6R_Yg_IwYgd1YylpF_yZ5lqEM-RIVn-lrNnfmY8iz8p1UI2Wz83Wlccnkz9ix3H-woSeVhwZjglbVZQeqqDhWVw7C8EKhCaOywCXl_cMIwjwD0_ptWYqQNh2kbEQPOzCJugNbAJ7bY09DKGrEowLH5vkmO3vOJEfdYOAyEqpAHPuEJssfU2X4hIhtzvptYu8kSIB0Car-en2VCSO9Xuco-7BEU4St7zmvYc7__71OxFUwpDvZYE3_2MLgheV_pCUDrjBHk3_d8e0fXdU2RBiHkky0gxXzONIpO44cV_ppV59VSJGOMB0UppobB-WlDDnLTu8QtIxhms1da-xUTsryz1UjLDCO_fY0mE9tvStEzjnyDKqRRLvRqLzj0NOho23Ux174MgxBsBb-dzZR2ceVU6bmvhM0mi43Iiz8N5GCiO5WhD07XMpkKVt9cm0lAEt7sB_6S9LqxFUaxDiehtMxZl3uXc42El33c0CL3Oa-qvDcUw76eGd0ujzQrY7dG6SL7uDv3OKJZ4c7ew9eqNOFYrMvrOe9xEr9E2hmBYOw7MrI9WNsguf4EJ6taAJVWwTfrGRTrKa7f1iFsKDNR9YAqyIoLWdz_6G8UYCcfeZrpCLmF4KFcyGgu1MztixpvM-5Z_ESGwj9HZhgcZQMYMkHtafDqkISKJR--9NFZKYicwkfixAF227WmCquUsDB8wgV4HUOY9l0XfLBjstYWycqPgPplgiy71lHIw9DuLFQWMiAvncV_dYSIwpTrGNAI6EE_4_Rw8joGsFdVE8bVl5nkrf6rCGpWddcLRwcXf5cG-F4I66XZdN0LAmJrZ5DFwTszcQoY1cSyTkx1iGgCMP_bzJD4haVU9rX2hnd7wJ6CevNxwryVDy98rhWIhrgxQUNXntMhfjKmTu-qDS_-sFDiLsgKVAuNx5HDAM47gpb0_F8QnVaErhPjrCTuBw1Tkon0-DZCDeLdLU_tOrRWAvNQOqi5iLwSHW5sQ38E3cZHSvM5Qa0_GkWiajOWGz2hYbUb-BvuLKUmwEnSNMVxI53eGHOHmN0DadoEiHVyNvPSRdGNGh1XLcP5NBrDFVDSKE0kbIooPNZmT7JiwVUZwbcaDHhY7H-wvRUNk-4R29j3Dkt1BHKwJo6qXy5UiXHRn9z65nOvWOY04DOOdujrIaSRw_yrqBB8Rs55U2JAQbCH865bbjR4KtqOINBXW8LWLR28mgWZvvIMM0DM7PzmpWZ7TyGJVaFRjdJQCIa5zjhLyLZBI0EugOcVbfFJyN7AicbAuKd1UDqy6vHEX5mC2QkrCx8wSUmnIuVxH_a4-yLAE2lUa_oEf-vTAcOtkH-j0E4Sze1tBdWTOMBlZkHMEJ-UTsR5ZOlYNNwySNL-OYUxhFfn5TThDISdfMtXXm0QmUVnPA7YxBNho7upuUosLtR81pBpfZXoOhRRAFKnKH_ZDsz_con_gmBZe7AT-XWAfhXEP6gAPWG_aZ5qUqdgwJqKhr4zDeh0R0a8OqepbTJ8yt5EksDwxfhSRn5oeDhibpMRWX9LB63M56toiEuq9PK5dJRAyoOWLkEkNz81j26cmzmK7mcemVlpPHEXJwZ8gOpGzE5pnIiz50nie-p6t4WEcfg&cid=CAASJeRoLXTDBGAQinEFUik5BEKFSvkZcyhX1oa3zE1xJM-q1kcUcL8&rfl=2%2Chttps%253A%252F%252Flietuve.lt%242%2Chttps%253A%252F%252Flietuve.lt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:38:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
480
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 10:38:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame C70C 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhuIw0zQYozFP_wC6kaUTfr5Q6MKPfKrDdFID9wG8mVjxhGrz_p11B6PboZT_fNxsY01j97lU1-lhnFe-Wy1UX0NHYu4ZMuWopL6HkvyteWtAtPb5xXc0-aVcobknAKZvX2q3PMweXjJiXF7cehhyQP_KDKw&dbm_d=AKAmf-BNQpORyy1B886FtMoxFMnhAXgtPTfVxH1nd8QOOUZqg7Od980k0egQxnIj0OlPa6Yv_M2VlPKVknoagfsHH9luAhKBQnxy3ziaCEmHcRb9soA5ATJWUrQ0S2E6KiS0OC1hufP4TWzX8KlSJXQPF78voEnzqKtdBt_lWP0xfy6bDAF5_IMLq_bO1a5Fce3p9z9JeLHxlc0jyz51Mq3FpVyGl_gCq_sBat1vqtTgN4iBuOcKab6kqOEpbY7xMQyjYmZW_sTPo6u9sMJKulOHeegxPzNHeLkHl13GSVxaHeKtwmPRiYjedLeWb7nwQLYhbJLU53SKZGJGc9lDHO7uCu73l0nt1MyE-BSgHHlkswniVuCpcfgh8c91T6pbsP4JVwWaW8fgX7t04tqRtmBmCqHqF-5VQwfGmbKEOPx42ZVOwJbkNttmPHqS2Fon2_P10l-u929T8tbY83HZD0dkU6kEX9xvFCJwVP3VvhWxgwX2hUwsmqvL_3rg6jGixUJSPfK_4brMNznoIHb7kl_rNF0uVwqQS0lbK2A4Xvv-7ufLnokO4A_-aW8P-Pwo6h59jeGo9ae7qCB_fsQJAFn4LAgWklMn6T1ziqWrDQSOI3zFfd_DtoWOQq4ovGqFRvzrdsQUwj4exsK969K642d0cY6svQ_ACUxGoniWt67VS7AXdChOe2X1aAy7WoSxRx6lJ3T1-rp1xoMpMVoSH1K1as_yUn1HdSgNzJvq1R_RIYAX9AtguDiReWPt-CRpKOTkvwTT4mObCvWdGh0HSFPEHD9-y70uqLNsr8RswbXpfb2ecHxsN9oiAKiQ9FxvplJCUHa5afNiFCuKc8ZC2EVrbXaz5mJN-SAeJGkaR93az5sM0IMEsH42P_taUm3WCDzjl0qdLrVX11Yyu8p9cOIfqePK2qk7nw6NrwDkxKLSvZWSpdtd7wGhdTitNnbnP_MSBYQFPYqHygPNYRrp0GekUxcyxWD28xv1mMeCqPdELdS0Pui9SdJZYDdz1QRHU_5AMljhnAcPN-Gs5P4b4r8UwMMEYByLa41bzhuwEGjUtypM6_F-GGBholJM5ku_PacNKftx1-gnoNUKgxtjtRffq66bFued0ivvQ-7H900AuMsEEQPb3YtExRErZQOYTdkG6hEWqADplm3A0cUzcKvWFrK-dsLzLNCMofi3laorzRThVAO0-8VhvzZ8mUDb0zf_vpx0KrvQib_JoyVesEbWmoSRa0IFYY9RSmCNnLjQyNrb3hQU2SLluiel9Ab7dowXo7I9JHRpX6_OWICvo6gLNeqm_TZVowPWImzfhLqNrC7JwmXYrvwd8cqtahrM0KlP8aNkz5T9R7kCmcEN1Q1ovx_W9ADqm-sUNaHpnuOO8dVsETdRuEQnRRGV66tS8k3Qc7s7i_Yhlg9faCNd6r9M8iNEVBVJCsVTRnCe3galM9y9CaCt0_7vOktCPUFZOUdBJYbPwtNHS7MMHTeWYYyBw_Y2lPzJeBOIkfZJxKbqbOt_SukhuyXXdUTsINSTmcgz8iL6ssdYuDB6gGuVvNRG7KoRt1EJpW3H5eCZ0wj0RV5j6dMKBImDduljq5FUyRzY5CiIyFcsXlmRU3TKr4Mdu0_2w77aIeCzqlmAMerDVlsTtiIQHO5M6zRI6uBjzeSqymiUEf3EgnZR_y6V9VZMuo4xu8VswGw7xT2GE--kx4HeD22DsWwd3-btzdhkghBpYKP65BCiAQMe-r0kyNokTl2AF6-hr6k71Kz5PMBF0KwTde5ZMJE5HcVq87oLqQCUwfoJK6R_Yg_IwYgd1YylpF_yZ5lqEM-RIVn-lrNnfmY8iz8p1UI2Wz83Wlccnkz9ix3H-woSeVhwZjglbVZQeqqDhWVw7C8EKhCaOywCXl_cMIwjwD0_ptWYqQNh2kbEQPOzCJugNbAJ7bY09DKGrEowLH5vkmO3vOJEfdYOAyEqpAHPuEJssfU2X4hIhtzvptYu8kSIB0Car-en2VCSO9Xuco-7BEU4St7zmvYc7__71OxFUwpDvZYE3_2MLgheV_pCUDrjBHk3_d8e0fXdU2RBiHkky0gxXzONIpO44cV_ppV59VSJGOMB0UppobB-WlDDnLTu8QtIxhms1da-xUTsryz1UjLDCO_fY0mE9tvStEzjnyDKqRRLvRqLzj0NOho23Ux174MgxBsBb-dzZR2ceVU6bmvhM0mi43Iiz8N5GCiO5WhD07XMpkKVt9cm0lAEt7sB_6S9LqxFUaxDiehtMxZl3uXc42El33c0CL3Oa-qvDcUw76eGd0ujzQrY7dG6SL7uDv3OKJZ4c7ew9eqNOFYrMvrOe9xEr9E2hmBYOw7MrI9WNsguf4EJ6taAJVWwTfrGRTrKa7f1iFsKDNR9YAqyIoLWdz_6G8UYCcfeZrpCLmF4KFcyGgu1MztixpvM-5Z_ESGwj9HZhgcZQMYMkHtafDqkISKJR--9NFZKYicwkfixAF227WmCquUsDB8wgV4HUOY9l0XfLBjstYWycqPgPplgiy71lHIw9DuLFQWMiAvncV_dYSIwpTrGNAI6EE_4_Rw8joGsFdVE8bVl5nkrf6rCGpWddcLRwcXf5cG-F4I66XZdN0LAmJrZ5DFwTszcQoY1cSyTkx1iGgCMP_bzJD4haVU9rX2hnd7wJ6CevNxwryVDy98rhWIhrgxQUNXntMhfjKmTu-qDS_-sFDiLsgKVAuNx5HDAM47gpb0_F8QnVaErhPjrCTuBw1Tkon0-DZCDeLdLU_tOrRWAvNQOqi5iLwSHW5sQ38E3cZHSvM5Qa0_GkWiajOWGz2hYbUb-BvuLKUmwEnSNMVxI53eGHOHmN0DadoEiHVyNvPSRdGNGh1XLcP5NBrDFVDSKE0kbIooPNZmT7JiwVUZwbcaDHhY7H-wvRUNk-4R29j3Dkt1BHKwJo6qXy5UiXHRn9z65nOvWOY04DOOdujrIaSRw_yrqBB8Rs55U2JAQbCH865bbjR4KtqOINBXW8LWLR28mgWZvvIMM0DM7PzmpWZ7TyGJVaFRjdJQCIa5zjhLyLZBI0EugOcVbfFJyN7AicbAuKd1UDqy6vHEX5mC2QkrCx8wSUmnIuVxH_a4-yLAE2lUa_oEf-vTAcOtkH-j0E4Sze1tBdWTOMBlZkHMEJ-UTsR5ZOlYNNwySNL-OYUxhFfn5TThDISdfMtXXm0QmUVnPA7YxBNho7upuUosLtR81pBpfZXoOhRRAFKnKH_ZDsz_con_gmBZe7AT-XWAfhXEP6gAPWG_aZ5qUqdgwJqKhr4zDeh0R0a8OqepbTJ8yt5EksDwxfhSRn5oeDhibpMRWX9LB63M56toiEuq9PK5dJRAyoOWLkEkNz81j26cmzmK7mcemVlpPHEXJwZ8gOpGzE5pnIiz50nie-p6t4WEcfg&cid=CAASJeRoLXTDBGAQinEFUik5BEKFSvkZcyhX1oa3zE1xJM-q1kcUcL8&rfl=2%2Chttps%253A%252F%252Flietuve.lt%242%2Chttps%253A%252F%252Flietuve.lt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11716
x-xss-protection
0
server
cafe
etag
11026421231030424798
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 10:40:41 GMT
adagio.js
script.4dex.io/ Frame ADFD 		72 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51752
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txfb1d2a5588194ef785e0d-00631b661a
x-amz-id-2
txfb1d2a5588194ef785e0d-00631b661a
last-modified
Fri, 09 Sep 2022 16:00:45 GMT
server
cloudflare
etag
W/"831813ee9b2fc0d248741417a0e3b488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUAbtNKGIyKlk354lrbOhsZPkZ%2BVXG8wlWJexnKeE1Wlf%2FyRqsFkdPdZ696KQW6q4yXMYrfEvF3OcG3MPH23nBcaRCqp4f2jXahkODghiUw60e0CBPN5t2tiXhtRyBn%2FCvogUzpXggJhqICv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1662739245061580
cf-ray
74a8898e8dc8bbcd-FRA
access-control-allow-headers
Authorization
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flietuve.lt%2F&domain=lietuve.lt&bundle=dPUTTV9kNDZWTDdQS3kyMzMlMkZGazVHNVZkajRyVTNKOHdMUUtVc0hQZzY5RDVnRlhkb3FoQzQlMkI4bHFydU1ndEhONVdmMmolMkZkc0VBYmhJUnczQzB2dlJGbDdPc2t6MTZ6d0ZNcU1Ia0pHaU1yeG16NTU4WnFwSWVaY1k5ODFzMWJwa29mZg&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://lietuve.lt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://lietuve.lt
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 14 Sep 2022 10:46:10 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
700306
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rum
dsum-sec.casalemedia.com/ Frame F976
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOHlgtMBMAE&v=APEucNXuD5kQDkAezkdEnqSciqRd99t6VJjSGh2OHLpxqPplCgahNa2bFAUSsh_2JSXmjMCRwdYpbsfaS0En6Kr943wOcSgGyaJc_hpaBEfEhF7wEg5zsctChfX8Ex9GHpP5SQr0Een9FF02mrSRozrFDhWPp-d0C4zB19WQ6tqyCL0rEctrj8qAUDVa2FWuZ1aeAraFJsGompocYr2V9G6oRDmRzo6w4Q
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74a889900f7f695b-FRA
pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coFmEjjJvGNyI7RRL8%2BZIewV2DNF6cQU9JtE8E3gREUIq7Hym3nhrW1g1sFRtv90cDD8kmDSnoGrakWZGzOTxcDnF3i%2FQUCPCIWDdgsH9nsxMuNjHO645FfABFGVFSF%2BiqIXou5Kq0TEyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F976
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyGw8.I3fqf.o.aDcCJbRQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1&google_hm=2
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOHlgtMBMAE&v=APEucNXuD5kQDkAezkdEnqSciqRd99t6VJjSGh2OHLpxqPplCgahNa2bFAUSsh_2JSXmjMCRwdYpbsfaS0En6Kr943wOcSgGyaJc_hpaBEfEhF7wEg5zsctChfX8Ex9GHpP5SQr0Een9FF02mrSRozrFDhWPp-d0C4zB19WQ6tqyCL0rEctrj8qAUDVa2FWuZ1aeAraFJsGompocYr2V9G6oRDmRzo6w4Q
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74a889921b28695b-FRA
pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukxESxaz4hobm6AdEBUqU%2BkVPOnLKafJea1NlLr%2BvJ7rel%2BOXlFSFwdpefWp09yLGNdtR7VgELquj6DFutrnot9LNON3HUOgJz35pi4BIw51h1CrFCgcMdfIm83wW83MiX%2Ft%2Foqp9OzlHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F976
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL106isl3PL8by7mCtI1qp0&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEL106isl3PL8by7mCtI1qp0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOHlgtMBMAE&v=APEucNXuD5kQDkAezkdEnqSciqRd99t6VJjSGh2OHLpxqPplCgahNa2bFAUSsh_2JSXmjMCRwdYpbsfaS0En6Kr943wOcSgGyaJc_hpaBEfEhF7wEg5zsctChfX8Ex9GHpP5SQr0Een9FF02mrSRozrFDhWPp-d0C4zB19WQ6tqyCL0rEctrj8qAUDVa2FWuZ1aeAraFJsGompocYr2V9G6oRDmRzo6w4Q
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:11 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d6d90c8a-15a9-4491-b714-3422cfcdb252
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEL106isl3PL8by7mCtI1qp0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F976
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTIwNTU4NjA2NjI2MDYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTIwNTU4NjA2NjI2MDYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOHlgtMBMAE&v=APEucNXuD5kQDkAezkdEnqSciqRd99t6VJjSGh2OHLpxqPplCgahNa2bFAUSsh_2JSXmjMCRwdYpbsfaS0En6Kr943wOcSgGyaJc_hpaBEfEhF7wEg5zsctChfX8Ex9GHpP5SQr0Een9FF02mrSRozrFDhWPp-d0C4zB19WQ6tqyCL0rEctrj8qAUDVa2FWuZ1aeAraFJsGompocYr2V9G6oRDmRzo6w4Q
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:11 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ecf847eb-ab1f-40b5-ac8f-6907220c6948
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTIwNTU4NjA2NjI2MDYw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1kE_UnxBd24xWkhQRUMvSUN0b1JsTzlRSEFLVjVmRmdPRFdpWVlzZkZJTWpycHpibUszR1NnTnNML0JsM1BKTVpWK1I2SEYxc2MzQXpmM3RISFlUZS9NWlhwb1R5c2xGa3p1cElMbmdlZEJPQUxvT2VBNUdZcWVyajRYaVk4ZHZaK3ovdnh3Y0Mzd2w2MTVjYTRPeFZSc1IrYndaak9XSmd3L1I2RzEyRzJucHllZCtva3F4amt5M2N1UDg1MXpDZ05ydERNQUpBTGpjZnd2cUozL1N5K0xCTXFoQmJPajBCekdYc2lXZ0ZvZVBCYUxiRm1FNUlUV2tSSTZtYnd1MHV5N2Z5fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 14 Sep 2022 10:46:10 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
536443
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
gemius.js
adlv.hit.gemius.pl/ Frame 2B0D 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/gemius.js
Requested by
Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gdejs/xgde.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
ip12.ip-54-38-133.eu
Software
GHC /
Resource Hash
384563e8d6cb2a18d1215bd4b623f6824fdeb1a420a7fb375af7e36a3c5caaab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adlv.hit.gemius.pl/gdejs/xgde.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:11 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 10:13:48 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
15796
expires
Wed, 14 Sep 2022 22:46:11 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C70C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:42:29 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1DC5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69549
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 15:27:02 GMT
etag
48472445140208031
expires
Wed, 14 Sep 2022 15:27:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C70C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45b9df9659539bdcaeacc65559d3896090869390545df90eb03d93fb0b653284

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022090801.js
securepubads.g.doubleclick.net/gpt/ Frame ADFD 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 09:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5784
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133090
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:35:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Sep 2023 09:09:47 GMT
usync.js
eus.rubiconproject.com/ Frame DC84 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b083d6f8e252a0b4517aba24b98ef64c736edf01fbe64bfa3cf5d754d475e512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 10:46:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 16:52:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48395
