urlscan.io logo urlscan.io
SecurityTrails logo

www.grokiskis.lt Open in urlscan Pro
172.67.128.141  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Submission: On October 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 10 countries across 48 domains to perform 385 HTTP transactions. The main IP is 172.67.128.141, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.grokiskis.lt.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.
This is the only time www.grokiskis.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
116 172.67.128.141 13335 (CLOUDFLAR...)
3 172.217.23.106 15169 (GOOGLE)
1 142.250.181.232 15169 (GOOGLE)
30 142.250.186.66 15169 (GOOGLE)
17 142.250.181.226 15169 (GOOGLE)
1 172.66.43.3 13335 (CLOUDFLAR...)
1 5 142.250.185.206 15169 (GOOGLE)
15 172.217.18.110 15169 (GOOGLE)
14 142.250.185.67 15169 (GOOGLE)
2 185.60.216.19 32934 (FACEBOOK)
1 11 142.250.184.194 15169 (GOOGLE)
2 173.194.76.157 15169 (GOOGLE)
4 178.250.0.157 44788 (ASN-CRITE...)
2 104.18.15.161 13335 (CLOUDFLAR...)
1 54.36.109.49 16276 (OVH)
6 142.250.186.100 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
4 104.26.8.178 13335 (CLOUDFLAR...)
5 37.157.6.252 198622 (ADFORM)
3 185.184.8.65 204995 (RTB-HOUSE...)
3 2.21.111.28 16625 (AKAMAI-AS)
3 178.250.0.165 44788 (ASN-CRITE...)
3 9 37.252.173.215 29990 (ASN-APPNEX)
4 185.86.138.122 201081 (SMARTADSE...)
1 4 79.137.68.143 16276 (OVH)
2 4 185.60.216.35 32934 (FACEBOOK)
5 142.250.186.97 15169 (GOOGLE)
2 178.250.0.130 44788 (ASN-CRITE...)
1 146.59.30.108 16276 (OVH)
18 142.250.185.65 15169 (GOOGLE)
12 2.21.143.187 16625 (AKAMAI-AS)
2 172.217.18.106 15169 (GOOGLE)
6 34 142.250.185.162 15169 (GOOGLE)
6 18 2.18.234.21 16625 (AKAMAI-AS)
12 213.254.244.22 3257 (GTT-BACKB...)
4 142.250.191.163 15169 (GOOGLE)
1 74.125.206.157 15169 (GOOGLE)
2 74.125.160.231 15169 (GOOGLE)
1 13.248.242.197 16509 (AMAZON-02)
2 2 66.155.71.150 13768 (COGECO-PEER1)
2 2 18.66.112.34 16509 (AMAZON-02)
2 34.255.50.161 16509 (AMAZON-02)
2 2 2.18.235.93 16625 (AKAMAI-AS)
1 174.137.133.49 27257 (WEBAIR-IN...)
2 142.250.181.230 15169 (GOOGLE)
4 159.89.25.223 14061 (DIGITALOC...)
2 2 193.232.148.151 48061 (UMA-TECH-AS)
1 1 31.172.81.159 44066 (DE-FIRSTC...)
2 2 124.146.215.47 2514 (INFOSPHER...)
2 2 3.126.56.137 16509 (AMAZON-02)
2 2 139.162.78.222 63949 (LINODE-AP...)
1 1 80.64.106.147 20764 (RASCOM-AS...)
1 178.162.133.149 60781 (LEASEWEB-...)
2 2 217.66.147.170 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 37.9.245.57 16345 (BEE-AS Ru...)
3 142.250.186.130 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
1 18.192.155.173 16509 (AMAZON-02)
2 2 35.244.159.8 15169 (GOOGLE)
3 2.21.141.148 16625 (AKAMAI-AS)
385 49
116    172.67.128.141 (United States)