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Thu, 15 Sep 2022 00:12:46 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 720B 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi_jve2ATAB&v=APEucNX37UIHXVF5M4XHAvds5XNidnfc1Y-C4sIUjZAyS4-1lzQ-ym5ULh7vjK0KWmVgNTlS9B0YKHBmsFp25317e9vcbUTQoaDAJPrdb1uZ7FvhBl8-4bCqTqb4N55JqGgqE_HSQBckl8lCKsqkAAKcxB18yP0C49sYqFrC5OnaHEBjtfLEmbDsK9LEarDJj4GoCypdMj3AvjGDlr2X90tA6DFZNozoQA
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 47CD 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
Origin
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Sep 2022 13:42:29 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/ Frame 47CD 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:29:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2640
x-xss-protection
0
server
cafe
etag
2603454828624189567
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 10:29:51 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/ Frame 47CD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220912/r20110914/abg_lite_fy2021.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:28:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9560
x-xss-protection
0
server
cafe
etag
8244505166375133744
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 10:28:34 GMT
px.gif
d.adtriba.com/ Frame 47CD
Redirect Chain
  • https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_always_on_hw
  • https://d.adtriba.com/px.gif
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtriba.com/px.gif
Requested by
Host: 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
URL: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
52.57.145.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-145-143.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 10:46:11 GMT
Cache-Control
public, max-age=86400
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
42
Content-Type
image/gif

Redirect headers

Date
Wed, 14 Sep 2022 10:46:11 GMT
Last-Modified
Wed, 14 Sep 2022 10:46:11 GMT
Server
nginx/1.16.1
P3P
CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location
/px.gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 01:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 47CD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/window_focus_fy2021.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 10:45:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/ Frame 47CD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220912/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
server
cafe
etag
3190241002381566568
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Sep 2022 10:45:33 GMT
l
www.google.com/ads/measurement/ Frame 47CD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfYbXkzv9Ll8UTz-Xwd2NfQsuA3PS3pTpJdBZ7tvz_eGxevm0bydn0-C5_bvhPbQZrhOmpGm6xnv3mlFtgyiT5k6fDQw
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 47CD 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662981969255015"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 10:46:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 47CD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DrHV_EpN94UFfIkpNLFvI9c3dNqHtnKpP1dAMpsMk5tr5TPs73GfZAwV_gwszQvZS9G3w19aX9eJgu2iGICXLAOI03eWNa4tZWq-vqZk5g_toAyAg
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/ Frame 123F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dae6a08b6d2db1efbdfcfbc27d5dcae149b030ba1b06e6d26c919859140f37d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
169762
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1678
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Sep 2022 11:36:49 GMT
expires
Tue, 12 Sep 2023 11:36:49 GMT
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C70C 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQzEG64g1AAIX_IzWWK3SMVS3TcphUV414VrlOGvB_owfk7sRXRikuPmBzwMH7b5GKGanttELgnehKNNhJoa4Kr68prYBAtMF7x8JmenRSNE3JTD4i-LIZKbuQE24NcnwaZ-6dIT-62KyJZC4j2WN4GSIWaASVVRV5s9UjCbGrbo2lm8EzpR818u9LU3JkoJUivfVnHB9uCs0V1FnSv0LBibAANzr__S-1FgYdwbfNcMbCJV7C29DSw99jET8q7-ltQcTz9PAvBFJ3wpuui0oiC5Q3c44zN_gY3StRHN6yqBOOztYn5dzKm5OSbVvH4ANvkZ-lIHfpB6J7jSi777ylq1ZAG7GFSluh7NAcUeLhHEcvDolylZA5d6Td66_4DnyLSkYKHtqmvqm0QVbSmxlyn2ZIBS9hWlGZ_bC3HUcSQmhoeQKxt4TddPjEE68ksssLRuk9zp6jbwOEd7_IK7lCPwNyAJqvAqeVQbfcN-mnjJeIiaep2_IIhcInhNNN1jGzcs8CeGo9yv3ThtAjJnwq6NNxXwIAEriA1wRCUidJmSPbes5sUmk9-YfuJ3EoghAWAy8QL_P3HFaP0u_6BXPkAGtFrkw6LXv-W1JC0oYctCZG_csxytTHxwe5MCzRy8kE2WkX32moxEkR2euPKXwwlsWaomgmI1Dd44SHUvULc1vCyA-HjSmAD9uiOiMJm_ZP81uYRfQSBHqeag8ihohH8hEZFiwpDNtan80X9OXMiRgWDZio9VHbm-gCzd4XVhFVh7Ev86A8BQ_mkUAX7miu-qGQ_rgHOoANwmpVZcBT6ekeO7CmQb81PFzl70CybxOvzxrAA3HX84dAvZCA5WilsJEUxMJBsn2itfB3hTBlawGub-zEvpQIq9l6U02rUQtbDIndQjxJ5CikICS7GPwEtkKdBFVZi5LtRbbnXLOixliVhtQP63CEs2RmsFs5cKNKLMTFmBFU2boLjJFs2_cH4N80u0IvgB1KOQ_q18EZx5-NAJ6U7Yc9DC03OeUq98rxs12FgJMRp4uTGm5KB-D7rAO0r6Znw3hdoFH5Ud5RYgFLbqutpuf4Q0PJ_RPGzBGKcK5aYuwpLrNNxJeBuCZ0Mkv1_W5g1Fzg9g3xb1KbZav9xyBFGUAl__QnFauKHp_CB_BarWgdxuBvd8IVArPEUtY0koQ1Up8-UYfwtuSS-hnGTw4t_k4qYw3dBPCF1fdQjgmRF6G60YJ1J_-tFc_de8kr8pbu6_oOxhZwxdt_H4Tj0OHkxQGQ_dShIs5xxWAPGNElFPeL0Uw3Kb-l7uRBV0UXRB5caypuoFbQgEK26g1qZylxpaN4cj3fBYvmEi2q05LezJfxIdyNjdk51-FoKrFypJ9OPTueI7GIezM&sai=AMfl-YQuT4dAYdhsFRlhcH644iCo3BuyGf6xqPVVHcFrVSYnWGJvdPQN5rRWVoWDtKCO2-AjYev9ylKDlkWFWLFXGbQFbBmYA9aMYaefUWutTkjhDxjFBvDI-Z-LQ81z0m4P2ynG7rM3iCmx9brih601eHSAcFHoJSRAWhmWmbo-Aa_3abL95xIUqALLQlLFIb9SY4Ak7tv1awcqdFvFA1DhQrEl&sig=Cg0ArKJSzGodH5qaGXOaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=435&cbvp=1&cstd=417&cisv=r20220912.45093&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 14 Sep 2022 10:46:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
lsget.html
ls.hit.gemius.pl/ Frame E25A 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: adlv.hit.gemius.pl
URL: https://adlv.hit.gemius.pl/gemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-145-239-237.eu
Software
GHC /
Resource Hash
cf04ee234ec9c129b8aa472461a540e05b61f0e7f086886254da19d754f5307b

Request headers

Referer
https://adlv.hit.gemius.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2721
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:11 GMT
etag
PRIVATE7520710249
expires
Fri, 14 Oct 2022 10:46:11 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1D70 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
69
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:45:02 GMT
expires
Thu, 14 Sep 2023 10:45:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A336 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
53981f4a044f50a6ba4c7e0bd57bd690a4a0c77d291eafc9a7dc93a5652c8ab7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AkcVpoK4bVvQrsu211AyGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-AkcVpoK4bVvQrsu211AyGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:11 GMT
expires
Wed, 14 Sep 2022 10:46:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B368 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
75822
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 13:42:29 GMT
expires
Wed, 13 Sep 2023 13:42:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame DC84 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
integrator.js
adservice.google.de/adsid/ Frame ADFD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=lietuve.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame ADFD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=lietuve.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame ADFD 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=555437536040732&correlator=3383256499847659&eid=31069184%2C44761477&output=ldjh&gdfp_req=1&vrg=2022090801&ptt=17&impl=fifs&iu_parts=147246189%3A22679444511%2Clietuve.lt_300x600_sidebar_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=39253104&sfv=1-0-38&fsapi=false&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3Dcf2c9252d34a8628%3AT%3D1663152368%3AS%3DALNI_MYcf7l17XgDPSpZGMQvUaBh49HtZg&cdm=lietuve.lt&abxe=1&dt=1663152371517&dlt=1663152370488&idt=1012&adxs=978&adys=1035&biw=1600&bih=1200&isw=300&ish=150&scr_x=0&scr_y=0&btvi=0&ucis=9ou3y82pmefv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=lietuve.lt&loc=https%3A%2F%2Flietuve.lt%2F&top=lietuve.lt&frm=23&vis=1&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=745218319.1663152368&ga_sid=1663152372&ga_hid=2133189321&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e552831c2a6cfbb4023cf138e70b380ddb9b0fe7fc5feeb650f1269100ca4a8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10594
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lietuve.lt
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
73738159ae6f9d576613740cd01160ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6BC6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://73738159ae6f9d576613740cd01160ba.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:11 GMT
expires
Thu, 14 Sep 2023 10:46:11 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 1DC5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDE1zzZz4gkr_A4co6z1uYw&google_cver=1&google_push=AehlK4CV4_XZmi-OWFMKncUzW7145wS0DO1X3KpWjXnfYHlX1VyG5YlsvfS0Hr-NmDs0OsCdK_mFhfuvvRWARALimSBrau7...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CV4_XZmi-OWFMKncUzW7145wS0DO1X3KpWjXnfYHlX1VyG5YlsvfS0Hr-NmDs0OsCdK_mFhfuvvRWARALimSBrau7GM9JtSw&google_hm=MTc1ODczODExNTY2NzY4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CV4_XZmi-OWFMKncUzW7145wS0DO1X3KpWjXnfYHlX1VyG5YlsvfS0Hr-NmDs0OsCdK_mFhfuvvRWARALimSBrau7GM9JtSw&google_hm=MTc1ODczODExNTY2NzY4MTg1
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 14 Sep 2022 10:46:11 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CV4_XZmi-OWFMKncUzW7145wS0DO1X3KpWjXnfYHlX1VyG5YlsvfS0Hr-NmDs0OsCdK_mFhfuvvRWARALimSBrau7GM9JtSw&google_hm=MTc1ODczODExNTY2NzY4MTg1
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
dds
rtb.openx.net/sync/ Frame 1DC5 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECHFsujodbldaL-F54i90R8&google_cver=1&google_push=AehlK4B3F5vvgbeaiOwqSUcOMRxZyPv2u7EtcVk99d-8H2Y8hrxGFFhKXevW6Exu26ORCgKSK7uEmEvY8P3PgWPnER8-RlTe6puq
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
af33uva1teir4o6slvqlucvvb4lisjpd
sync
dsp.adkernel.com/ Frame 1DC5 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEOeqCE2vt4vy8Cu7Xlv9Efg&google_cver=1&google_push=AehlK4AgrVjqtHV-8_c1HMRK5_3EfpIrIA-Bw8cskdizS5h4bRDNJTJKbfQrZZHY-zXka58IvOg0BijqBxN_lWh0AFrUP1PtpPpWWA
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:11 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 1DC5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4BKrZFzr3ozx6SaM4HfKbZOy17IiK4EBMk0ZKGzdVKpcJ4AL-PjwLgRuLsbFaUSQXj5_UaBh8GDiBYIpBCj5nPAx7Mr8zb6mA&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-000ba9d7-46e0-435d-ab76-84641dc39f58-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BKrZFzr3ozx6SaM4HfK...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BKrZFzr3ozx6SaM4HfKbZOy17IiK4EBMk0ZKGzdVKpcJ4AL-PjwLgRuLsbFaUSQXj5_UaBh8GDiBYIpBCj5nPAx7Mr8zb6mA&google_hm=AwALqddG4ENdq3aEZB3Dn1g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BKrZFzr3ozx6SaM4HfKbZOy17IiK4EBMk0ZKGzdVKpcJ4AL-PjwLgRuLsbFaUSQXj5_UaBh8GDiBYIpBCj5nPAx7Mr8zb6mA&google_hm=AwALqddG4ENdq3aEZB3Dn1g
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BKrZFzr3ozx6SaM4HfKbZOy17IiK4EBMk0ZKGzdVKpcJ4AL-PjwLgRuLsbFaUSQXj5_UaBh8GDiBYIpBCj5nPAx7Mr8zb6mA&google_hm=AwALqddG4ENdq3aEZB3Dn1g
date
Wed, 14 Sep 2022 10:46:11 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX000ba9d746e0435dab7684641dc39f58003
content-type
text/html
sync
rtb2-useast.e-volution.ai/ Frame 1DC5 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESELMJ21Zk9YTCkSy3D58sx1g&google_cver=1&google_push=AehlK4BOXRAQYZVOT5AjZ8K61UYrPHAhlSL1-FgNqIbByO9dGxXTSIsHskGtEPnZE8Z2kSQlnHJzAami20nn7MdFTJLmV4F7e7Z8UjA
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:11 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
/
onetag-sys.com/match/ Frame 1DC5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHh1F-gL4pj-l_y656NVNfM&google_cver=1&google_push=AehlK4AAd3kdLUE1EFYoQoNSznxdhHkJMTpMkrBTf_q81FE-uT0rGRmuOQH5-hcjNSWdMwdQq64tEWS7dle...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4AAd3kdLUE1EFYoQoNSznxdhHkJMTpMkrBTf_q81FE-uT0rGRmuOQH5-hcjNSWdMwdQq64tEWS7dleIHTNv6v-U2jkDoJlAIHY
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 1DC5
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEFCzqUkRXUnoHiq1EMfXTpc?ext-param=AehlK4ChW7TQDfww1qRquA61thpPdlFCoaIDFRFh6F628WjmBiDvQsX9fT4giNrONfpvOK-2J-RQAD9KU_jMtIFzQVSbIVelH4awa84&partner-tag=yandex_a...
  • https://an.yandex.ru/mapuid/google/CAESEFCzqUkRXUnoHiq1EMfXTpc?redir-setuniq=1&ext-param=AehlK4ChW7TQDfww1qRquA61thpPdlFCoaIDFRFh6F628WjmBiDvQsX9fT4giNrONfpvOK-2J-RQAD9KU_jMtIFzQVSbIVelH4awa84&part...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEFCzqUkRXUnoHiq1EMfXTpc&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Wed, 30 Aug 2023 10:46:12 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1DC5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgXSuC68xSh3OxCEgS20a3XjIVW2bKoDPeDqO7rPdh2mRBHKIxwdEzSl3A6F6U6UQ7kMAdL7DU
Requested by
Host: e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
URL: https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rum
dsum-sec.casalemedia.com/ Frame 720B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi_jve2ATAB&v=APEucNX37UIHXVF5M4XHAvds5XNidnfc1Y-C4sIUjZAyS4-1lzQ-ym5ULh7vjK0KWmVgNTlS9B0YKHBmsFp25317e9vcbUTQoaDAJPrdb1uZ7FvhBl8-4bCqTqb4N55JqGgqE_HSQBckl8lCKsqkAAKcxB18yP0C49sYqFrC5OnaHEBjtfLEmbDsK9LEarDJj4GoCypdMj3AvjGDlr2X90tA6DFZNozoQA
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74a88992ec8a695b-FRA
pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8rVBmFnwWGPbJ7i9%2FVT2tJ5fT7setTxOMkdcJ10M1RC0aIfloMkqXhLKgT9o6Au3sP8M0ne5hx8XE6fg0r3ZKuOaV%2FNkSaRbXh4vHxYCgh%2FrY9O1nUH75h%2BNb3zxKwsmFzWNZVURK447w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 720B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyGw8.I3fqf.o.aDcCJbRQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1&google_hm=2
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi_jve2ATAB&v=APEucNX37UIHXVF5M4XHAvds5XNidnfc1Y-C4sIUjZAyS4-1lzQ-ym5ULh7vjK0KWmVgNTlS9B0YKHBmsFp25317e9vcbUTQoaDAJPrdb1uZ7FvhBl8-4bCqTqb4N55JqGgqE_HSQBckl8lCKsqkAAKcxB18yP0C49sYqFrC5OnaHEBjtfLEmbDsK9LEarDJj4GoCypdMj3AvjGDlr2X90tA6DFZNozoQA
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74a889943ee9695b-FRA
pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFclfMmHOnRfmHUB6JNTzxJDzgaRR9o9f%2BzsOBZSg0S3oXGHUsi7OXtT9b1N%2B5YfGL8hi41tDzU6TAF9tlAbokKC3TCi0ROwZRQZ9hRK%2FpFSbrc5TqXkt9VscON8l0J4p7AKKjj1ayA%2BLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP6eTKr9iDYxrK4Xo2m8WVw&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 720B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL106isl3PL8by7mCtI1qp0&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEL106isl3PL8by7mCtI1qp0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi_jve2ATAB&v=APEucNX37UIHXVF5M4XHAvds5XNidnfc1Y-C4sIUjZAyS4-1lzQ-ym5ULh7vjK0KWmVgNTlS9B0YKHBmsFp25317e9vcbUTQoaDAJPrdb1uZ7FvhBl8-4bCqTqb4N55JqGgqE_HSQBckl8lCKsqkAAKcxB18yP0C49sYqFrC5OnaHEBjtfLEmbDsK9LEarDJj4GoCypdMj3AvjGDlr2X90tA6DFZNozoQA
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:11 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
5ff6820f-8876-4f13-9d91-853c51e2ea0d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEL106isl3PL8by7mCtI1qp0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 720B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTIwNTU4NjA2NjI2MDYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTIwNTU4NjA2NjI2MDYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhi_jve2ATAB&v=APEucNX37UIHXVF5M4XHAvds5XNidnfc1Y-C4sIUjZAyS4-1lzQ-ym5ULh7vjK0KWmVgNTlS9B0YKHBmsFp25317e9vcbUTQoaDAJPrdb1uZ7FvhBl8-4bCqTqb4N55JqGgqE_HSQBckl8lCKsqkAAKcxB18yP0C49sYqFrC5OnaHEBjtfLEmbDsK9LEarDJj4GoCypdMj3AvjGDlr2X90tA6DFZNozoQA
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:11 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ebe76a3d-9c10-4432-842a-aaa5334d8637
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5NTIwNTU4NjA2NjI2MDYw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
style.css
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/css/ Frame 123F 		3 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dfbcbb4f7479195a4bb3c01f9a874558ae617ae0b78292e995ea35bef1268cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
892
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 123F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 14 Sep 2022 10:46:11 GMT
bg1.jpg
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/bg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80702bedda0b91505e577275e4dbcf7f0514e80dba5750c9fd8c44835f6983aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41603
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
txt1a.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/txt1a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90fba818a6c53b75ab92e88930addc2485653a21011aca979af5afdfdf5cfdfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8616
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
txt1b.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/txt1b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa28d88ec5b610ae207e4fd400dd87194ad609bd258f35ec2fbd963d99153e04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1679
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
txt1c.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/txt1c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd1400d388e98cc3ea4a42a142e8c2b56d7a2262e3cbe01cb606780c6c7b705e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3848
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
bg2.jpg
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/bg2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a46f3f81bc18d32cb36f09ad3ca7d363976c94461269c530879edea4355fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46559
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
txt2a.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/txt2a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e271466769107f5c1fb0ec1d746f46bd0c18568b11125b2066d55858b4693cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7337
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
txt2b.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/txt2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adae6c861023c207a189500af599c0c08c5d976b0cad56fa8ad300c3a2d4f737
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1812
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
bg3.jpg
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/bg3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebfe3f6b2fe8c0786e86d8b2500a1d7d18f1663fa45834068048575935270ca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39096
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
txt3a.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/txt3a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6882ad030ecd8bc48be3f669ac86b918ac8a3cd5ac67b3ee9073b434534a616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9281
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
txt3b.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/txt3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e55699e730420da8f05924b777bbafdf50a2835bb1ce1caaa0af58982ec18edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2038
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
cta.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011b4bb76bddaf813bd41cce97dccbbadb9fe1b79b2988cac7dbb23f36eb9302
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5089
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
cta_holder.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/cta_holder.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f59f1c8c09eb960f78efaf7cfbd36b073096be073ca2d17e94a34396cfc8732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6111
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
cta1.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/cta1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1815abc212fa313bd42aef655cbad79503ac1d7550cf34218b37086833d93ce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5519
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
cta1_hover.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/cta1_hover.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1dfcc879ef92644656dadc5b9877e2337abfcc3571305431154e8cfac2635e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5569
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
info.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		481 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/info.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
950c8a54f9edebaed76a9814e6bfa023b6c829d1888abf8f2aae4e8463b78bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
481
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
legal.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/legal.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e8f320001043d25cee9307e2a38431a7fc4d291a5d331588512a3564d5daecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25658
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
logo.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c117756eff62b25c372a1640fcfab7fd7d12f91952106904395b01db8ed45f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 09:58:38 GMT
x-content-type-options
nosniff
age
2853
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1742
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 09:58:38 GMT
script.js
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/script/ Frame 123F 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68657b686df24fedc30a87028a7e6a170d7fe2a1b35f2bcd8edc7043963d0b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1276
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
index.html
s0.2mdn.net/sadbundle/10277471659263878672/ Frame 0A74 		29 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
463a92b745ad1310499eb3dde1be66a85769eae8884457da36b8f17e328bdc6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
7041
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5159
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 08:48:50 GMT
expires
Thu, 14 Sep 2023 08:48:50 GMT
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 47CD 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9Q9YKEoOx7Y6hfSiT61alxFyheUs_CTs6gGs7bisdsjcKLZl1HEBuk7u_OKFI86XhDyL53gGEzfBCHVs_pDGezLOVDfQn2dIZN4YUUnmT4idIjPoEm8DZE4ot-d_05cq644MOx-1ajJ8qM8JC-GQzGHBJSXvVDjTR50hUU796SgQ5iLzS9Ae0obKS5Yk8ml3ltTa2tNKKFTE1hL8qvrMHOuDtaJjfsgw3ZrZB1OZIJvHn7CCi6NKUcySU23s6LKxnMMoXjbYebqOObtXdknasliEx3-5nFCZKcovdFleteVHUkIiVQoEduPIywvH2MOEXsPpouKuvwppbBc9wZhyQGs5I4ru96w0UpOUD0tDT9WPkz88vvvAUhQZLYvCr4Dka64shfUUKRrYF3PrqjdhFKhCa4Zv431tj8h2NLPm5wWbjWG3PDMp8aGhaJCxgIKxBFQxKmmjBXPRJjklm9cq0H-qnU3iPcV_Ag0REWJ8UGlQfLx0SvdjQY6KNAbGXpRruriW5Hbtj7MQdrKGU8ztNRHWhHel1pJwKcmDuXjtLo1MS83ELomZ8SHt2qgspkW3Myp30ugkEOvnNdmwPQ8aK-N78Jod4v7N1SBYKcXOeBj3NzOgpZNG4IJHLvqj2I_5p-zjch0h7iXQVRzij3qtSTcNj6zgCOthLIYd1tGO7L7S0gUG0Gew-nZ6ErBp6pwn_h2Fng9t5lazAE6p4AD6P0iUgRqgU8X0sV7rCnJ9GHEvUPKEHQqCOtAZUe1l_1a31WcF2l1wss1amyBY3PP5v2O26Hra1AF4ICdyRl_uPs-psClEmeLlv458kKXYKW7_FYSe-_3LBmZOPkWpVn_qjP2bGCo9lUsXtmDX_ClSE2Rn4SOvtup7DipypWAKZHyNI10STVqP103bQdr_9fJznqkVm5ygbj22QYv6rK6CTwWGmBrfW4xUdsaYp5roFhRN_XjJDcq_kntu_zv0vSmtRl0Y7_Yh8yr69YWML_6lsKjwLK5-Mbpj9PGa0rkLFwy8xKhz_FsUj32eI-uk_iOr0QRTU8zOqrNEFhPYYz66Kaz_y9SC9HlmX6sEca0jrYrKlE8--pSoxuoJ_7d-u8LR2IQQSNC_0dPKhkMNB0H9J7TToH2esAA7LLcmJhVj63vZhGgPWxoZERJnAWHPo32Os4ILa8dZClVfZooQq8_RrgPIc5Inu_ZzQZquqW4-w3KqJlfX5Na-e48PTs87HdsRGHhr7-Lo5F28Ra7Q&sai=AMfl-YT7FsFw4UMH9pQEImUnfwhasCBP0xmSLDsFtZpD4QqQo_-tSzyDKDkiphLFBIEja3rdikmqExGrU2u86v6wY2Ys9lTSSp-8ZtGwuXpUWoMwBdgIkKlmVZibo4W_aZ9dwJsUzX32nGS-9UXPmAbADVO72JJDc5glFJJOIlM7pu2SoPYVqwROg5ImJ7qRBAPDheluul699yispEGc-BlBjWIM4PvC5qhFcUN71N-0KOFypDNayEfs2COkUgjIb5kG0sWwJe0fybl8gEpErJkvg_9q7YvbWXsCXXfOM2P53PAa&sig=Cg0ArKJSzIJ_bsJ8A_k6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=371&cbvp=1&cstd=361&cisv=r20220912.85849&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 14 Sep 2022 10:46:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
mw
mwzeom.zeotap.com/ Frame 2B0D
Redirect Chain
  • https://adlv.hit.gemius.pl/dataredir?rid=xnjrkiktyj&url=pixel-eu.onprospects.com%2F%3Fpartner%3D254%26mapped%3DHCUDATA%26gdpr%3D0%26gdpr_consent%3D
  • https://pixel-eu.onprospects.com/?partner=254&mapped=ilFw.phAd7PByS4suiv94CtyRhH.F2nkdcw9YQn5kAf.L7&gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=254&mapped=ilFw.phAd7PByS4suiv94CtyRhH.F2nkdcw9YQn5kAf.L7&gdpr=0&gdpr_consent=&onp
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=a88ee0d728760615/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=a88ee0d728760615/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=39034a3066d2175ff6ba583b8d888067&gdpr=0
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1242&redirect=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
  • https://pixel-eu.onaudience.com/?partner=68&icm&cver&mapped=1220539229211126160&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=a88ee0d728760615
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3baef7b8-bd20-494a-45ff-24e694ea19da&reqId=1dc7d27f-95c9-41f8-5ecf-7eef4bf66926&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECkT5_Y4AD-MUoCm2KeQXPQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3baef7b8-bd20-494a-45ff-24e694ea19da&reqId=1dc7d27f-95c9-41f8-5ecf-7ee...
95 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESECkT5_Y4AD-MUoCm2KeQXPQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3baef7b8-bd20-494a-45ff-24e694ea19da&reqId=1dc7d27f-95c9-41f8-5ecf-7eef4bf66926&zcluid=a88ee0d728760615&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adlv.hit.gemius.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://adlv.hit.gemius.pl
access-control-allow-credentials
true
cf-ray
74a889a12bf7bb37-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESECkT5_Y4AD-MUoCm2KeQXPQ&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3baef7b8-bd20-494a-45ff-24e694ea19da&reqId=1dc7d27f-95c9-41f8-5ecf-7eef4bf66926&zcluid=a88ee0d728760615&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 47CD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
URL: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 13:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 13:42:29 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 75D8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
URL: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69549
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 15:27:02 GMT
etag
48472445140208031
expires
Wed, 14 Sep 2022 15:27:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 47CD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74751c0383ff6ab43553507c9c8d4ec3c1a6e9a377607e4f6d34319f081442c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame A336 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091301&jk=2288171947044446&rc=
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
63c948108fca389386b4559ee0d6759f.js
s0.2mdn.net/sadbundle/10277471659263878672/ Frame 0A74 		75 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/63c948108fca389386b4559ee0d6759f.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f1f32d0bd089378c8ded8228932717c214ddc68a27bc29a7ed0b66616de2cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 23:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39585
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19503
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 23:46:26 GMT
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame B368 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 10:32:09 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BD5C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
75822
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 13:42:29 GMT
expires
Wed, 13 Sep 2023 13:42:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
feather-legal.png
s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/ Frame 123F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/images/feather-legal.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7094a81ef2b16a9b0310d0114fbebbdf1fef4ddbbf2a51cc0e6caed1a0959a8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3259752279300868425/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_PLZ_HTML_V2_970x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 11:36:49 GMT
x-content-type-options
nosniff
age
169762
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2739
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 08:53:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 11:36:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame ADFD 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c921dd505208dbd48a8d2128623c4694959b867a6b504681a207d99f26a64f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11256
x-xss-protection
0
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame 1D70 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 10:32:09 GMT
i.match
s.tribalfusion.com/z/ Frame 75D8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOAcQzOYM1aZZAtewf-ROa4&google_cver=1&google_push=AehlK4BiNbu6PBEKR-18OL4hR0sQOJRrjf1MA2EQ1nM_UfYoEnO3W0O9jVsulqV9FV7Fb-g7j50QXYYg9aBGnwXrNrxeM1CppDQ&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOAcQzOYM1aZZAtewf-ROa4&google_cver=1&google_push=AehlK4BiNbu6PBEKR-18OL4hR0sQOJRrjf1MA2EQ1nM_UfYoEnO3W0O9jVsulqV9FV7Fb-g7j50QXYYg9aBGnwXrNrxeM1CppDQ...
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOAcQzOYM1aZZAtewf-ROa4&google_cver=1&google_push=AehlK4BiNbu6PBEKR-18OL4hR0sQOJRrjf1MA2EQ1nM_UfYoEnO3W0O9jVsulqV9FV7Fb-g7j50QXYYg9aBGnwXrNrxeM1CppDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BiNbu6PBEKR-18OL4hR0sQOJRrjf1MA2EQ1nM_UfYoEnO3W0O9jVsulqV9FV7Fb-g7j50QXYYg9aBGnwXrNrxeM1CppDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
URL: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:12 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74a88996ed77bb8f-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:12 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2109
cf-ray
74a889951938bb8f-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOAcQzOYM1aZZAtewf-ROa4&google_cver=1&google_push=AehlK4BiNbu6PBEKR-18OL4hR0sQOJRrjf1MA2EQ1nM_UfYoEnO3W0O9jVsulqV9FV7Fb-g7j50QXYYg9aBGnwXrNrxeM1CppDQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BiNbu6PBEKR-18OL4hR0sQOJRrjf1MA2EQ1nM_UfYoEnO3W0O9jVsulqV9FV7Fb-g7j50QXYYg9aBGnwXrNrxeM1CppDQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 75D8 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEI55UKYBixfgFgm2NyGHoOc&google_cver=1&google_push=AehlK4A6UF82z4kK4ZaJn-ySjps5dOkMws-FF28wgZpjkS0KA3pYyUkuZzSGwVLj5VB3_KmUDhtIqNJbz_YTz2Ryse6HHZVUOZY
Requested by
Host: 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
URL: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:11 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
dsp.adkernel.com/ Frame 75D8 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEPc3o8Nk7uzYvrj6Rbo0WUY&google_cver=1&google_push=AehlK4BLlXdyveR3xNKO4DfN7hN64T9B9-x8Qam3iwEmnTrbL2mriF6URvQE6qyoCCzEPS1vvQCVqq7GL8OtkZkrzy6trdtI4g
Requested by
Host: 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
URL: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:11 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
us
sync.go.sonobi.com/ Frame 75D8 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAehlK4Bx6K4jtxoqGhNBvWuOnNvZmVg7S_spcKUdi-M7HGfAnMBpvBqdiNZaEdKQL9ZRCemON-rGdb8oqUuc2WA-xpNfWC6vsrc%26google_hm%3D%5BUID%5D&google_gid=CAESEPQzhBqfNy40Bh4la8czCkM&google_cver=1
Requested by
Host: 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
URL: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:12 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-101
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pub
cs.chocolateplatform.com/ Frame 75D8 		0
0
pixel
cm.g.doubleclick.net/ Frame 75D8
Redirect Chain
  • https://ads.avads.net/sync/ggl?google_gid=CAESEDmELjATbCQyYorTXgchOYM&google_cver=1&google_push=AehlK4B3aVgCPeROkcDuOJiBEmXq-e5SZ5i3RVKuTtUOBrw-JKLuJLqoE6dXtO-bvLviQ9ly7H1p6sBGN_Uyr34jHPEl1n1IdAFG
  • https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OTM0NDhjOGUtM2Q5MC00ZjQ1LTllNTktM2FmOTBhYzM4ZmRj&google_push=AehlK4B3aVgCPeROkcDuOJiBEmXq-e5SZ5i3RVKuTtUOBrw-JKLuJLqoE6dXtO-bvLviQ9l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OTM0NDhjOGUtM2Q5MC00ZjQ1LTllNTktM2FmOTBhYzM4ZmRj&google_push=AehlK4B3aVgCPeROkcDuOJiBEmXq-e5SZ5i3RVKuTtUOBrw-JKLuJLqoE6dXtO-bvLviQ9ly7H1p6sBGN_Uyr34jHPEl1n1IdAFG
Requested by
Host: 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
URL: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OTM0NDhjOGUtM2Q5MC00ZjQ1LTllNTktM2FmOTBhYzM4ZmRj&google_push=AehlK4B3aVgCPeROkcDuOJiBEmXq-e5SZ5i3RVKuTtUOBrw-JKLuJLqoE6dXtO-bvLviQ9ly7H1p6sBGN_Uyr34jHPEl1n1IdAFG
date
Wed, 14 Sep 2022 10:46:12 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
0
0.gif
id5-sync.com/i/495/ Frame 75D8