ASN13335 (CLOUDFLARENET, US)
www.grokiskis.lt
grokiskis.lt
3    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f10.1e100.net
fonts.googleapis.com
1    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
30    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
17    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
www.googletagservices.com
1    172.66.43.3 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
5    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.google-analytics.com
gcdn.2mdn.net
15    172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f14.1e100.net
fundingchoicesmessages.google.com
14    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
2    185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
11    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads.g.doubleclick.net
2    173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net
stats.g.doubleclick.net
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    104.18.15.161 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    54.36.109.49 (France)

ASN16276 (OVH, FR)
PTR: p04.id5-sync.com
id5-sync.com
6    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
adservice.google.com
4    104.26.8.178 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
5    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
adx.adform.net
3    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
3    2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
3    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
9    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
4    79.137.68.143 (France)

ASN16276 (OVH, FR)
PTR: ltx2.host.hit.gemius.pl
galt.hit.gemius.pl
4    185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
www.facebook.com
5    142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
2    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu
ls.hit.gemius.pl
18    142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net
tpc.googlesyndication.com
12    2.21.143.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-187.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
cdn3.doubleverify.com
2    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f106.1e100.net
imasdk.googleapis.com
34    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
18    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
12    213.254.244.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
rtb0.doubleverify.com
tps20519.doubleverify.com
tps20513.doubleverify.com
4    142.250.191.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ord38s30-in-f3.1e100.net
csi.gstatic.com
1    74.125.206.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
bid.g.doubleclick.net
2    74.125.160.231 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s15-in-f7.1e100.net
r2---sn-4g5lzne6.c.2mdn.net
1    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    18.66.112.34 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    34.255.50.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-50-161.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
cs.media.net
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.torchad.com
2    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
s0.2mdn.net
4    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
2    193.232.148.151 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp12.sender.ltmse.com
px.adhigh.net
1    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
2    124.146.215.47 (Toshima, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    139.162.78.222 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com
a.c.appier.net
1    80.64.106.147 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru
google-sync.rutarget.ru
1    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    217.66.147.170 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-170-147-66-217.spbmts.ru
sm.rtb.mts.ru
1    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)
google.ops.beeline.ru
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
ade.googlesyndication.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
1    18.192.155.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-155-173.eu-central-1.compute.amazonaws.com
d.agkn.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
3    2.21.141.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-148.deploy.static.akamaitechnologies.com
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
116 grokiskis.lt
www.grokiskis.lt
grokiskis.lt
3 MB
56 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
bid.g.doubleclick.net
googleads4.g.doubleclick.net
253 KB
56 googlesyndication.com
pagead2.googlesyndication.com
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
456 KB
24 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb0.doubleverify.com
tps20519.doubleverify.com
tps20513.doubleverify.com
86 KB
23 google.com
fundingchoicesmessages.google.com
www.google.com
adservice.google.com
116 KB
18 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
9 KB
18 gstatic.com
fonts.gstatic.com
csi.gstatic.com
280 KB
12 adnxs.com
ib.adnxs.com
acdn.adnxs.com
59 KB
9 googletagservices.com
www.googletagservices.com
171 KB
7 criteo.com
gum.criteo.com
bidder.criteo.com
7 KB
5 2mdn.net
gcdn.2mdn.net