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEACZdT_YPLyBwsii22_bVTY&google_cver=1&google_push=AehlK4AEUBWKydGzStpRuTQxJebNm3CKye1N4LArJ_UA5kjbNd9YRJV7eqy3NBIxr4vg2ZtQAVtpwl8iU2ia94zKdInV9J_pYVSM
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4AEUBWKydGzStpRuTQxJebNm3CKye1N4LArJ_UA5kjbNd9YRJV7eqy3NBIxr4vg...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4AEUBWKydGzStpRuTQxJebNm3CKye1N4LArJ_UA5kjbNd9YRJV7eqy3NBIxr4vg2ZtQAVtpwl8iU2ia94zKdInV9J_pYVSM&gdpr_consent=&gdpr=
Requested by
Host: 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
URL: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:11 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
date
Wed, 14 Sep 2022 10:46:12 GMT
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAehlK4AEUBWKydGzStpRuTQxJebNm3CKye1N4LArJ_UA5kjbNd9YRJV7eqy3NBIxr4vg2ZtQAVtpwl8iU2ia94zKdInV9J_pYVSM&gdpr_consent=&gdpr=
x-xss-protection
0
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept
content-length
271
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame 75D8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJc2KXmV238tLctZApvDGqmPf2usa8U0NEeQ457JB8sQfwe9BASMWsBp2fOslXO_5TmVRP3Pg
Requested by
Host: 02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
URL: https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208242209000/ Frame 0A8B 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98a2bc2afc0f4cab2b795ad4073bcb8fb4093f2ef1df15ea4f616864416bc7a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
149776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61572
x-xss-protection
0
server
sffe
date
Mon, 12 Sep 2022 17:09:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3316a1477ddceef"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 12 Sep 2023 17:09:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208242209000/v0/ Frame 0A8B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b40b457fa316cee42f8a4bc97d77182cc54120e33ffbb8a812c05836501134a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
55720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5202
x-xss-protection
0
server
sffe
date
Tue, 13 Sep 2022 19:17:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"29c50428a02dcb23"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 19:17:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208242209000/v0/ Frame 0A8B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2d49f967e0112be0eb0cab4103cdec4cbf10f49810197750ecea6fbe2ba116
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
224176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28820
x-xss-protection
0
server
sffe
date
Sun, 11 Sep 2022 20:29:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d86c26a7f6daf516"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 11 Sep 2023 20:29:56 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208242209000/v0/ Frame 0A8B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
476756d5ca23f4bc0086789ce0af7a810be71053bbfa8ea98aed92cc14f123dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
55720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1907
x-xss-protection
0
server
sffe
date
Tue, 13 Sep 2022 19:17:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f652edf411126f67"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 19:17:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208242209000/v0/ Frame 0A8B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
659e88497037086f548b785858e67802177b50f906e65ab77c6985841b370cf9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
520693
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
date
Thu, 08 Sep 2022 10:07:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1a39bbdc45509c4d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 08 Sep 2023 10:07:59 GMT
truncated
/ Frame 0A8B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
787de955506bd790b41dcd02ce5373e6af928ed6df780c4dbef9543986903bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
842865223649244099
tpc.googlesyndication.com/simgad/ Frame 0A8B 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/842865223649244099?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmkrqH3Fzi2KxwAZpoAD7ooVrRg2w
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c4a38fa45c2d3fded70dbda3f67d0e66524b35d097c166c02133211240e9039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 02:56:09 GMT
x-content-type-options
nosniff
age
287402
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116488
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 08:08:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 11 Sep 2023 02:56:09 GMT
lt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0A8B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/lt.png
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c80ecd9fdf0080a4d3933c8f981e8bbddf8e5789a724a87c02a65551e634e57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 19:04:34 GMT
x-content-type-options
nosniff
server
cafe
age
56497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
4498263971072157030
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2853
x-xss-protection
0
expires
Wed, 14 Sep 2022 19:04:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0A8B 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 09:36:15 GMT
x-content-type-options
nosniff
server
cafe
age
4196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 15 Sep 2022 09:36:15 GMT
l
www.google.com/ads/measurement/ Frame 0A8B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7PeAsKxV2b5VTRF_Yji8jwrSQP_mxa7U9Cmn-gFkhfisErmp3OHqjl64aTEICO8wkSd5tynLDaADUdgDVIQW0HzLUAA
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 0A8B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CThHN87AhY_XDJYa-3gPd5JHICZ_b1LJsneKW87cQ3NkeEAEgjeS9KWCVuviBlAegAfL7098DyAECqQI0PAPYdr-wPuACAKgDAcgDCKoE5gFP0BdWWGjks77QjED8NuAJOYLdDXrkxhoU0ircaw8SeN7UdOlxaZ5FN2VdZWzRsPX5g1y0npTGso2YiFa-FKGBjwd2JkRtIehcucJkp1MT841SsLE3k-Pzz1uG8OUmTT826gMXXPqtbYUGwN5x9dkrm5INmk9dTYWgPFfbdwrJE-rX6MUsRrDIXE7g54PD6JZI_tqlg-5th8fmbrjwFtBAhDFwqaTaWdwuoSoTxglJelUytQhQSRaZhgePu0mkXNGxp6QMvlsPsTGXa-6IX6l5lLUZJZmtnO5ilrafThy9Ptt0Q-Bh_sAEzbulo58D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9nlsiaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDvhRLSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tNzUzODUyNTc1MDkwNjk5OYAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi03MzgzMTcxODMwNjE0MjE2GJXiHw&sigh=4oE3-h7qIo0&uach_m=[UACH]
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame 0A74 		3 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/63c948108fca389386b4559ee0d6759f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 10:20:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 10:46:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Sep 2022 10:46:12 GMT
20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/20cd3c9c87a3dcad42074ff89b4391e0.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 22:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43724
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2458
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 22:37:28 GMT
8cc05b6ea379ae3ce855c8e91d3a6a6f.svg
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/8cc05b6ea379ae3ce855c8e91d3a6a6f.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 04:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24255
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1505
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 04:01:57 GMT
c9410573296197343526d286f178fcbc.jpg
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/c9410573296197343526d286f178fcbc.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97fa6802645b7673240fd33eab61c7e655fdb3e4550d61a39771c6375ac2b567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 03:40:24 GMT
x-content-type-options
nosniff
age
25548
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3007
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 03:40:24 GMT
ce0cae416fe97a186afbca4725bfd717.png
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/ce0cae416fe97a186afbca4725bfd717.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2994a5b3813e5cd5a88f7e29cf7fb6d5ac3ea5a63753d582226aeb4179eeb226
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:48:52 GMT
x-content-type-options
nosniff
age
7040
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1779
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 08:48:52 GMT
91911c933a0ed11c8b5f84b2394074c1.svg
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/91911c933a0ed11c8b5f84b2394074c1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
903b98f60fdcc790e20dd7d3ceac0122eee7a4eba627c7174e089d83f5268a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 23:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39586
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 23:46:26 GMT
ddbadd620af22cd3957f95efbde96040.png
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/ddbadd620af22cd3957f95efbde96040.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12afc66a0a9d77f1e381aece15081f42d113187ad86540c1efff49cc9debf7ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 22:37:28 GMT
x-content-type-options
nosniff
age
43724
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12909
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 22:37:28 GMT
93f0e14940d6b93a658cb6b090220ccd.png
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/93f0e14940d6b93a658cb6b090220ccd.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
528a4379fb72ed34757db4ae9a47c36bc0d9d87bf45fc8a967b78b606875936e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 22:14:17 GMT
x-content-type-options
nosniff
age
131515
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7862
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 22:14:17 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C70C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQzEG64g1AAIX_IzWWK3SMVS3TcphUV414VrlOGvB_owfk7sRXRikuPmBzwMH7b5GKGanttELgnehKNNhJoa4Kr68prYBAtMF7x8JmenRSNE3JTD4i-LIZKbuQE24NcnwaZ-6dIT-62KyJZC4j2WN4GSIWaASVVRV5s9UjCbGrbo2lm8EzpR818u9LU3JkoJUivfVnHB9uCs0V1FnSv0LBibAANzr__S-1FgYdwbfNcMbCJV7C29DSw99jET8q7-ltQcTz9PAvBFJ3wpuui0oiC5Q3c44zN_gY3StRHN6yqBOOztYn5dzKm5OSbVvH4ANvkZ-lIHfpB6J7jSi777ylq1ZAG7GFSluh7NAcUeLhHEcvDolylZA5d6Td66_4DnyLSkYKHtqmvqm0QVbSmxlyn2ZIBS9hWlGZ_bC3HUcSQmhoeQKxt4TddPjEE68ksssLRuk9zp6jbwOEd7_IK7lCPwNyAJqvAqeVQbfcN-mnjJeIiaep2_IIhcInhNNN1jGzcs8CeGo9yv3ThtAjJnwq6NNxXwIAEriA1wRCUidJmSPbes5sUmk9-YfuJ3EoghAWAy8QL_P3HFaP0u_6BXPkAGtFrkw6LXv-W1JC0oYctCZG_csxytTHxwe5MCzRy8kE2WkX32moxEkR2euPKXwwlsWaomgmI1Dd44SHUvULc1vCyA-HjSmAD9uiOiMJm_ZP81uYRfQSBHqeag8ihohH8hEZFiwpDNtan80X9OXMiRgWDZio9VHbm-gCzd4XVhFVh7Ev86A8BQ_mkUAX7miu-qGQ_rgHOoANwmpVZcBT6ekeO7CmQb81PFzl70CybxOvzxrAA3HX84dAvZCA5WilsJEUxMJBsn2itfB3hTBlawGub-zEvpQIq9l6U02rUQtbDIndQjxJ5CikICS7GPwEtkKdBFVZi5LtRbbnXLOixliVhtQP63CEs2RmsFs5cKNKLMTFmBFU2boLjJFs2_cH4N80u0IvgB1KOQ_q18EZx5-NAJ6U7Yc9DC03OeUq98rxs12FgJMRp4uTGm5KB-D7rAO0r6Znw3hdoFH5Ud5RYgFLbqutpuf4Q0PJ_RPGzBGKcK5aYuwpLrNNxJeBuCZ0Mkv1_W5g1Fzg9g3xb1KbZav9xyBFGUAl__QnFauKHp_CB_BarWgdxuBvd8IVArPEUtY0koQ1Up8-UYfwtuSS-hnGTw4t_k4qYw3dBPCF1fdQjgmRF6G60YJ1J_-tFc_de8kr8pbu6_oOxhZwxdt_H4Tj0OHkxQGQ_dShIs5xxWAPGNElFPeL0Uw3Kb-l7uRBV0UXRB5caypuoFbQgEK26g1qZylxpaN4cj3fBYvmEi2q05LezJfxIdyNjdk51-FoKrFypJ9OPTueI7GIezM&sai=AMfl-YQuT4dAYdhsFRlhcH644iCo3BuyGf6xqPVVHcFrVSYnWGJvdPQN5rRWVoWDtKCO2-AjYev9ylKDlkWFWLFXGbQFbBmYA9aMYaefUWutTkjhDxjFBvDI-Z-LQ81z0m4P2ynG7rM3iCmx9brih601eHSAcFHoJSRAWhmWmbo-Aa_3abL95xIUqALLQlLFIb9SY4Ak7tv1awcqdFvFA1DhQrEl&sig=Cg0ArKJSzGodH5qaGXOaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1144&vt=11&dtpt=709&dett=3&cstd=417&cisv=r20220912.45093&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame C70C 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d75168ada46f76ea6f5cc172689bfa7f0c2f5bf2e39a0d919a86d04f84423439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5644
x-xss-protection
0
node.php
node.setupad.com/node/ Frame 59A7 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame 59A7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db6a5239daed262752f4827b0847b67861ca37c57ce667fafbd0c81e656dc552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11246
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ADFD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 10:46:12 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C70C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYgche-7AsaVUBcQtbvPmYrTD7nsrc5_oyzuw_Jszi4s_dDCWqTo6D-y9GHRNPEmPA1CEga8e3M8ipmrMB69ime5la_wKl3vtOwALLYpjwtTY7SK3qcOeCimlDwqtT_ugFjFgF_Q&sai=AMfl-YQwMUh1NA4WnW6vAOmlg2rlZ6bl0_9cAVeyvatT9MphBKGw4UfnPD2t4Lafu_9vYT41eYlNM9pwCUf-yVYnYP6BnU---Ko2I_claqA42AlxRMeqYwYXgrk0LVTc&sig=Cg0ArKJSzAsnox3NKu2qEAE&cid=CAASJeRoLXTDBGAQinEFUik5BEKFSvkZcyhX1oa3zE1xJM-q1kcUcL8&id=lidar2&mcvt=1089&p=229,315,479,1285&mtos=0,0,1089,1089,1089&tos=0,0,1089,0,0&v=20220912&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1561111712&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663152370404&rpt=637&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C70C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 10:46:12 GMT
2709ffc24586f09520807af65b6aa12f.svg
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		3 KB
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/2709ffc24586f09520807af65b6aa12f.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a46978057caecf7869ff05b174b9499144990c93aba89dea5c5e38b3fe0b2c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 22:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131515
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
924
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Sep 2023 22:14:17 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 0A74 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 18:52:55 GMT
x-content-type-options
nosniff
age
143597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 18:52:55 GMT
2eada23945b9a5b9cf7dde126dd083d9.png
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/2eada23945b9a5b9cf7dde126dd083d9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0f1653d72fe42595be9f469fb0402c45b98c2271b2b29ff84946345d9234743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 09:17:23 GMT
x-content-type-options
nosniff
age
523729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9507
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 09:17:23 GMT
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame BD5C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 10:32:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 59A7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 10:46:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8970 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
70
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:45:02 GMT
expires
Thu, 14 Sep 2023 10:45:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 94F3 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c4c51d26dde262135004cb84ec6ebd43f15db6271ca5f01192e89a768a8fa625
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IpfjKqPjE31JrlIbRmr1Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-IpfjKqPjE31JrlIbRmr1Xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:12 GMT
expires
Wed, 14 Sep 2022 10:46:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0A8B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date
Wed, 14 Sep 2022 10:46:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame 08C5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 10:32:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 47CD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9Q9YKEoOx7Y6hfSiT61alxFyheUs_CTs6gGs7bisdsjcKLZl1HEBuk7u_OKFI86XhDyL53gGEzfBCHVs_pDGezLOVDfQn2dIZN4YUUnmT4idIjPoEm8DZE4ot-d_05cq644MOx-1ajJ8qM8JC-GQzGHBJSXvVDjTR50hUU796SgQ5iLzS9Ae0obKS5Yk8ml3ltTa2tNKKFTE1hL8qvrMHOuDtaJjfsgw3ZrZB1OZIJvHn7CCi6NKUcySU23s6LKxnMMoXjbYebqOObtXdknasliEx3-5nFCZKcovdFleteVHUkIiVQoEduPIywvH2MOEXsPpouKuvwppbBc9wZhyQGs5I4ru96w0UpOUD0tDT9WPkz88vvvAUhQZLYvCr4Dka64shfUUKRrYF3PrqjdhFKhCa4Zv431tj8h2NLPm5wWbjWG3PDMp8aGhaJCxgIKxBFQxKmmjBXPRJjklm9cq0H-qnU3iPcV_Ag0REWJ8UGlQfLx0SvdjQY6KNAbGXpRruriW5Hbtj7MQdrKGU8ztNRHWhHel1pJwKcmDuXjtLo1MS83ELomZ8SHt2qgspkW3Myp30ugkEOvnNdmwPQ8aK-N78Jod4v7N1SBYKcXOeBj3NzOgpZNG4IJHLvqj2I_5p-zjch0h7iXQVRzij3qtSTcNj6zgCOthLIYd1tGO7L7S0gUG0Gew-nZ6ErBp6pwn_h2Fng9t5lazAE6p4AD6P0iUgRqgU8X0sV7rCnJ9GHEvUPKEHQqCOtAZUe1l_1a31WcF2l1wss1amyBY3PP5v2O26Hra1AF4ICdyRl_uPs-psClEmeLlv458kKXYKW7_FYSe-_3LBmZOPkWpVn_qjP2bGCo9lUsXtmDX_ClSE2Rn4SOvtup7DipypWAKZHyNI10STVqP103bQdr_9fJznqkVm5ygbj22QYv6rK6CTwWGmBrfW4xUdsaYp5roFhRN_XjJDcq_kntu_zv0vSmtRl0Y7_Yh8yr69YWML_6lsKjwLK5-Mbpj9PGa0rkLFwy8xKhz_FsUj32eI-uk_iOr0QRTU8zOqrNEFhPYYz66Kaz_y9SC9HlmX6sEca0jrYrKlE8--pSoxuoJ_7d-u8LR2IQQSNC_0dPKhkMNB0H9J7TToH2esAA7LLcmJhVj63vZhGgPWxoZERJnAWHPo32Os4ILa8dZClVfZooQq8_RrgPIc5Inu_ZzQZquqW4-w3KqJlfX5Na-e48PTs87HdsRGHhr7-Lo5F28Ra7Q&sai=AMfl-YT7FsFw4UMH9pQEImUnfwhasCBP0xmSLDsFtZpD4QqQo_-tSzyDKDkiphLFBIEja3rdikmqExGrU2u86v6wY2Ys9lTSSp-8ZtGwuXpUWoMwBdgIkKlmVZibo4W_aZ9dwJsUzX32nGS-9UXPmAbADVO72JJDc5glFJJOIlM7pu2SoPYVqwROg5ImJ7qRBAPDheluul699yispEGc-BlBjWIM4PvC5qhFcUN71N-0KOFypDNayEfs2COkUgjIb5kG0sWwJe0fybl8gEpErJkvg_9q7YvbWXsCXXfOM2P53PAa&sig=Cg0ArKJSzIJ_bsJ8A_k6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1251&vt=11&dtpt=880&dett=3&cstd=361&cisv=r20220912.85849&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
node.php
node.setupad.com/node/ Frame 8F1A 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lietuve.lt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 59A7 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Sep 2022 10:46:12 GMT
842865223649244099
tpc.googlesyndication.com/simgad/ Frame 0A8B 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/842865223649244099?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmkrqH3Fzi2KxwAZpoAD7ooVrRg2w
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c4a38fa45c2d3fded70dbda3f67d0e66524b35d097c166c02133211240e9039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 02:56:09 GMT
x-content-type-options
nosniff
age
287403
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116488
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 08:08:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 11 Sep 2023 02:56:09 GMT
lt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0A8B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/lt.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c80ecd9fdf0080a4d3933c8f981e8bbddf8e5789a724a87c02a65551e634e57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 19:04:34 GMT
x-content-type-options
nosniff
server
cafe
age
56498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
4498263971072157030
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2853
x-xss-protection
0
expires
Wed, 14 Sep 2022 19:04:34 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0A8B 		344 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 09:36:15 GMT
x-content-type-options
nosniff
server
cafe
age
4197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 15 Sep 2022 09:36:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C4C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
70
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:45:02 GMT
expires
Thu, 14 Sep 2023 10:45:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D716 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d11c6103eeb89ac4e6005d2d91eca609e8380066e4584d81c922991ee7858ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dqgkKzGM9124W_wiy125ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-dqgkKzGM9124W_wiy125ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:12 GMT
expires
Wed, 14 Sep 2022 10:46:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8F1A 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:12 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Sep 2022 10:46:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 94F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090801&jk=555437536040732&rc=
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1D70 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ipfumA
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame FB09 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
22078
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 14 Sep 2022 10:46:13 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 406936
X-Served-By
cache-lga21939-LGA, cache-hhn4033-HHN
X-Timer
S1663152373.291218,VS0,VE0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1F8D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60793
content-encoding
gzip
content-length
13946
content-type
text/html
date
Wed, 14 Sep 2022 10:46:13 GMT
expires
Thu, 15 Sep 2022 03:39:26 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 57C4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
22078
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 14 Sep 2022 10:46:13 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 425157
X-Served-By
cache-lga21939-LGA, cache-hhn4020-HHN
X-Timer
S1663152373.291211,VS0,VE0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2A78 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60793
content-encoding
gzip
content-length
13946
content-type
text/html
date
Wed, 14 Sep 2022 10:46:13 GMT
expires
Thu, 15 Sep 2022 03:39:26 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame 8970 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 10:32:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D716 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090801&jk=309950001095319&rc=
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame 2C4C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 10:32:09 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 8F1A 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:13 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Sep 2022 10:46:13 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 59A7 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:13 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Sep 2022 10:46:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B368 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bgpqp8rAhY-7TLPbCx_APq9ehoAkAAAAAOAHgBAI&bg=!1dal1pLNAAbG3AOo5tw7ACkAdvg8Wt7Bo8g3K9zubJtAululWfxuu_Wlft_itcvCm2WIMKxSd47EewIAAARGUgAAAARoAQeZAzWzbBalaNtbnDLmLH90Wz2v-MxgMqMtK2o6T1V2S1HgboOd3zzaCPaK4CZ-5l6vz_Vr_7HuRnDWs0AQWfZRxv-ahALEzD1YMQge4WYJVmmAtjCXAyRQUnmAR2_-PdDXILjhNriNuDH_Xr4huwhmqEL6RcdDOb86erAMjyU0TTycCXZay-fltsO4n9h2h9UiF27nR_LyNAZqVV-YjqsUN84OoRX_x4O6EoqufQkBl2UCB_gQWNocxxO10UDRz4ZLNbFYQQnuFXICMe9ZydCwCb0IhmH0g2oGJM7V9WDl5LjaLhKoXUKo15iuatJUOiPR2TNKKrkhBq_OElJzbFlDNNWY7N7DMhspT9sqM4bacooYx1BfzHewYHMjwfGFtJxEeVGg3sVc71ITXbROZdDNbPdapwOZstwc74oBleI_qtfMgWM4iK3qPzbuP7KloJUYqQVjWJac6WWKYbKZ18fYVaxdcBnOepiLQftwcOaA4TtcJcmXhjHspJfBThOlhuCV_WvJ9WMUD2HWtBFB_cq_ocU8XhP51rgbv9v-zeQ7xW7bQJbwgbGARoFFuz_0ZQQxf9itIeAcpmxoR2qggHTzCGz036d9zefRAu9yPJ2Jpm0ySQBvG7tt8zV7b7dN9IrHwX7qicDfAlOWw3dF2cJ1arwcfVrUNkevpPPp1m_SgzNWqevBImpHTlzyU7vFHeUu3eWi42znlyBKjKPfr4SmronbmLa6k-uY1A89fSsh8iD2Lic9X0RjZpr7H8uTR5a-csVytssjWVOlCmo2mzJYSNJBgESFXMOXtAkVe5HkJkV1vDTgbsLTQkwVWB8bOEDURG4D9xfF0F__PtNT71KXjltvkGK_IAB1ExlDTgJIhGFJFRLP_IVPVHZARqpgIpmY-qzg8hA33GCuZYws-6fIEFArKHmbdak-ybK_nWi03sPj1ewLBiPFMdEZ723ciAZetga-LoBZMY96kvIDLxzudJpqe7BEaIZgpSKUbT_-1lToIb7W3xeEmS38l5-0m-Wt48j2t7Dx3pgikc8JP9EY-NQe1ndrOnvyNUJpOdU30Ym9eym3lDJmBOdH9RPa46DvKzZiti6UFg
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD5C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2WKg8rAhY-yRDIOSrASDs5j4CQAAAAA4AeAEAg&bg=!vb6lvvrNAAbG3AOo5tw7ACkAdvg8WgCBWVh-nJVbxKJFKZUW8kw_3RnMMoofYodPdi92uvzIjsJM7wIAAAKZUgAAAANoAQeZA4SDD9xU2W3aWkKly-3Dvs-gzx3WtiHbxvgeL9cZ9erNSMfqRwdstF2FUIJsNSBuArwWGgU9zfESUyt4KPTKZ_mGEUQANF1hPbkXJxMmXUE7Xrw-oaiWtNIyg3mW3nOQmPu47GUmmEB4JoAs-7LhkkEm98dF7y6ztigv6wf8woFLtRvu9uzdRqnro00F35JpHG8mUqITQeJ-K_DNk4TizwxcOcUPqqrM7h3_cNRTEAjQnpcuZnKdewzvHpkCJVhpusSOFKl2SgKGVSJtr-JX015vAnONBuro9BjBLiRdOM6aPg5LIsv3ur0yz5ERk2RDI8Ql3hE0O5fNtalgHK_47pwJdSCHjpxGlkatTqpa1iucGqoH1tsSYOAfcDr9fjU45WypPKvDOrJgvpA6pMj_bKUm82mcgTg9-tcY9Ju3e5eoyfhZGivBpbg729PaM_RpPlqf8N2GRzAMqRW83kOKBSMrrlZdNkWftllsgdufLtW7CO155hZLp9Hru82IBe2cBIlFS8E5RmFPTb20UvHKIJLQwf38RcD0ofUS-EamGMhbw4w7R_VFfxC2Q0T01kFB0rA7O2MZYxjprHe-HgcKmdFAaieJin9huqROWYjkkdOL_cIVpJEghtE5lrxuMx8chGh7n-zIzcGdUIke60Icqw0pnzz7P5xsOM6EG9ljWX-gJ9tjWW0tLsuJDJw2S_ds-F8t0_dc4dFctlqrCrwg3NXjEEwDnbsbtLavwIxSpd4VOZHNhbtNXUpCwCj7oSNohss47iGWzn30Cbvow9jq-U2QsGcTXelryznG_8TL3GHsn071ALTmBd7bnpRrNII8So6MHeqj80pMQ7JNlwh_QW0EDMaubstLH86VOeLQBEL5rfR0d7WjpYElazEFcSmAWishTNWFnJ8_NBwl4vJhnI7b6fNpni2eM0Yandx9oqPorghBASxieZjHxGk8YkITPladoNCAhDJPgko3ImakLfDgbgFQYjOo0rAbWROhle4xgWutqU_7eFQfBu-rUeqsB2i-e-KO-JbwMEiI7ItXwE2fB3yMhbRgIFS93u0IEU8K9qVYFIX9HUMs1--rOwwg1R9eti_OaCsOWFxdG1smjnYvOE-AM-YtLpy73tgezJno5eKQ5z8eBxkwv5FGwofzpMPnCCvZsfMXiZccB0rcUMbDl3x4t32xhT1tRkvjrx4H3sCg-JQ
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FB09 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:13 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
b96dceee-60d4-4f70-8633-7db5c146788a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 57C4 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:13 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
59e4ab58-fd80-47f9-9cd3-927cc3299e1d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1F8D 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86966175&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:12 GMT
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 47CD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstLQSwAcpNjiHp18BXA1drw4SlGXtg9QLA474RxjKUQ2kFC10tUQtc5bRROuu8gRLDx-l78sL7VTciJGmKIqy2UwSbjn69aG8j_vJe8hbVzLppPyOkERrL7UiqnLjeSnW1qqaBgw&sai=AMfl-YQ0bV0XFpMOzD88OiknVSq9LY-daG487tO6Dp3FCqzMvy66NSB3OueC5ezsyuGaiea1Ou3kF9YuOgyaqryyxW_Ww9gx4Wn8mLMZ49bTIir_u1kci-k_Ccl_XJAT&sig=Cg0ArKJSzMc9FykGvP0OEAE&cid=CAASJeRoy2KIhYwyJCJY5x8_fa8SkvEurPyYwEzcPxsVhI4f8ATzo4s&id=lidar2&mcvt=1046&p=567,978,1185,1138&mtos=0,0,1046,1046,1849&tos=0,0,1046,0,803&v=20220912&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&vu=1&app=0&itpl=20&adk=4057126961&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663152371190&rpt=496&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 8970 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8TBK8g
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2C4C 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7gFy-w
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8F1A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091301&jk=2288171947044446&bg=!-_il-LzNAAbG3AOo5tw7ACkAdvg8Wu1OQGNRteHWKTDHIbDmD-f71D_AYgiodPG09W52IrHtiRkArgIAAAPqUgAAAANoAQeZAuhBAXR9CkyzOTGSXiJ5zkxXPbtAsW9BkirdDuiyX8mdRC835-ZM2taqN6TZRmAugHdDaxX1-rjOwiGnX81SnfrduHMUZrSnC43EVDSaOPCWGH1hPFWE_QVf-t8KDQWDBtCVivMO5G3o8cg4wq6hjwjiVmqtNuIirlhhuuNWSfh8pIzUTg_uw8wecgUdDhbu318px9-9viFpN4J7D3r3vJqSyVaHsolpItBCOWI1lhrkun7Xyj01sA7ugHX1OOlt-islWtWtAXYMgHipnZ3Y9jyO7QaMfrRRqLf0D4CvuqUgPsv9bfMdqwFg3RDzv15kGTY9_UkKJihP9b3g6vCmC49paPqyvEgl7rshmDMFGO-CBbmmbWa7o0TRSehXrtamE_UVyhtzl48IMHcUsbxumZyZfgobGPbxOVtdJmw9n6K5bgBbCHzxI3z3dpjY4uilCKK4KDXpC6A1kMh1H7g-7j70fFXrObouhWiBdpAdgLyW-3Zin-uXkc2YL6s5o6UuxHZGyXX4GKk9ym6v9c_0AbLVngy1GawPDGdUwn9Ep6jt--ugcpoeL3D00maRbqQQuWAhrNBaduxh2SYHLKI7F5U1pilGhaiapw4ISziS6Mls7hT1ncNksiNLnEYNTCs8Dfb_IqotQKNFUtQL8LdJa_8TlnbpK_wCeo6AJf4IjCz5T2faT9NdoFOgGlKxvam8rHV974XfrmU-yK-1_mBuGJolIDNvmST2aIbw63VjOpXFCJ91D9pe2TsqBtyzIzU-TmyhTAjgUZWBNI7m5jCSz-PJp4ID4C2at3T25W24XtRDC-lGLb5QNS24fiRhL-oAzE6RtFYviMyA680sBTbiWHWnuMlKSjAAK8awOPrsCvBL2_f7n8b2EFCSA6hM8xRTpQgFBoemZMePcKvgRYx2-sR7wiHbn8hE5k3XtF5qFrOz2SsTQ5sYqrEjMjoib7tMNWhoQJJokkcnTMeEjpX_aYLI1uBK34yR6ek
Requested by
Host: lietuve.lt
URL: https://lietuve.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
327ba76982c904d414809a84e5236d4bb2c0f133a47e013658cc5157a61825e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 14 Sep 2022 10:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11467
x-xss-protection
0
like_box.php
www.facebook.com/plugins/ Frame A701 		43 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=dd35458a9517af64e0a3a9645765d20d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b493982fa778ec6d5366ffd5b0b110e86eae07905f5858b2c913badfa7bfec6b
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 14 Sep 2022 10:46:14 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
NxNrdGBSaUm4mG0CiuAmxRcMIDSK2ayRz693aKs2GVFetndlfhKMLFh/6238CtBQnnhAeWWtQZa4rAruF26esw==
x-fb-rlafr
0
x-xss-protection
0
like_box.php
www.facebook.com/plugins/ Frame 7400 		100 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=dd35458a9517af64e0a3a9645765d20d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5eebd30688871300be00a899f8c5b7b712cc53e6a387ba845b42ebeb5a43d075
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 14 Sep 2022 10:46:14 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
4fboKT8z5qHgE0TYWFVChsuAiXj//knNaRd/+Uu3fCHigm61JdwvTPfXp3k8tAhmuCpHzDqY2AE5iR9HpMFzmQ==
x-fb-rlafr
0
x-xss-protection
0
syncframe
gum.criteo.com/ Frame F07E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lietuve.lt
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:13 GMT
server
Kestrel
server-processing-duration-in-ticks
928770
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame E713 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lietuve.lt
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:13 GMT
server
Kestrel
server-processing-duration-in-ticks
1014462
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 10:46:13 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame ADFD 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:13 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 11:36:03 GMT
server
nginx
etag
W/"631f19a3-160f4"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Sep 2022 10:46:13 GMT
Kurybos28-scaled.jpg
i2.wp.com/lietuve.lt/wp-content/uploads/2022/07/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/lietuve.lt/wp-content/uploads/2022/07/Kurybos28-scaled.jpg?resize=300%2C200&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
a8b9cda04b83491b1df5991aadad795a01e9bd43c7860a0b48fd1e66ceee6cd0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Wed, 14 Sep 2022 10:46:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Jul 2022 22:13:09 GMT
server
nginx
etag
"992b88f41abae3f9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/07/Kurybos28-scaled.jpg>; rel="canonical"
content-length
16040
expires
Thu, 25 Jul 2024 10:13:09 GMT
DSC09539.jpg
i1.wp.com/lietuve.lt/wp-content/uploads/2022/05/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/lietuve.lt/wp-content/uploads/2022/05/DSC09539.jpg?resize=300%2C169&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
418720f4dddadc084dd316dcb345d635e11ba8bead2b808a7584c385f4db621b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Wed, 14 Sep 2022 10:46:13 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 May 2022 08:11:40 GMT
server
nginx
etag
"1544c1d1b2599ac2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://lietuve.lt/wp-content/uploads/2022/05/DSC09539.jpg>; rel="canonical"
content-length
12274
expires
Sun, 12 May 2024 20:11:40 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4A62 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=60792
content-encoding
gzip
content-length
13946
content-type
text/html
date
Wed, 14 Sep 2022 10:46:14 GMT
expires
Thu, 15 Sep 2022 03:39:26 GMT
last-modified
Tue, 05 Jul 2022 05:32:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 98BB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
22079
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 14 Sep 2022 10:46:14 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 08 Sep 2022 04:38:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 425170
X-Served-By
cache-lga21939-LGA, cache-hhn4020-HHN
X-Timer
S1663152374.138486,VS0,VE0
620X120-be.jpg
lietuve.lt/wp-content/uploads/2017/02/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lietuve.lt/wp-content/uploads/2017/02/620X120-be.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.98.24.93 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
lietuve.hostingas.lt
Software
Apache /
Resource Hash
c3f2f4c71e31b6c7b2b7a98738c8586e604470a70a46f03ef5ad1f263dc7e117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
last-modified
Mon, 13 Feb 2017 19:55:29 GMT
server
Apache
etag
"17467-5486ed44d6e40"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
95335
expires
Wed, 21 Sep 2022 10:46:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3161 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
72
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:45:02 GMT
expires
Thu, 14 Sep 2023 10:45:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B3E3 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ad6759dafb2de6908f3c99bcc7be0a6f532aa06c4fb0ce7444e10e31737c8bb7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ry95SRqHKfGKpXr6oOiTCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Ry95SRqHKfGKpXr6oOiTCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:14 GMT
expires
Wed, 14 Sep 2022 10:46:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
JYohBnUH3TF.css
static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/ Frame A701 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/JYohBnUH3TF.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17085e5811d34c4604bf98c28a9cd5ee127648d5a90b445eeb40812ba00b43fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wrPkW0NAqC9JxItye9iIOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4792
x-fb-rlafr
0
x-fb-debug
jvQ4PU4MCSwCxkZrFuxIqNIc/s+y9qxpAPjlqQEepcMgVN/T9XJiaLcxufnGH0wcGNCAadUTgtv7Ed2RZxNDoA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Sep 2023 17:15:30 GMT
5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame A701 		2 KB
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qp62alFG777So/ro/wbkaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
829
x-fb-rlafr
0
x-fb-debug
BcYa1iHwhbr//Qc3UAbH7iQhaVowyiVsXqkr62IBmzv+etnsxeCjYNrHZe07mrnfThE2q6vbgMULrP1j3Lc7Ag==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 13 Sep 2023 00:43:03 GMT
dKTSXCj827L.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame A701 		321 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/dKTSXCj827L.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44cffc94cb364b79acb8c8853493c086f98ba8d5908240daf76a77d7406362c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fRovl5JrOO+AlXnKICPfVw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88503
x-fb-rlafr
0
x-fb-debug
GnrTDNy9OQWNcbYD9soki5XvJCDOVG1Dt4KKgKcGZa+5qFSORvgFFCko4UrAkJA2NEBwsVYzdiT7OTwxTLyCew==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Sep 2023 03:49:50 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame A701 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FvCDsjtWXbnS8g0a11kzwQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1657
x-fb-rlafr
0
x-fb-debug
oTSx0s5IJKo5sAHXXkIJ+abZvIzN2crq9bePPTrK9Ot2Tqf052w4DjjxX02qJbltWrhXzqgoL2rs30q/fznEaA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 13 Sep 2023 05:59:34 GMT
mXu1RunczE9.js
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame A701 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/mXu1RunczE9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe4ab65ab82cc6ddedba1303167ee5ff1907b453b65efe73c4bd55e8ea896aea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YFnykI/HivNtifNyMREW7w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12179
x-fb-rlafr
0
x-fb-debug
IZ0JREZXhr6pZUhOsxgiOlUN2CTbuv8zz9MUOdJKHM4YkkLSufo0jhYq1M8YZWUxzrkel5Ec7sDcgFxxkKPhkg==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Sep 2023 05:15:11 GMT
j_wNZYbaldW.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame A701 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/j_wNZYbaldW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98ec4e9803a519d96819f48233f1f7ecdb235cd49d6f10334427d3e1f311be1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FSQMdSspryHfxMWzjXvTeg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
15877
x-fb-rlafr
0
x-fb-debug
EfhFS+BnTmwC2ho7+B5hGY3IL0c9VboE3KXsx49j3sfWPEUcUmdnRWEHCLvUylHhFn+YJi42/HN//yZ/4aHMbw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 13 Sep 2023 17:01:25 GMT
oRoYJ5VcosS.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/ Frame A701 		83 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c5fafbe995daaf1b8f09dc7e0351108ed2f37d2576a5cf6911f9b7ad7d88dd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PORjSMbtqxUODG+M580KDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23301
x-fb-rlafr
0
x-fb-debug
DQd0Yqa8ZToboetDhFK0oeP+0MPx1jq+Xe22pK7w5r9IrB5h6unZxEDGFFfTHoUdcagSCaGs2+5iGRLxCzEBQA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 13 Sep 2023 05:57:47 GMT
302343648_5272625269518360_443732819177370684_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame A701 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/302343648_5272625269518360_443732819177370684_n.jpg?stp=dst-jpg_p235x165&_nc_cat=111&ccb=1-7&_nc_sid=dd9801&_nc_ohc=lPBl50sIfYYAX9Sl_ux&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AT9sv4vj1yDsEgM_8zHnr4vw4_eIYWzfSnr079qXJgLI0g&oe=6326E391
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
93801aefac3062d75c329076fbe8a9ace209d8deeb8a5a19056101f66ffc0d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-haystack-needlechecksum
2081073786
date
Wed, 14 Sep 2022 10:46:14 GMT
x-fb-trip-id
2050670934
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2836366889
cache-control
max-age=1209600, no-transform
last-modified
Tue, 30 Aug 2022 07:16:05 GMT
cross-origin-resource-policy
cross-origin
x-needle-checksum
1407439
x-fb-edge-debug
X5tUfFBWMr2yDSoKor-nSKesFOc2lrcBdo2BCCQt3HUMGB0lZAEJytfW2k8gqwbh5wxta2qXQWsequUBP6IzA9QQUUcUtLa_fjCfOD_ShvQ
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
15549
302343648_5272625269518360_443732819177370684_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame A701 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/302343648_5272625269518360_443732819177370684_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=111&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=lPBl50sIfYYAX9Sl_ux&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AT8ORMPoTDP1eirG725l9RBtNyt_ZT34XZ-3d7PIl_oIqw&oe=63279517
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25cd999ffdf57c%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=230&header=false&height=308&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85619967d3c3feb4b5cf24f66d85827d73343a09dae5b094f9d0013ac99fa0fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-haystack-needlechecksum
2081073786
date
Wed, 14 Sep 2022 10:46:14 GMT
x-fb-trip-id
2050670934
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=653497863
cache-control
max-age=1209600, no-transform
last-modified
Tue, 30 Aug 2022 07:16:05 GMT
cross-origin-resource-policy
cross-origin
x-needle-checksum
1407439
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1873
syncframe
gum.criteo.com/ Frame 7AC9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=lietuve.lt
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://lietuve.lt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 10:46:14 GMT
server
Kestrel
server-processing-duration-in-ticks
2379973
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame F07E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lietuve.lt&sn=ChromeSyncframe&so=3&topUrl=lietuve.lt&bundle=YjL6719kNDZWTDdQS3kyMzMlMkZGazVHNVZkajlyZk1jTFdUcVhVN0lxRVlKUDFsaXptMUFRZFpUUX...
  • https://mug.criteo.com/sid?cpp=OCsvfnxsUDJTMUdHeXRyVmo2NEdUV2pwcGxFQWtMVkxMZjhFSmhSZTlNd1p2K1I0Ri90V21IZlYrMnc5b0lsMW1WL3BPVXVJV1p5Zk45dDY0amdFZ1hpb1VkNmkyWDdZZHhIZ0t2amxVRHRVR3l3UDA4ZlFVZ2dkbDZJQU...
427 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OCsvfnxsUDJTMUdHeXRyVmo2NEdUV2pwcGxFQWtMVkxMZjhFSmhSZTlNd1p2K1I0Ri90V21IZlYrMnc5b0lsMW1WL3BPVXVJV1p5Zk45dDY0amdFZ1hpb1VkNmkyWDdZZHhIZ0t2amxVRHRVR3l3UDA4ZlFVZ2dkbDZJQUVMVUNvSG5mb2E2QitwRXprdzFMdkpIZHM1QTdTM0I1Y2JkcTNSSGt6M0JuMjM2L2Mxc2oxZ2dzUlpOTFpSSnc5K3RpMWpDVExCdGNwOEhpU05pSS9WejZjeG5vOWo5UWNHREJBR0t1NEdLdytiZ3JONi9WNjVYZkFqUjRjb3g1M2hhZEZ2eHV4ajNBQmZFVm0zd2xkaVkzZFhya3YvYUdINnd5K3lva2xmMjlCOXdRZVZLZz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d7eef9ae4017d9884be7470846ba1fc44c65cd68308a99d71b1cfd3140492433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:13 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1582354
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:13 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=OCsvfnxsUDJTMUdHeXRyVmo2NEdUV2pwcGxFQWtMVkxMZjhFSmhSZTlNd1p2K1I0Ri90V21IZlYrMnc5b0lsMW1WL3BPVXVJV1p5Zk45dDY0amdFZ1hpb1VkNmkyWDdZZHhIZ0t2amxVRHRVR3l3UDA4ZlFVZ2dkbDZJQUVMVUNvSG5mb2E2QitwRXprdzFMdkpIZHM1QTdTM0I1Y2JkcTNSSGt6M0JuMjM2L2Mxc2oxZ2dzUlpOTFpSSnc5K3RpMWpDVExCdGNwOEhpU05pSS9WejZjeG5vOWo5UWNHREJBR0t1NEdLdytiZ3JONi9WNjVYZkFqUjRjb3g1M2hhZEZ2eHV4ajNBQmZFVm0zd2xkaVkzZFhya3YvYUdINnd5K3lva2xmMjlCOXdRZVZLZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
544700
content-length
0
expires
0
sid
mug.criteo.com/ Frame E713
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lietuve.lt&sn=ChromeSyncframe&so=3&topUrl=lietuve.lt&bundle=YjL6719kNDZWTDdQS3kyMzMlMkZGazVHNVZkajlyZk1jTFdUcVhVN0lxRVlKUDFsaXptMUFRZFpUUX...
  • https://mug.criteo.com/sid?cpp=RIecenw0UmVVSzJoT04yeFZzUUhvYmczL25QZkFoQlV5blNEUGc0bkhCajZxVGNudmtNRlFVcDlpd1dQMkd3bFM3VDA4Y2lsdDRCNDB4eVMrYUdQUElDOHc1b015ZnJ0N2F6Z2NjYXVSeDg1anlWNit2UXpOeWk5TUJZMG...