r2---sn-4g5lzne6.c.2mdn.net
s0.2mdn.net
2 KB
5 gemius.pl
galt.hit.gemius.pl
ls.hit.gemius.pl
15 KB
5 adform.net
adx.adform.net
2 KB
5 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
130 KB
4 setupad.com
node.setupad.com
833 B
4 facebook.com
www.facebook.com
2 KB
4 smartadserver.com
prg.smartadserver.com
7 KB
4 setupad.net
prebid-stag.setupad.net
2 KB
4 google-analytics.com
www.google-analytics.com
20 KB
3 indexww.com
js-sec.indexww.com
4 KB
3 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
2 KB
3 creativecdn.com
prebid-eu.creativecdn.com
534 B
2 openx.net
us-u.openx.net
665 B
2 pubmatic.com
image6.pubmatic.com
1 KB
2 appier.net
a.c.appier.net
1 KB
2 yahoo.com
ups.analytics.yahoo.com
2 KB
2 socdm.com
tg.socdm.com
2 KB
2 adhigh.net
px.adhigh.net
958 B
2 media.net
cs.media.net
2 KB
2 yieldmo.com
ads.yieldmo.com
69 B
2 smaato.net
s.ad.smaato.net
878 B
2 sitescout.com
pixel-sync.sitescout.com
977 B
2 criteo.net
static.criteo.net
54 KB
2 4dex.io
script.4dex.io
23 KB
2 facebook.net
connect.facebook.net
78 KB
1 agkn.com
d.agkn.com
660 B
1 beeline.ru
google.ops.beeline.ru
762 B
1 adition.com
dsp.adfarm1.adition.com
583 B
1 sonobi.com
sync.go.sonobi.com
474 B
1 rutarget.ru
google-sync.rutarget.ru
579 B
1 sniperlog.ru
sync3.sniperlog.ru
676 B
1 torchad.com
rtb2-useast.torchad.com
233 B
1 adsrvr.org
match.adsrvr.org
265 B
1 googleadservices.com
partner.googleadservices.com
442 B
1 id5-sync.com
id5-sync.com
534 B
1 stpd.cloud
stpd.cloud
200 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
0 wbtrk.net Failed
um.wbtrk.net Failed
385 48
Domain Requested by
115 www.grokiskis.lt www.grokiskis.lt
34 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
30 pagead2.googlesyndication.com www.grokiskis.lt
pagead2.googlesyndication.com
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
18 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
15 fundingchoicesmessages.google.com www.grokiskis.lt
securepubads.g.doubleclick.net
14 fonts.gstatic.com fonts.googleapis.com
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
11 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
www.grokiskis.lt
9 www.googletagservices.com eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
9 cdn.doubleverify.com eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
cdn.doubleverify.com
www.grokiskis.lt
9 ib.adnxs.com 3 redirects stpd.cloud
acdn.adnxs.com
7 securepubads.g.doubleclick.net www.grokiskis.lt
securepubads.g.doubleclick.net
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
6 tps20519.doubleverify.com cdn.doubleverify.com
6 www.google.com www.grokiskis.lt
tpc.googlesyndication.com
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
5 eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 adx.adform.net stpd.cloud
4 node.setupad.com stpd.cloud
4 csi.gstatic.com imasdk.googleapis.com
4 www.facebook.com 2 redirects connect.facebook.net
4 galt.hit.gemius.pl 1 redirects www.grokiskis.lt
galt.hit.gemius.pl
4 prg.smartadserver.com stpd.cloud
4 prebid-stag.setupad.net stpd.cloud
4 gum.criteo.com stpd.cloud
static.criteo.net
gum.criteo.com
4 www.google-analytics.com www.grokiskis.lt
www.google-analytics.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
3 acdn.adnxs.com stpd.cloud
3 js-sec.indexww.com stpd.cloud
3 ade.googlesyndication.com
3 tps20513.doubleverify.com cdn.doubleverify.com
3 rtb0.doubleverify.com cdn.doubleverify.com
3 cdn3.doubleverify.com cdn.doubleverify.com
3 bidder.criteo.com stpd.cloud
3 htlb.casalemedia.com stpd.cloud
3 prebid-eu.creativecdn.com stpd.cloud
3 fonts.googleapis.com www.grokiskis.lt
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
2 us-u.openx.net 2 redirects
2 image6.pubmatic.com 2 redirects
2 sm.rtb.mts.ru 2 redirects
2 a.c.appier.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 tg.socdm.com 2 redirects
2 px.adhigh.net 2 redirects
2 s0.2mdn.net eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
2 cs.media.net 2 redirects
2 ads.yieldmo.com eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
2 s.ad.smaato.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 r2---sn-4g5lzne6.c.2mdn.net eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
2 imasdk.googleapis.com eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
2 static.criteo.net stpd.cloud
static.criteo.net
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 script.4dex.io stpd.cloud
script.4dex.io
2 stats.g.doubleclick.net www.google-analytics.com
2 connect.facebook.net www.grokiskis.lt
connect.facebook.net
1 d.agkn.com
1 googleads4.g.doubleclick.net
1 google.ops.beeline.ru 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 tech.rtb.mts.ru 1 redirects
1 sync.go.sonobi.com eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
1 google-sync.rutarget.ru 1 redirects
1 sync3.sniperlog.ru 1 redirects
1 rtb2-useast.torchad.com eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
1 match.adsrvr.org eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 ls.hit.gemius.pl galt.hit.gemius.pl
1 partner.googleadservices.com pagead2.googlesyndication.com
1 id5-sync.com stpd.cloud
1 stpd.cloud www.grokiskis.lt
1 grokiskis.lt www.grokiskis.lt
1 www.googletagmanager.com www.grokiskis.lt
0 um.wbtrk.net Failed eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
385 73