433 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RIecenw0UmVVSzJoT04yeFZzUUhvYmczL25QZkFoQlV5blNEUGc0bkhCajZxVGNudmtNRlFVcDlpd1dQMkd3bFM3VDA4Y2lsdDRCNDB4eVMrYUdQUElDOHc1b015ZnJ0N2F6Z2NjYXVSeDg1anlWNit2UXpOeWk5TUJZMGlyOUxWU1E3MHoxTG1LcjhaMXRXVElocFlKb2JBT3ppRjNjS0dyaG8zcDd5UFdWWWFZckw5NStacEdSVmsxZHpyRWptelVQd3J5TjRnclFRa3F6K0xEbVhVQTZhYW0reXZHd0F3Zm43SDZEWStOWEFwYTV6dE1uOE80b0xTK2NydmxncitHbUMvY0xrQ09mR3E0Q1JUdHJsQWRzaEE1VFVUdlBNdHRMZjl3eDhXbEdUTjZZYz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
45e0199fe18da673e2bcf9027a4a1e61e29acf4c530300c2ffa05625b7d2ca86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:13 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1981973
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:13 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=RIecenw0UmVVSzJoT04yeFZzUUhvYmczL25QZkFoQlV5blNEUGc0bkhCajZxVGNudmtNRlFVcDlpd1dQMkd3bFM3VDA4Y2lsdDRCNDB4eVMrYUdQUElDOHc1b015ZnJ0N2F6Z2NjYXVSeDg1anlWNit2UXpOeWk5TUJZMGlyOUxWU1E3MHoxTG1LcjhaMXRXVElocFlKb2JBT3ppRjNjS0dyaG8zcDd5UFdWWWFZckw5NStacEdSVmsxZHpyRWptelVQd3J5TjRnclFRa3F6K0xEbVhVQTZhYW0reXZHd0F3Zm43SDZEWStOWEFwYTV6dE1uOE80b0xTK2NydmxncitHbUMvY0xrQ09mR3E0Q1JUdHJsQWRzaEE1VFVUdlBNdHRMZjl3eDhXbEdUTjZZYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
666037
content-length
0
expires
0
async_usersync
ib.adnxs.com/ Frame 98BB 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:14 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
eb83be3a-5762-4297-9320-e80bf5352523
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 7AC9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=lietuve.lt&sn=ChromeSyncframe&so=3&topUrl=lietuve.lt&bundle=YjL6719kNDZWTDdQS3kyMzMlMkZGazVHNVZkajlyZk1jTFdUcVhVN0lxRVlKUDFsaXptMUFRZFpUUX...
  • https://mug.criteo.com/sid?cpp=3CD_4nwvMFByU3gxK1ZMT1Q4YXNCamN0QXNjTEFtL3BqQktFa3U0RHcwTWp5c2FLcWlLaFBtTFlhQ1ZweGdrRHRDTk9acnVnK0NSbkJYbTlFbWpITHN0K0FnVENRNStWMmdnSVNZRzdkN1lZTmllVElBYkw1OU5ZbkNIYl...
436 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3CD_4nwvMFByU3gxK1ZMT1Q4YXNCamN0QXNjTEFtL3BqQktFa3U0RHcwTWp5c2FLcWlLaFBtTFlhQ1ZweGdrRHRDTk9acnVnK0NSbkJYbTlFbWpITHN0K0FnVENRNStWMmdnSVNZRzdkN1lZTmllVElBYkw1OU5ZbkNIYlJ3eTNtcU8xdmROa0ZjY1pFL2hDdmlmQ2NPZmhaMm1KL054ZzBTUTBka0tiSzJNZWordTR4ZVcyYkRmeTMwVGxBU01tUDBuai9keG9JRURIUWFXSTFIUktVbEV4VlYydFA0bG5ENzlWUWdLNnEyYjRvK0hWQ1JZNHJrWWNBOHFsR2lpL09pZkUxWkVPZkVrUUN2enAxcjlPbGJYdG9udzhnWlBaQ2VPa1NITnV2eS9mczNLST18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f5f9232fc68d713c7fa16411df67bbc87d33fff96e448c1534da03d1df5cd503
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2286241
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Sep 2022 10:46:13 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=3CD_4nwvMFByU3gxK1ZMT1Q4YXNCamN0QXNjTEFtL3BqQktFa3U0RHcwTWp5c2FLcWlLaFBtTFlhQ1ZweGdrRHRDTk9acnVnK0NSbkJYbTlFbWpITHN0K0FnVENRNStWMmdnSVNZRzdkN1lZTmllVElBYkw1OU5ZbkNIYlJ3eTNtcU8xdmROa0ZjY1pFL2hDdmlmQ2NPZmhaMm1KL054ZzBTUTBka0tiSzJNZWordTR4ZVcyYkRmeTMwVGxBU01tUDBuai9keG9JRURIUWFXSTFIUktVbEV4VlYydFA0bG5ENzlWUWdLNnEyYjRvK0hWQ1JZNHJrWWNBOHFsR2lpL09pZkUxWkVPZkVrUUN2enAxcjlPbGJYdG9udzhnWlBaQ2VPa1NITnV2eS9mczNLST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
777758
content-length
0
expires
0
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame A701 		573 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/JYohBnUH3TF.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/JYohBnUH3TF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
WLsMeMO/q91HSQiaENpdvQDXo0ektiUlY2cC6u5az13Spw2cLVnyiur9N7cZfqjNA+8N8BjCxLm292ac0uP2XA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 13 Sep 2023 07:49:53 GMT
JYohBnUH3TF.css
static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/ Frame 7400 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/JYohBnUH3TF.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17085e5811d34c4604bf98c28a9cd5ee127648d5a90b445eeb40812ba00b43fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wrPkW0NAqC9JxItye9iIOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4792
x-fb-rlafr
0
x-fb-debug
jvQ4PU4MCSwCxkZrFuxIqNIc/s+y9qxpAPjlqQEepcMgVN/T9XJiaLcxufnGH0wcGNCAadUTgtv7Ed2RZxNDoA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Sep 2023 17:15:30 GMT
5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame 7400 		2 KB
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qp62alFG777So/ro/wbkaA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
829
x-fb-rlafr
0
x-fb-debug
aFzseotTz4JOu4S0h9yGWYWhfEXDltD81yW8Y9VBRNMVopKnOss3D8cU9Cw6lHS4TS9zRLjhYYcs64xmZvUXkA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 07 Sep 2023 13:57:02 GMT
DDQ8bWcaJL-.css
static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/ Frame 7400 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/DDQ8bWcaJL-.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
62bfe96608d6082c4bd73bd9447fdcfdfcad6d511c2a3aa6d3a29db0192a21ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
N9NpJiqtlYhiXCHXvwK9gw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
6452
x-fb-rlafr
0
x-fb-debug
W+H6rLlzurjDByH+NSCnziiMe8nZ9e3N4PnM1oWpcnLHGy//u5ZzrbXF32mOUcNkXcfsQb8jDQPXeEJtLpw4KQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=0
expires
Wed, 13 Sep 2023 17:15:30 GMT
BBtgSyue05P.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame 7400 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/BBtgSyue05P.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae7613b0da5da3c2a8f067c8b168b590a92c7ea2aa53f70d6bb605c0f7fa2e0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
WPln4hqkNW/3exHeNCxL3g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4602
x-fb-rlafr
0
x-fb-debug
ddVT1+N5A/dIbw3F8gNvgs121WTfsH+Wmbo+ZIwpLCF7rBemYL8LyDktEX9gwMOn7gt4gG1S1gc1d3M6UjrWmg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Sep 2023 17:15:30 GMT
dKTSXCj827L.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 7400 		321 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/dKTSXCj827L.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44cffc94cb364b79acb8c8853493c086f98ba8d5908240daf76a77d7406362c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fRovl5JrOO+AlXnKICPfVw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88503
x-fb-rlafr
0
x-fb-debug
droN0pdZ98GyZJ/C8+3paYyALxrz3o0+Z9qHbuSCPpRg/mBFcTc2/tnuYbGsMdHZxXuUS5azWWPcTfGufmpj0g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 07 Sep 2023 13:57:06 GMT
mXu1RunczE9.js
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame 7400 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/mXu1RunczE9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe4ab65ab82cc6ddedba1303167ee5ff1907b453b65efe73c4bd55e8ea896aea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YFnykI/HivNtifNyMREW7w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12179
x-fb-rlafr
0
x-fb-debug
e/x/HxiWVfpVJWLbYB+YM01V7l+92+Uxex8WZOTLGfAIbfzXqte+4GxNCNpA77zeWNiP5APe7xePHfaTbtobOg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sun, 10 Sep 2023 00:19:56 GMT
j_wNZYbaldW.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame 7400 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/j_wNZYbaldW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98ec4e9803a519d96819f48233f1f7ecdb235cd49d6f10334427d3e1f311be1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FSQMdSspryHfxMWzjXvTeg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
15877
x-fb-rlafr
0
x-fb-debug
YLsfnKZB3Cigh9pyadEraVEOmmyROVX9dL/W48j5Zvv1rn5G+qYZA+ugC6iA0KxTNk4WQRxKsixIqksmaZTFVA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 13 Sep 2023 21:56:54 GMT
oRoYJ5VcosS.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/ Frame 7400 		83 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c5fafbe995daaf1b8f09dc7e0351108ed2f37d2576a5cf6911f9b7ad7d88dd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PORjSMbtqxUODG+M580KDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23301
x-fb-rlafr
0
x-fb-debug
g5MWfe2E3WGxW9CUqX3+fK7TFkN2WVM8sUAXouks8nH579IY3J/f+RQWVI5eo01zLJhsjr8kquca/WUSV+xhrw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 01 Sep 2023 00:31:20 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 7400 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FvCDsjtWXbnS8g0a11kzwQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1657
x-fb-rlafr
0
x-fb-debug
kdJx0pJk3/V1sdzoc6bnsl8xxGdI2MOyKEM+8oDrrVx1VrUhYGshLnOPqE/2G3nCur4QaNbcE+AqUn4m8eBAgA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 09 Sep 2023 11:22:52 GMT
aNjKFj6YixL.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yY/l/en_US/ Frame 7400 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yY/l/en_US/aNjKFj6YixL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed9f516a4a2039eef0f8aa0917caeb7f6d3848398aedde89e4f50ea16b7e5d27
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
p+ZoxEwcRKfrgr8kgA/16Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8358
x-fb-rlafr
0
x-fb-debug
U8oy2Pdvx2bSTO+b3+jWrgjOHxrt1YqcivJsACZxpfNQPBgVlA2+nYIfeF4/DcnhVq3w9s5T25nwvN1oKDnhnQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 13 Sep 2023 00:43:04 GMT
JGf8H9KH1mW.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 7400 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/JGf8H9KH1mW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86dfb1b4a7767dce186de18597e84a8c681db225cc4e58dd732e3bcb98d55765
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Eu6M7KxDRPkREsQb3iVSPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
9040
x-fb-rlafr
0
x-fb-debug
NmYpPrQBC74VX4a3hlyYed4OrWFnKYQ6VMq/Txr2G55zu6VUPSPTK9bYdx/W6LH93RmupTwAhWi4gk8Gm4Sg7w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 13 Sep 2023 00:09:56 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 7400 		588 B
392 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dvWT6EJnf3PNCgYjKHSyww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
338
x-fb-rlafr
0
x-fb-debug
rLkoFdqIcOEuwafr3PcNdVL9ikhqQ0f5dS4qS2bfgYtrlif3ZYsB6R+pARQBLsoKiNS9rPxZDvnKuZf/xkHEEw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Sep 2023 23:59:19 GMT
ozdP4jE0x7h.js
static.xx.fbcdn.net/rsrc.php/v3ivrH4/ys/l/en_US/ Frame 7400 		335 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ivrH4/ys/l/en_US/ozdP4jE0x7h.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6b5b4b9e98ec3cb384ede6172edb51369894bd025d43cd75b0705d16fd9db48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
K3lfQSW1+ZnUmDMaKerAxA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
79828
x-fb-rlafr
0
x-fb-debug
fzSaX1y3S6RbJk7+Y17OMZAtLDhXDRc9DSZwSYodQE/52DSh/EPn3/wL9TsH7ltRuDg5e1O1Mc1gAHQkwMJl3Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 13 Sep 2023 18:34:54 GMT
v1WRPESMszR.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 7400 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/v1WRPESMszR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b0683c55aea856e704c6086b70866c67638b162672206b1cab86ab8e83ecc758
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7yQuCUW1OAbmmD8jboaFQA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
18572
x-fb-rlafr
0
x-fb-debug
iNsWCjOzOpAXK9DNAESjwQNW66lQpZXRc67kyz8oNTWOFkMXxknijnJSqeAeHpfNqU1SPWQ/j6NTCUzecceoEw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Sep 2023 21:54:56 GMT
JVkTKpL_wGL.js
static.xx.fbcdn.net/rsrc.php/v3izWV4/yj/l/en_US/ Frame 7400 		155 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3izWV4/yj/l/en_US/JVkTKpL_wGL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0bdc6c2f24a20b0ddebd486ca0af6f120723499e0974394092aae44a6931d77c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
h/2ETdO6Nnh1lroPNg49rw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
42090
x-fb-rlafr
0
x-fb-debug
wbmvX0yFslK1pC5D/eFyZ9P0GQo8IY9KLWr7yph9qCbSKCJbqHHLR+gu6G5rZPr/q68so5/t92c6+MKzXTFBTQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 14 Sep 2023 00:42:04 GMT
BG1HP4rcPmD.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 7400 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/BG1HP4rcPmD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12a83a5de49fece7c97b5051633dd23ae674aec75fc4dc3d594ba49b98503eb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
OSSjYd80jgGTSnHltCF1sg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5229
x-fb-rlafr
0
x-fb-debug
slJs8UW+NUzNBKItH/IdrAdBgEmXqiaTVLkfrHT/6TGRPqPWmfmXpMS+H8Mo7EHU/v6oCnuVb/mg3dtduNEzIg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Sep 2023 08:14:36 GMT
xOlgtKtSe2I.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 7400 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/xOlgtKtSe2I.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed8bc401223498cb5cbece1c38e9f97d3aa9c6a8dbbed8375d870fdcccf25f00
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HdPNsOwoLOfuRPecRn6Rbw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5778
x-fb-rlafr
0
x-fb-debug
GwOFzk/ZqqACZa4PtGaALiEFjVXIu74INNH9wpJfnLjSK+KTjyI1ZjZH5fSq4/rG5mcdslXUDvrsM46yad8PRA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 13 Sep 2023 17:45:54 GMT
oDVETVg4GJv.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 7400 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0bpo8UawH0rvYNearbkm6g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7236
x-fb-rlafr
0
x-fb-debug
MElDpiZvyWcAmIY9f1X5KDBnyeFJ3sgjk9T+DvbJnheb/AiRuze6+iThGOAMew2Mllp8N3EIiEf9gFJP05yE9Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Tue, 05 Sep 2023 06:42:52 GMT
Y4zsaALXxZb.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 7400 		210 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/Y4zsaALXxZb.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8b30f4aa1dbb3b8d8a775a6b71fa3bb7065bf18ec2d49fd76bdb3cee042a99ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6dC90ZRWma+j+t217d7c6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
47885
x-fb-rlafr
0
x-fb-debug
J7stKodXFoC01N1KOAwj8IUTIWQ9AnLeGWQ8rOZfE1YaQydxf9zcyxY1Xau1hoOAkY47TmVQcFUUoN/a/hKJoA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 13 Sep 2023 20:38:22 GMT
k2W5R_CjK9I.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 7400 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/k2W5R_CjK9I.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
960b49393b978f14d8278dc6f22f209b98a17c445ee4481360b58274fef296e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8ApZ899LspPBBgyldF+8zg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5176
x-fb-rlafr
0
x-fb-debug
7UUw125VUwaQsxukYwwa3LFj0xefGIcX9+l5wN6pkV9VtH+3ZXgf/jtMLHr0DdivsC1b+4DEnKPcW0wVzMTWdQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 13 Sep 2023 17:45:54 GMT
FLvtonlSna1.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 7400 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/FLvtonlSna1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d6490f44a2180305b547c102812f520f01fb334f167db4091c1816b66166b9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4majzMI5X7y53cPlzz/opA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
15209
x-fb-rlafr
0
x-fb-debug
FCpZdGOzhCaARerphiFUiUl4QUkIPY1MHglpwF3yRu9OWuf973yKnxJnOB0HeA27XMjzbUsoLqLyfkThZ4AAIg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Sep 2023 21:54:45 GMT
302343648_5272625269518360_443732819177370684_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 7400 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-6/302343648_5272625269518360_443732819177370684_n.jpg?stp=dst-jpg_s851x315&_nc_cat=111&ccb=1-7&_nc_sid=dd9801&_nc_ohc=lPBl50sIfYYAX9Sl_ux&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AT9IbYV11fXEE0bt03Mm5mOQWDj_3mXqJAJoj5Tmmj-Zug&oe=6326E391
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a31483b3b13f51ca951f20ca14d676d310e10a07d904c55140fff5ef28c0b5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-haystack-needlechecksum
2081073786
date
Wed, 14 Sep 2022 10:46:14 GMT
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=900156127
cache-control
max-age=1209600, no-transform
last-modified
Tue, 30 Aug 2022 07:16:05 GMT
cross-origin-resource-policy
cross-origin
x-needle-checksum
1407439
content-length
24301
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority
u=3,i
302343648_5272625269518360_443732819177370684_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 7400 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/302343648_5272625269518360_443732819177370684_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=111&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=lPBl50sIfYYAX9Sl_ux&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AT8ORMPoTDP1eirG725l9RBtNyt_ZT34XZ-3d7PIl_oIqw&oe=63279517