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
pigu.lt
twitter.com
pinterest.com
api.whatsapp.com
telegram.me
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-29 -
2022-06-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-09-21 -
2021-11-30		 2 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.torchad.com
AlphaSSL CA - SHA256 - G2		 2021-09-20 -
2022-10-22		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
node.setupad.com
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh

This page contains 40 frames:

Primary Page: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Frame ID: D41044823CF871B9D412090287DBFEC2
Requests: 210 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: BCA0456760A3BE0870821A8F19F36C8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4966801959205189&output=html&adk=1812271804&adf=3025194257&lmt=1633174682&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633178509241&bpp=3&bdt=814&idt=294&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6662075095076&frm=20&pv=2&ga_vid=59639036.1633178509&ga_sid=1633178510&ga_hid=1692123377&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062945&oid=2&pvsid=4006835641361368&pem=805&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
Frame ID: DC806082EF0160E9D21FAA6F65D5FD7A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3503b905827954%2526domain%253Dwww.grokiskis.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.grokiskis.lt%25252Ff248dd001144ef8%2526relation%253Dparent.parent%26container_width%3D728%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgrokiskis%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
Frame ID: 8EA1DE0FBF7FEFE9F5A5F841DEDCC4FD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a3448fb4aecb%2526domain%253Dwww.grokiskis.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.grokiskis.lt%25252Ff248dd001144ef8%2526relation%253Dparent.parent%26container_width%3D301%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgrokiskis%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
Frame ID: 8E5EE188AE23DD15CA38F38095EBE647
Requests: 1 HTTP requests in this frame

Frame: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 16368C3C287D12A69FCED873A1954542
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 79039C6D268E3C35D14270F1AD00719F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.grokiskis.lt&gdpr=0&gdpr_consent=
Frame ID: 2C449470636BC1BD4C3932D7EADF287A
Requests: 2 HTTP requests in this frame

Frame: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 03C6B6FBA563FF82F4D1CF89E7D9508F
Requests: 18 HTTP requests in this frame

Frame: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1F146F091FF7FE19C66335E19D61D9A8
Requests: 19 HTTP requests in this frame

Frame: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A43F990A1A9CBBE876D75902A09C493
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2B6E9F970792E893830DDA111BDC3CE5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE1C7068779A365947AAA0A198A51C2C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNU92vIJv6K5uk6vP-Nz1yO2jRJsWXffF3LZQzKEDQJzsCpBy4wlv1WrfEr7i3bwegrk-jDilevvZLWJRvJwXgJEbX8KKswx1sobYcvZCgzJv5_fNtI
Frame ID: 2C9CAE43A4CB157B814EC9C86D3CAA9F
Requests: 5 HTTP requests in this frame