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85619967d3c3feb4b5cf24f66d85827d73343a09dae5b094f9d0013ac99fa0fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-haystack-needlechecksum
2081073786
date
Wed, 14 Sep 2022 10:46:14 GMT
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=653497863
cache-control
max-age=1209600, no-transform
last-modified
Tue, 30 Aug 2022 07:16:05 GMT
cross-origin-resource-policy
cross-origin
x-needle-checksum
1407439
content-length
1873
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority
u=3,i
sodar
pagead2.googlesyndication.com/pagead/ Frame B3E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090801&jk=1832771760295846&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
oDVETVg4GJv.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame A701 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/dKTSXCj827L.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0bpo8UawH0rvYNearbkm6g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7236
x-fb-rlafr
0
x-fb-debug
MElDpiZvyWcAmIY9f1X5KDBnyeFJ3sgjk9T+DvbJnheb/AiRuze6+iThGOAMew2Mllp8N3EIiEf9gFJP05yE9Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Tue, 05 Sep 2023 06:42:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame ADFD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090801&jk=555437536040732&bg=!8fKl8rbNAAbG3AOo5tw7ACkAdvg8Ws8HmbTSdpTl31Gf1Z54vKbZ8BKZZ_FMAoZBCyeNvrNjC_DTtwIAAAI5UgAAADNoAQcKAAU5UgZxQJkC_G5vNCu3a4r64OSw2gETZoh2D-oUskZFEhGRm51vDp12wKTH3JS2xLs4X0Qy5cm5BBYjEY8ZN61igojM5nzj6bgKlrTD_vYL60JdC1UtckxSWotOvKYIo-J2YrEyJ1xExeI5Qb_wm1OVLatN3ugjaa4Um50JFVPnr_FE3tK51L6AoEYFRluJGfeTxyn2Gfq-CoRgQOAD0J_-JuIJ6jZMjwht5h8Y77hXa06EYp2P5yhGm6dZHAhPuOV_qGsNEUOzw7F8Yxq-fJDGe92ibcn8jpqRjlVfvYXBl0XRnx-zo2fYXKdwdn8geFb7zUYUay3o2G649O-fDXYUb0c_J8NBuQ_TvOICGCvoOjli2h8EXzfWib9g5wervg9TlizkXBiyXaXwVN5Z0K6l4gGEoCRlUTIttBnlcug_m1Btn-YA4TA0O6qt895SvwJg6gEMlovJi0M4xJAumI0QGh_3c3rMB3awFeGggZciU3zdIcs0JTxW1KoKpJMLSJ1rrVCUvnMc0tZZesYiipGt2VI2SwuBoJcKcx1jBrL2CezcUJZW8NGH1mAqjSXGUijaMXC3thwBUC0yS9MqVv-jimqpB14sYfp9Kd9_StCbHk52BYQO--Ka-nWihfuWkZ5I1g3dwTXNE387jUodLgvFgWaEcLfoiiHljEP1EzI9rU2lCI2rXN48i-B3elJOLSGHNoDOdubpoZ2xTw4kBD5pAey0mRH-0z_9goV1YnuJB-1FP8p8wX0s2CGzDaYkSU7WLljvg4UoD9DV5-SHmfdYIrjpJSFzq6xSUPY42-UuACxjt-e1xeEwwG7mgTkuk9aKn1dK_zFSruATNYaWS-aBt8EENAKt6Ixj-NubE9vTXpvllOTmvmK5RxRtvltz7jYXw_bvWIObcZXRj9u0Pygxi3gb2UJh6LcwQ0l3X-FHj_z6yNyGUjnjyGv09O-HmgFZg-B4_aY5rnK55HyItUy5ckJJkprDUYtmL_gSYQoNm1y-P69oQDX6K8lst-xXBqRVBL_L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame FB09 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:14 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
cff41e4f-6752-407a-b5a6-1cb31e9808a7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 57C4 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:14 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
b8378a76-a483-478d-9eef-e5e0fd585c4d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
pagead2.googlesyndication.com/bg/ Frame 3161 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5BBnFljR3G8Y2LtXULQJm9Fu_0DS9XrGSjZ8CuJ-SSg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:32:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 10:32:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 59A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090801&jk=309950001095319&bg=!z8ylzIjNAAbG3AOo5tw7ACkAdvg8WvT4XDbr6J4X_x3BPN_ZRQreNL2Q3Lq0aGVeE9aVBT0WyvwezAIAAAG7UgAAAANoAQcKAJW9YMsBlWrx9HQnsV8eb8chOCBjyexTFakjgXfu4ak-EhkEoBv8IGB9H_ARDWhPY0SJznuJGq2n2l5YG-QDS9NNws0DCd1PrHKUc7c1ww5Yg216YbyWlNZxRWfuqDNxGrk3AdPfkwBmh73srNpD1pu4yT9prHR77VtM_Qfcvcw0nAXRAmJj9JiwRFrw4_hmCWXZnlOq75kC57qBLSbE2vmALu4JDxnqmKZdhx7xlGlYQCLdpyY9NSZu4f_i_5QfTyydeAV21epA1WM69UjdxJJoCqc5hEv_19W9vLuK3ZQcnSFtQ-4MXDnRk566Gfb4tIcEzYWKJnokBPdl92ROGkmkJ0DLd9uFomaSRxok88A5-cwPv7E-HekR45MUGhoajL5B3sh-gy_HnNe6syKQVim_ZHQJqSEAWrNc97Jm30UNeKmUtIC5eK6O3qM6OVzUNLs3SlWuXpKNZVKwpyW_t5OqQ4VKas08U_za4lL07K_Qbb1tcRdy4shdZnKvNEzNytiOiLgb6Ts9M4DV8qjHDl1ibxlZxPm92PYHDlT8-_PEIaSrxyQjobLfkJoDf2UgDq-wJ3WFvgvBrblGNLcGs-emB699htlb6CZna29z8_AvceWckrzZPsROnxY1CqTdh5q0t7zCGAGQdnwuPvk1tFJD0qWe07b6yntAWGOaIRhLpDPMXYOFlIXmYY_m3XYMBYht5QP0kABtoOoQUe4o57mlXmj6q-KttCCpi4_61iGQxPV6HcL8aTf7i8mEX4Xc1NyIAieJewunEiydzsN4xhw4-JuHgh0q_viyQKbjt9Hx3oR9PmVgB6ucFenqkFcRfyX4KGBOFjnpKCpoum7IrIUy35WQ4BRTdaH0BcrhdiBm7OS58IEzMT5NLi2Ta86D9wMgRmsdjFR3zHC8vqI5IvF5SN92Bh3fCLUeDMGxVmu7XXRfeEgecAwXmcHnKlpRZga_MqA0rnntBp_w7TYgPP2VRgxTYNtEeEtbxpbowiNYXZt_Ps2wsSgUD9C1z6B3-Cn8Nh3i-Cvv8HJxYkkGifGOqA-f9etMYO3SYBh_9O8bui52AWTwYu_Mm8WT1aHzAEsYTVum-ZIOMezblz-KREiOGCZy87qN09xdB6Ia6BK3OyCtfOMUflehvZCoexGe-rmgXadxoFDG3yZEruBIQXOHQfqMTyCn3oX1eqQ-x2j8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
WmjEmDNkHLu.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 7400 		153 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/WmjEmDNkHLu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/dKTSXCj827L.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
569a62600e351655bc75ed0abf16aafc17fdfd157d33c0faa0dff86134ceac14
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ir1x/xnCih4yyhI58hKDLA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
46054
x-fb-rlafr
0
x-fb-debug
Gp9EirqJ30HdclfhvCxSZQmUMhbOqzJZh2RsdqazEybLZ+RtWVW68NFs/QLj2pgEEKcfG5yZERqq+8JKYsD6Mg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 13 Sep 2023 17:45:54 GMT
eLSlH3RNnyF.js
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 7400 		370 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/eLSlH3RNnyF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/dKTSXCj827L.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c0188b462258e46e5fcd60850a41a52220750f1d99b38704ac7bc484cf5f5df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
IHcueEU2rHkaxp5VqQ4eUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
80673
x-fb-rlafr
0
x-fb-debug
QjEOFcBEyBJXqIitueOlIr28K/Nb/2wc0rmdZVqgPt+hhlbuujhq5LM/XgoN3HwAOEpbhJkhZjqToBi3xAAkNA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 08 Sep 2023 22:58:01 GMT
Sn-_BbYnlN4.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame 7400 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/Sn-_BbYnlN4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/dKTSXCj827L.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
689061066181e2f80c455652eb892d5f2753f4efe880ac9b8924e305f1952f4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zI7TYFgzXoPKVi46GwXagg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12883
x-fb-rlafr
0
x-fb-debug
OBufwPfJ+T55uR/h8523xkOVDpMSgwERi/dPUI5Ez1dpZo9uZJ+Q/4ZET5olJczuq6uVn/pxPlluOUwsJ/Xpwg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 09 Sep 2023 07:34:30 GMT
generate_204
tpc.googlesyndication.com/ Frame 3161 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8kMUXw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 7400 		1 KB
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=1731476730299916&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/oRoYJ5VcosS.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ee33c1144d2d208e896638002a5f1952e3d4131c82d7ae823c56501c81088990
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
5OSkWRGorLD9Y8GT1g8ffb
Referer
https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Jg3cr+FQpuyN4j0isCgYeezV7w/2vCYKWbeWBDVjPKJs2fh/Zm6vG9quM2wIQn3qmuYiF/o8sFLDShCYRQzzzA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 14 Sep 2022 10:46:15 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 7400 		279 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/dKTSXCj827L.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:46:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QusOzUJEj2HVYgmawONobw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
189
x-fb-rlafr
0
x-fb-debug
sG8+nAXhe75thO+9otJz4q3PU+rberH9AtoQoiODuDS86MPo3c8GhdP+EJPmPfqmvrpCKmK6qcEh144ikdzuaA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Sep 2023 21:06:27 GMT
/
www.facebook.com/login/ Frame 7400 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%3D389860177798308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a39bd39eead4%2526domain%253Dlietuve.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Flietuve.lt%25252Ff796f3e76eaffc%2526relation%253Dparent.parent%26container_width%3D0%26header%3Dfalse%26height%3D350%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fzurnalas.lietuve%26locale%3Den_US%26sdk%3Djoey%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D300
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/dKTSXCj827L.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like_box.php?app_id=389860177798308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a39bd39eead4%26domain%3Dlietuve.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Flietuve.lt%252Ff796f3e76eaffc%26relation%3Dparent.parent&container_width=0&header=false&height=350&href=http%3A%2F%2Fwww.facebook.com%2Fzurnalas.lietuve&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 10:46:15 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
4Nuv4Qo8k8KnE+3UCtH7ZDlOBSnM1sU+8FmZhnEN0EDqZtWNVP/mgwN8rbHF1t0/xCdW2yLApyIj4zziFL78CA==
x-frame-options
DENY
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 98BB 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 10:46:15 GMT
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
c20917cb-6a65-4216-bf1d-9c4f9b5673d4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090801&jk=1832771760295846&bg=!-fql-r7NAAbG3AOo5tw7ACkAdvg8WrkNK3loOfHULUyGQbcXpEu_X1aV6EAtk43tmzLIdmaSlRwPzwIAAACeUgAAAANoAQeZAscXJzIZWlKiDF1bUCEv_bspjVCNbN2xS2i-m-kYHQlVVUaGUVqjLAEYesBF-LWqayEs89_CLSZhXw9ZwEA495kSCOg1KCn8DsSbD76DY2VMtDXaEn_pSupyjakFajstKI5x_8cxe_dqyirMedFAvzS4w7jpOqKgt3Xjgi6C7SM0Y5X9MG9RiWVxt390YSgnXCtieO0dkboNC6dakqiWLeEY1R67ipk95w7gPwRZlWymYyhGdQUU987gIeAHjjKgP30tBclCYRLXnjhtkxKlxCCUfGBK3rufeLYB7TvTLGuUdXYWTOD5TwxqnnKAJA89VjnEhlKBK0MODAe_95_67134BsYxCHdCRYhcFkEOzu_v3eQyK3TnVrOXsoQm37ZKaMO6Y0dWzSeqHnMLGgMELuaj4hDSi7hX42mzUYlZDVrpRoKryFWP2pyMFLUAfK732LIiSO6teaHnyVIHGswUBElshfJj-LzhLuwBuHNnUm3JZUGHcUy-MFWxh6C2tDgKEnZAAgwwL4NDkLjLP3h5Ejhhnhi0aKIrLxpI3EnApMielQmePvdQp5TbMgamFV5CUw9ziNLeDvpeQBDk-929AxXmJVNEMyiDWC6hYpTN1iy3T6oEjB411LiiQG7yxVMOgViEue4u3F8bcOQHX_JHdghmf6pqIahdnj0pUouLRZ29kumoUNHt76iA_YJVtegdVs0Wq6Fu8LgxcfqH4R9Oxk0yx7ylyZX_nNyANp_7bZq-si0l_s7-y_9he1FLK3ThqXujRMoGbd8p_S60yPLeIX0fyf35eKLyjdkX7Z4rzXiXi88WuYpOTGjmU1q3YZBQ83xsFZvM6IBMIMNTZ8tDdrM3h9bxTG6GRFxPOF8UsubRvb95m-1lFD83r7mdPv8d-6Si2PQ7cUFRiJL_wcXZM5Zvop4hQ3IDc3t6gDK2c3vXbAENJtZNW2g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lietuve.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/20cd3c9c87a3dcad42074ff89b4391e0.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/63c948108fca389386b4559ee0d6759f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 22:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2458
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 22:37:28 GMT
8cc05b6ea379ae3ce855c8e91d3a6a6f.svg
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/8cc05b6ea379ae3ce855c8e91d3a6a6f.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/63c948108fca389386b4559ee0d6759f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 04:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24260
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1505
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 04:01:57 GMT
91911c933a0ed11c8b5f84b2394074c1.svg
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/91911c933a0ed11c8b5f84b2394074c1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10277471659263878672/63c948108fca389386b4559ee0d6759f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
903b98f60fdcc790e20dd7d3ceac0122eee7a4eba627c7174e089d83f5268a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 23:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39591
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 23:46:26 GMT
2eada23945b9a5b9cf7dde126dd083d9.png
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/2eada23945b9a5b9cf7dde126dd083d9.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0f1653d72fe42595be9f469fb0402c45b98c2271b2b29ff84946345d9234743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 09:17:23 GMT
x-content-type-options
nosniff
age
523734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9507
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 09:17:23 GMT
f3d901d125d4bc23237e2248ff1d048b.png
s0.2mdn.net/sadbundle/10277471659263878672/media/ Frame 0A74 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10277471659263878672/media/f3d901d125d4bc23237e2248ff1d048b.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d02ce772a433f97149033b7a23a53f19f2f782e478542daa0edb11d8a33822e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10277471659263878672/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 00:23:52 GMT
x-content-type-options
nosniff
age
37345
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10193
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 10:25:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 00:23:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEHK84v2hZqwJaegEKr2eWhM&google_cver=1&google_push=AehlK4ClqclXn6seI1lgbaVIc9X-VmZUoBixorKFt8CkIkGVgungNk7cXebhDxCcQ-4y7eQNlrHrE6hKa7bq90XCwLBaSdVts38

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| tievar object| tie string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend undefined| $ function| jQuery function| createTicker function| rotateTicker boolean| isInTag function| typetext function| removeFilter boolean| pp_alreadyInitialized object| jQuery112405174623459911882 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _aoConsentBuffer object| aomini function| inView object| googletag object| twemoji object| wp object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id undefined| _ado_elem object| d object| _gdeaq object| _gdeaqp function| stpdSPI number| stpdSF object| stpdW string| filterSettings string| pbmtnojsqwnlzpsjsipkdppgfu object| usmtnojsqwnlzpsjsipkdppgfu function| _AO_sendHits string| pbkruliferqlkhptprmqqtmmsn object| uskruliferqlkhptprmqqtmmsn object| ADAGIO object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wpcf7 object| cnArgs object| lazySizes object| jetpackCarouselStrings object| _stq function| st_go function| linktracker_init object| wpcom boolean| doresize object| scroll_pos string| url boolean| hashtag object| FB object| _ADAGIO object| __buffer object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| GoogleGcLKhOms object| google_image_requests

50 Cookies

Domain/Path Name / Value
.lietuve.lt/ Name: _ga
Value: GA1.2.745218319.1663152368
.lietuve.lt/ Name: _gid
Value: GA1.2.1511320456.1663152368
.lietuve.lt/ Name: _gat_gtag_UA_34858127_1
Value: 1
.lietuve.lt/ Name: _gat_gtag_UA_177608189_1
Value: 1
lietuve.lt/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.lietuve.lt/ Name: _pubcid
Value: 74b6f6fe-7b3f-4d1b-9457-53af89342a45
.adnxs.com/ Name: icu
Value: ChgIvZZtEAoYASABKAEw8eGGmQY4AUABSAEQ8eGGmQYYAA..
.adnxs.com/ Name: uuid2
Value: 539520558606626060
.lv.adocean.pl/ Name: GAD
Value: KlGV9MMGQMQGEOq9oaXPe28issGMb19cL6PxGsRP5SbtaGQsG0gRi7yGr9iBFlMM-H7hE1BpY88s1ssLeK8YAGR7kGla
.lietuve.lt/ Name: __gads
Value: ID=cf2c9252d34a8628:T=1663152368:S=ALNI_MYcf7l17XgDPSpZGMQvUaBh49HtZg
.onaudience.com/ Name: cookie
Value: a88ee0d728760615
.onaudience.com/ Name: done_redirects147
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlCCS4SDRtBBNgFwlfyVRvOOdjFyGPpJ-PEwLeOGBRfJ9NC7QCBNqp5ntIfyDM
.casalemedia.com/ Name: CMID
Value: YyGw8.I3fqf.o.aDcCJbRQAA
.casalemedia.com/ Name: CMPS
Value: 1187
.casalemedia.com/ Name: CMPRO
Value: 1187
lietuve.lt/ Name: cto_bidid
Value: dxTlLl9VRTl3UkNzTFdhNHNWJTJCSjFSYWNTaVJ1TW9DYjBYa1FONW90NEpSY0slMkZEd2xUUDUlMkZZR1pQQkpmaHRPTXNzM1RmJTJGZ3B0TlVsTjdaUlRQT0ZuJTJCTEpYVHclM0QlM0Q
lietuve.lt/ Name: cto_bundle
Value: YjL6719kNDZWTDdQS3kyMzMlMkZGazVHNVZkajlyZk1jTFdUcVhVN0lxRVlKUDFsaXptMUFRZFpUUXhRd2VtY3JBT2psZHZ1ZEdHczcxWXRaaElwZEtIZmFMakx6bnc4UW5oYSUyRjB5U21KREYlMkJDOGNqcTVUb3BESDdnM1dlQlVwOUhJZGZscA
.hit.gemius.pl/ Name: grtb_hc_data_redir_xnjrkiktyj
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In>I>8.u!@wnfH8K6pQK`!5=E<*L5?%M#i*m6A69.#tf!1Q57T10cj%0)q8nH:S``GvI%nugO%v4VB%nmwS*#@6e
.adtriba.com/ Name: atbgdid
Value: 90eb8488-3095-45ea-a273-990ebe550817
.hit.gemius.pl/ Name: Gdyn
Value: KlGthRaGQMQGMaHQCiaPe28issGMw19cL6nxGsRP5SbtGKGGqx15LGlsleX2sbfPgK9caQG.
.yahoo.com/ Name: A3
Value: d=AQABBPOwIWMCEMO3mj4jlPHZRLseIh0SKTsFEgEBAQECI2MrYwAAAAAA_eMAAA&S=AQAAAr76mfZV6pBi4MoLbrZDVUg
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-000ba9d7-46e0-435d-ab76-84641dc39f58-003%22%7D
.yandex.ru/ Name: yuidss
Value: 1972944991663152371
.yandex.ru/ Name: yandexuid
Value: 1972944991663152371
.onaudience.com/ Name: done_redirects104
Value: 1
.casalemedia.com/ Name: CMTS
Value: 5155
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-000ba9d7-46e0-435d-ab76-84641dc39f58-003%22%7D
.ads.avads.net/ Name: av-mid
Value: 93448c8e-3d90-4f45-9e59-3af90ac38fdc
.ads.avads.net/ Name: av-tp-gadx
Value: 1
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.onaudience.com/ Name: done_redirects161
Value: 1
.go.sonobi.com/ Name: HAPLB8S
Value: s85101|YyGxz
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.tribalfusion.com/ Name: ANON_ID
Value: axnseFsKBRgFmDqU7pesjlSjQRfXDbe5ZcJVbDvITS4ahngTl07QUP8InxAEIeay8sKwoY13eeo3JjvsjQaXy
.doubleclick.net/ Name: DSID
Value: NO_DATA
.onaudience.com/ Name: done_redirects68
Value: 1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1220539229211126160
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: 3baef7b8-bd20-494a-45ff-24e694ea19da
.zeotap.com/ Name: zsc
Value: %E7%0Au%C0%14%E5Y%F6%E2%B8Q%B4%AC%DEZd%24%BA%0E%D5Z%DA%1E%B9%9E-%A49B%F9s%3F%F6%8A%1A%E4%E7%8BM%85%10%83%B1K%105%D0%07%C4%89%D75%7B%3D%3B%D1%B1%00%B5O%81%1E6%BCd%D4%09%CF%D0V%18%12%3DM%96%BC%FF%89%CAe%83%C2S
.criteo.com/ Name: uid
Value: c9e2a777-58c3-4d08-92ec-b94e22a8e6a8
.lietuve.lt/ Name: cto_bundle
Value: 37UqlV9kNDZWTDdQS3kyMzMlMkZGazVHNVZkajNBRE82UmNZa3N3VGpnamtjWjNzelFyYTNHSExwYVlKZzBRNUJMNWk4SCUyQm1VTCUyQkdVcDElMkYwVWJqblBpJTJGdDNWQW01bmJxYjUlMkZhS2Y2cW9hTkJYZnV2SjhkYzklMkJYMm8zMnNwcGJ1QURWVkl1Nkh5QlhPVUdzSDJ5VHFUOEJzdFlzdyUzRCUzRA

11 Console Messages

Source Level URL
Text
javascript warning URL: https://lv.adocean.pl/files/js/aomini.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1663152368039/ad.js?id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://lv.adocean.pl/files/js/aomini.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1663152368039/ad.js?id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://lv.adocean.pl/_1663152368039/ad.js?id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://lv.adocean.pl/_1663152368039/ad.js?id=1A02PQzwgmJSkLu6Qcxsq0s1TgDzAls7vVHhM_75k7v.m7/x=1600/y=1200(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://lv.adocean.pl/files/js/aomini.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1663152368878/ad.js?id=7x1bGkm0_JGI3IMBuLxHSSYDzYmFhieS5HtFI2P1YJD.A7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://lv.adocean.pl/files/js/aomini.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1663152368878/ad.js?id=7x1bGkm0_JGI3IMBuLxHSSYDzYmFhieS5HtFI2P1YJD.A7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://lv.adocean.pl/_1663152368878/ad.js?id=7x1bGkm0_JGI3IMBuLxHSSYDzYmFhieS5HtFI2P1YJD.A7/x=1600/y=1200(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://lv.adocean.pl/_1663152368878/ad.js?id=7x1bGkm0_JGI3IMBuLxHSSYDzYmFhieS5HtFI2P1YJD.A7/x=1600/y=1200(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://adlv.hit.gemius.pl/gdejs/xgde.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEHK84v2hZqwJaegEKr2eWhM&google_cver=1&google_push=AehlK4ClqclXn6seI1lgbaVIc9X-VmZUoBixorKFt8CkIkGVgungNk7cXebhDxCcQ-4y7eQNlrHrE6hKa7bq90XCwLBaSdVts38
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
other warning URL: https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02e418e3fcf0d714f96d4466dfe4f978.safeframe.googlesyndication.com
73738159ae6f9d576613740cd01160ba.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
adlv.hit.gemius.pl
ads.avads.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
an.yandex.ru
bidder.criteo.com
c0.wp.com
c1.adform.net
cdn-images.mailchimp.com
cdn.ampproject.org
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
cs.chocolateplatform.com
d.adtriba.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e60a8f91d90f35350aad575eb63c3e51.safeframe.googlesyndication.com
e997a98e7531b5d5668904d495d4a03e.safeframe.googlesyndication.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
lietuve.lt
loada.exelator.com
ls.hit.gemius.pl
lv.adocean.pl
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
node.setupad.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.onprospects.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.wp.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prg.smartadserver.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.tribalfusion.com
s0.2mdn.net
scontent.xx.fbcdn.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
spl.zeotap.com
static.criteo.net
static.xx.fbcdn.net
stats.wp.com
stpd.cloud
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
cs.chocolateplatform.com
104.18.19.126
104.96.145.246
141.94.170.64
141.95.171.140
142.250.185.162
142.250.186.98
143.204.211.232
145.239.237.56
151.101.193.108
159.89.25.223
162.19.138.116
174.137.133.49
178.250.0.157
178.250.2.131
184.51.9.34
185.184.8.90
185.89.210.82
192.0.76.3
192.0.77.2
192.0.77.37
198.47.127.19
198.47.127.22
20.127.253.7
213.19.147.45
23.205.235.133
2606:4700:10::6816:1857
2606:4700:20::681a:9a9
2606:4700:4400::ac40:98f5
2606:4700::6812:1f31
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:1::3
2a02:2638::1c
2a02:6b8::90
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:200::485
2a05:d018:d29:3605:c283:2fe6:5625:9484
35.186.253.211
35.205.207.25
37.157.2.234
37.157.6.253
51.89.9.253
52.213.127.205
52.223.40.198
52.57.145.143
54.38.133.12
54.38.133.13
54.78.254.47
66.155.71.25
69.166.1.12
69.173.144.138
69.173.144.139
79.98.24.93
81.17.55.99
011b4bb76bddaf813bd41cce97dccbbadb9fe1b79b2988cac7dbb23f36eb9302
01b7b52468332193ee8534a48823ad04fede4057eda0fd3ce2fea2ce19682311
01cf16978ff1e926ad96d5fd6b61fe1f0030dc20cf556539e70eb59c72a450e3
02a96eefe88ae712af17f549a6d76f757333449ac02f96a3fff4f41aeccb4a2b
060a3c60456613b7edbfb77793b6ba99e6b304e9fdb92191697e87a59cc8563f
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbc958f25216ff5c2fe09e3acae81c47b34b1308a1899b9f4444b4577bd2204
0bdc6c2f24a20b0ddebd486ca0af6f120723499e0974394092aae44a6931d77c
0c6912ba74857bc22fc15f68df32d294b9832937039097f3276552b879123c96
0ddc6189bb154a5d341e7a1336f88a576398c4ca58d854c013c5d507c47a2db2
112dbb475c3a0ee5f40687883c3cd8038f12909929f829b6604756d933ba9515
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a83a5de49fece7c97b5051633dd23ae674aec75fc4dc3d594ba49b98503eb9
12afc66a0a9d77f1e381aece15081f42d113187ad86540c1efff49cc9debf7ed
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba
17085e5811d34c4604bf98c28a9cd5ee127648d5a90b445eeb40812ba00b43fd
1815abc212fa313bd42aef655cbad79503ac1d7550cf34218b37086833d93ce0
1b56a3ecf80d6775e8eecdbd5c41a6a4f2957298197b1a49e091360ac860352b
1b766a957071fa0a30f3bf548ad2e488253220101e5dbbc770ed4284e60eedc2
1d6490f44a2180305b547c102812f520f01fb334f167db4091c1816b66166b9e
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f59f1c8c09eb960f78efaf7cfbd36b073096be073ca2d17e94a34396cfc8732
239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0
2892bc527442a63136a0f430e44ad52c22cfc881aa72ef0f9e62eb0949ca9f32
2994a5b3813e5cd5a88f7e29cf7fb6d5ac3ea5a63753d582226aeb4179eeb226
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
2c0188b462258e46e5fcd60850a41a52220750f1d99b38704ac7bc484cf5f5df
2c4a38fa45c2d3fded70dbda3f67d0e66524b35d097c166c02133211240e9039
2f4cf528276c96d6ffcd7c395a36a2c59a16bc7c09ad77d6df51d25632f30254
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
327ba76982c904d414809a84e5236d4bb2c0f133a47e013658cc5157a61825e1
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3573919f392ac2bcb14f8d9a7a54972862ce5403ffc24f3d2ccf8078b2b2bd6b
372209265c427d40a8e474047a58a1a33c656840054bb4ca67c085e66ff2fe50
384563e8d6cb2a18d1215bd4b623f6824fdeb1a420a7fb375af7e36a3c5caaab
3914f35e1f13e77bd66a29c0f693e989e4d4d94f833568fe4aab6bf59519eae0
3b40b457fa316cee42f8a4bc97d77182cc54120e33ffbb8a812c05836501134a
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e271466769107f5c1fb0ec1d746f46bd0c18568b11125b2066d55858b4693cb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f046144ca19df3580d195a7e673bc6a063924bb58f58338074f936706172d68
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe826d3b105b8558932cf3aa8d4cc018238922b3a1225085b8038be65c92920
418720f4dddadc084dd316dcb345d635e11ba8bead2b808a7584c385f4db621b
41c08fe1cc310413c47b92fe80cf0b7b037e1399248864a1e3f7b70e31ce58a8
446eaa241abd1a6af539238206e88de5232269acb075c6d0df50ffbeeb4c3634
44cffc94cb364b79acb8c8853493c086f98ba8d5908240daf76a77d7406362c1
45b9df9659539bdcaeacc65559d3896090869390545df90eb03d93fb0b653284
45e0199fe18da673e2bcf9027a4a1e61e29acf4c530300c2ffa05625b7d2ca86
463a92b745ad1310499eb3dde1be66a85769eae8884457da36b8f17e328bdc6a
476756d5ca23f4bc0086789ce0af7a810be71053bbfa8ea98aed92cc14f123dc
4831f38d5033e932ef3b079d240c86ffa99b3efa45e5f2a14ed3d1f4d1c3b3be
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d02ce772a433f97149033b7a23a53f19f2f782e478542daa0edb11d8a33822e
4d11c6103eeb89ac4e6005d2d91eca609e8380066e4584d81c922991ee7858ab
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50abfad217fbf30268524053fb021b78fb176178f905330218a830457611f8f8
528a4379fb72ed34757db4ae9a47c36bc0d9d87bf45fc8a967b78b606875936e
53981f4a044f50a6ba4c7e0bd57bd690a4a0c77d291eafc9a7dc93a5652c8ab7
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d73a76b02be68b86b799ecee2ca9fcddc53c998ed6aad824a4c24ad780ad00
55e41405887dd81ee72cd2556451ce167aa273704b681c1c8a35087853982984
5639a8a45f34fb980687b4f454a829020f58cc9a7c4d7dfe4b97877e3614adda
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
569a62600e351655bc75ed0abf16aafc17fdfd157d33c0faa0dff86134ceac14
570a4964629f982285ef5282d47767738b4ef2f75cb8bad8ccfc206683ee1d0d
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5c117756eff62b25c372a1640fcfab7fd7d12f91952106904395b01db8ed45f2
5c80ecd9fdf0080a4d3933c8f981e8bbddf8e5789a724a87c02a65551e634e57
5c921dd505208dbd48a8d2128623c4694959b867a6b504681a207d99f26a64f6
5d6d3933c5bad83e6337d5405bb8afe724adcd2fd10ce0cba2500d200e4501d8
5eebd30688871300be00a899f8c5b7b712cc53e6a387ba845b42ebeb5a43d075
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bfe96608d6082c4bd73bd9447fdcfdfcad6d511c2a3aa6d3a29db0192a21ad
6497aec81a8d7670b28cea8fd6280be810aea4d3aea7af70600f8efbd4dd0443
64d83f2cf47e64ad5d4249a16ee4bab02cc013419d67bfd2e82ef70ceab3787e
65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c
659e88497037086f548b785858e67802177b50f906e65ab77c6985841b370cf9
67596f497ba9670488a07493b079a6c8d32fb1714209db992e1e32a99c4dffe5
67b17f24edc7b746e7b869c1c33dcd2579ddd1fb7233933db68fc121a476fa3b
6833f7524e9ca01f3d6bc9a0ebbaf5fcc75f54dc5455de86eed6580f6f583342
68657b686df24fedc30a87028a7e6a170d7fe2a1b35f2bcd8edc7043963d0b5b
689061066181e2f80c455652eb892d5f2753f4efe880ac9b8924e305f1952f4c
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd2d40878b8a89bc5977d06ebe683b83abec08349a18d6f0ba90967e38e00de
6dae6a08b6d2db1efbdfcfbc27d5dcae149b030ba1b06e6d26c919859140f37d
6ddd1c9e9f689d874d351462d18a150c684dc34ee3df10b835b83bb7b5aeb1f2
6e8f320001043d25cee9307e2a38431a7fc4d291a5d331588512a3564d5daecb
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f1f32d0bd089378c8ded8228932717c214ddc68a27bc29a7ed0b66616de2cb9
7094a81ef2b16a9b0310d0114fbebbdf1fef4ddbbf2a51cc0e6caed1a0959a8b
727ea7aefe3333baec576164b879c38f9d15f44af003d17256844a1e87b0e651
74751c0383ff6ab43553507c9c8d4ec3c1a6e9a377607e4f6d34319f081442c8
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
768e56d3130af428cd093ef451cdcac4d03ef6ee396ff287f7ee84d66bd2592e
7772a9cc35fc902c0cccb8871670ec3e45e4695e1bc6941aee1c24db3de8c544
77b00128314563f17a2336ed40c15b66a4e9fd90a003817019c64a29b442dfb6
787de955506bd790b41dcd02ce5373e6af928ed6df780c4dbef9543986903bcc
78f43937cbfadf75797f408ea3c6b3bf8512baeee7d2ebd37eb79cf60cb9b92b
7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0
7c5fafbe995daaf1b8f09dc7e0351108ed2f37d2576a5cf6911f9b7ad7d88dd6
7dfbcbb4f7479195a4bb3c01f9a874558ae617ae0b78292e995ea35bef1268cb
7ea0d367bd8a44a1ba91458ff3876a739617284679814066b7aa4dfa606682d9
80702bedda0b91505e577275e4dbcf7f0514e80dba5750c9fd8c44835f6983aa
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82e1c00b8956ccb9fe77f34f93763f2b8a06048a464d8d864c8d0793a90b46de
85619967d3c3feb4b5cf24f66d85827d73343a09dae5b094f9d0013ac99fa0fc
86dfb1b4a7767dce186de18597e84a8c681db225cc4e58dd732e3bcb98d55765
87a1e596f199db04c5e3fdacc5161c7f1a33af489f23710038eb2980c0068791
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b30f4aa1dbb3b8d8a775a6b71fa3bb7065bf18ec2d49fd76bdb3cee042a99ac
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea3f1ebaa01dc1e35a028505a6b58d28079b1583db379c8a331656dcbdba121
903b98f60fdcc790e20dd7d3ceac0122eee7a4eba627c7174e089d83f5268a87
90fba818a6c53b75ab92e88930addc2485653a21011aca979af5afdfdf5cfdfa
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d
93801aefac3062d75c329076fbe8a9ace209d8deeb8a5a19056101f66ffc0d96
94a46f3f81bc18d32cb36f09ad3ca7d363976c94461269c530879edea4355fc9
94ebd06f657221747bf9027f15436042fb0b3772d60dca9cd0385183f86afa8d
950c8a54f9edebaed76a9814e6bfa023b6c829d1888abf8f2aae4e8463b78bca
960b49393b978f14d8278dc6f22f209b98a17c445ee4481360b58274fef296e4
9639a7d49e0b517f9ab9b0961250704a3c5d91778edff024610a58412b4e4003
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
97fa6802645b7673240fd33eab61c7e655fdb3e4550d61a39771c6375ac2b567
98a2bc2afc0f4cab2b795ad4073bcb8fb4093f2ef1df15ea4f616864416bc7a9
98ec4e9803a519d96819f48233f1f7ecdb235cd49d6f10334427d3e1f311be1b
9a31483b3b13f51ca951f20ca14d676d310e10a07d904c55140fff5ef28c0b5f
9a6e90e07079e6f43246e28bcf6844bff3086c5abf26bc9aacdf7077dda51b7f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c5e991424b687398a8c0583448194e5863f4343c1e0d00aecba3417f8ad977c
9dbe6ce4aae277290a6e091136f41bcd3920ae845c7e35d9d75ca54c83efbc45
9e712845e4270c8a710a9c3564807a29239c2d8c8a71495afe621dd2e2fe2742
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1dfcc879ef92644656dadc5b9877e2337abfcc3571305431154e8cfac2635e2
a46978057caecf7869ff05b174b9499144990c93aba89dea5c5e38b3fe0b2c97
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a2c36037b3c2276080c888a413d26c60e9f75b78c4572376f5c58bcc8f2eb9
a675ecfef5937c8c45a95db9566e42c79e8058b554901336974c399d6b53bbe9
a6882ad030ecd8bc48be3f669ac86b918ac8a3cd5ac67b3ee9073b434534a616
a6b5b4b9e98ec3cb384ede6172edb51369894bd025d43cd75b0705d16fd9db48
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8b9cda04b83491b1df5991aadad795a01e9bd43c7860a0b48fd1e66ceee6cd0
a957d85b13842f9c53f551ac2e1f891562e588b14892b9384a6b0f6e1f9d59c1
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
ad6759dafb2de6908f3c99bcc7be0a6f532aa06c4fb0ce7444e10e31737c8bb7
adae6c861023c207a189500af599c0c08c5d976b0cad56fa8ad300c3a2d4f737
ae7613b0da5da3c2a8f067c8b168b590a92c7ea2aa53f70d6bb605c0f7fa2e0a
af0caa01b464fc3e202959e5a37835f48ad10bd111695da0d515752e66d75ee9
b0683c55aea856e704c6086b70866c67638b162672206b1cab86ab8e83ecc758
b083d6f8e252a0b4517aba24b98ef64c736edf01fbe64bfa3cf5d754d475e512
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b493982fa778ec6d5366ffd5b0b110e86eae07905f5858b2c913badfa7bfec6b
b5c94150ba857f8ccc4e83830902c699858306936b7866cf6633ba2dc4a1350a
b6d266a12afb3d1fa2f9ec42c0ea3093d524329853d6fe3f60271570324d2c06
b77aa1d89ad2cfc3ff7d407fa9922c4fb72fe850ae10d0e9e2777ce6c075b3f8
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c291e092938245b3f0a7b4507fab2bc50d2dfc042d741e64094c9784a5856609
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e
c3f2f4c71e31b6c7b2b7a98738c8586e604470a70a46f03ef5ad1f263dc7e117
c4c51d26dde262135004cb84ec6ebd43f15db6271ca5f01192e89a768a8fa625
c6e4a4ca9ccedaeb7e38f10e9558a2800c36a3f801bae12866c4d7faa29bb3d9
c8e5cb4622ceb7bf2f66fb95e90ed664e4f731c63fa60f65741edff9339f314f
ca7f7f2f1530f32622fc0c76791f400659a18bf740f4ccf34be404d923a0f4fb
cf04ee234ec9c129b8aa472461a540e05b61f0e7f086886254da19d754f5307b
cf2d49f967e0112be0eb0cab4103cdec4cbf10f49810197750ecea6fbe2ba116
cf5477f7c95dbc72d95dc48406365be84b2c1a2e3d6298d83e39d829e13e770b
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d15adaffa7a20f7ee00576e77b4480ffcdb867e973971d4bd1552839ec52e187
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d75168ada46f76ea6f5cc172689bfa7f0c2f5bf2e39a0d919a86d04f84423439
d7994b4c7055c1dbba3b5b88309fcd1327a08f3412ff73d5633cb3b842a156f6
d7eef9ae4017d9884be7470846ba1fc44c65cd68308a99d71b1cfd3140492433
da718d7601a9e3602db664d501bd5482b1d82eee3fd86bc5529153a097dcbd1c
db6a5239daed262752f4827b0847b67861ca37c57ce667fafbd0c81e656dc552
dba21b69260b204a0ea685b1388df50b9c490e8db990610b08499aef93a72f39
dd50c997c969398418d1f70669723e525890a6ffd247a5d88b89c5c498fb8813
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e280f2744f969aa0567a1eb54a550f8b01fdb30912c27c107e02370bef9e4793
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e410671658d1dc6f18d8bb5750b4099bd16eff40d2f57ac64a367c0ae27e4928
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e552831c2a6cfbb4023cf138e70b380ddb9b0fe7fc5feeb650f1269100ca4a8c
e55699e730420da8f05924b777bbafdf50a2835bb1ce1caaa0af58982ec18edc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8eb7597ea2cb171bc71728ac4bcbfaa6e6a593cd8e6052ba57c04fc8257c5d1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e98502e3e7adbddfb9fff9a3881f36c39d5e5b4caf01d71ac61bbef2451a2800
ebfe3f6b2fe8c0786e86d8b2500a1d7d18f1663fa45834068048575935270ca2
ec19652ecb15c7d4f59dc1f468153a2930925ce1afd91eeea2a32678e8d3bff4
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ed8bc401223498cb5cbece1c38e9f97d3aa9c6a8dbbed8375d870fdcccf25f00
ed9f516a4a2039eef0f8aa0917caeb7f6d3848398aedde89e4f50ea16b7e5d27
ee33c1144d2d208e896638002a5f1952e3d4131c82d7ae823c56501c81088990
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f1653d72fe42595be9f469fb0402c45b98c2271b2b29ff84946345d9234743
f16ec8b6c7da07262b075a8375aceed1157febca6718b8bbddd6933666bdb499
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5f9232fc68d713c7fa16411df67bbc87d33fff96e448c1534da03d1df5cd503
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75e769fb4e38960636da68f9cb25ba809c85d0e1e0f27b4e16a19a6774fa7b7
fa28d88ec5b610ae207e4fd400dd87194ad609bd258f35ec2fbd963d99153e04
fb543f247093086bdc9ec9f0af8fae74fe2f76b1d13139cad570902beb0ff477
fd1400d388e98cc3ea4a42a142e8c2b56d7a2262e3cbe01cb606780c6c7b705e
fe4ab65ab82cc6ddedba1303167ee5ff1907b453b65efe73c4bd55e8ea896aea
ff75fb53381a8dfb564b4158ef6b07e4c55c8901eedfd7c9fb5692fb39ca72b4