Frame: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A5DEE139CEDCE3CFB18A807D36C94A1
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNXdFZAE-sEQmBV3njIkq5n6j3oOsK3DtIpnTMxrZsHvXbM21End6FguC1Odkr2pIc2gP9-aaxfiP6RKDUW5ISQbSK1uwV0hufWdPT4Bv0sNOKsM8LY
Frame ID: B51C4A4585561661749A578F8DDC8997
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNWe36q919XGADoKrB8mIIKLZhqaPsvhZ-vD4t3FSuoH6HM-rapxC-7yXvau24lSDmcZeH1pUgWve0KVKDceatgNKEh13KVw-rdZrS7h62KqsuWk_a8
Frame ID: 9BF48695BAC783DEE970378909B2603D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D0631FE9CE401C5DC3176A3503175D6D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA07D7FEC69ED9B342085ED242C23B08
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8529F32A2ED89457C19F14FFEB54E186
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 17F810831A1C94DB2377A2F1757F1ECF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 99799D78A427BD900B57F032F9423458
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: B008F772E69839FD3C346BFCBCD7201A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: FB40C1628121B88966678629AEAFAEAF
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: FDA8A71DF80989378E82AA712EAD2413
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 6BDF652CB6D7B48A5DBADC926FAF4B47
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DAB79796301CAF9A85DD83784199494E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 70FD2492535D5CDA2FF0DE38E67C3A7F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 68CD07996C289B31F93F3CA3C3AB159E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0977ADBBE3A0EB3FDF36594D57E4ABA8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4929DB2FA811DDAF8818626F852AAD34
Requests: 9 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A31A07A3677CA900D7DFCE1EC46D0D1D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D5C8661ED4C1DF2F710576EEB3FFD40B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8D92C596B712BFB7EC0BAF757F7FBA55
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DAC46581B6B95B51E6DB4C38EB3E317D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2187AA625DAB1FC61251595CE8266462
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3534B2C09A8EC1219F145A1BC47ABDC7
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.grokiskis.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5265B9B8DD28ECB42EDC40F0CCEB416F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.grokiskis.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2827AF9027AD637867869BAB2EEF2AD6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.grokiskis.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C5D2B20DDD92356E9402FB89006E5381
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Populiariausios dovanos vyrams pagal jų laisvalaikį: ką pasirinkti? - Gimtasis Rokiškis

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

385
Requests

99 %
HTTPS

0 %
IPv6

48
Domains

73
Subdomains

49
IPs

10
Countries

5040 kB
Transfer

14104 kB
Size

60
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 171
  • https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=161777944003932&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3503b905827954%26domain%3Dwww.grokiskis.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.grokiskis.lt%252Ff248dd001144ef8%26relation%3Dparent.parent&container_width=728&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgrokiskis%2F&locale=lt_LT&sdk=joey&show_facepile=true&small_header=true HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3503b905827954%2526domain%253Dwww.grokiskis.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.grokiskis.lt%25252Ff248dd001144ef8%2526relation%253Dparent.parent%26container_width%3D728%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgrokiskis%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
Request Chain 172
  • https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=161777944003932&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a3448fb4aecb%26domain%3Dwww.grokiskis.lt%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.grokiskis.lt%252Ff248dd001144ef8%26relation%3Dparent.parent&container_width=301&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgrokiskis%2F&locale=lt_LT&sdk=joey&show_facepile=true&small_header=true HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a3448fb4aecb%2526domain%253Dwww.grokiskis.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.grokiskis.lt%25252Ff248dd001144ef8%2526relation%253Dparent.parent%26container_width%3D301%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgrokiskis%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
Request Chain 199
  • https://galt.hit.gemius.pl/_1633178510246/rexdot.js?l=100&id=bQcwtEuR56COrLZk9d.SUZR7fSuiWWLQw5..4S2N.tv.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=117&lsdata=CeXHAO5MpZsj0SEe68mlqVkZAnxrquD3l946azIxLMj.Q7X07jl3U05wVImCwVD4d7AIVVVDKboNB__qPizRqWKia98R/2Ah3ipIQKtm6n/&fpdata=qEdhPsCRrduhiDuZsaIV6cGkC9IIaK1wwERdg2DSC5H.b7&vis=1&fpcap= HTTP 301
  • https://galt.hit.gemius.pl/__/_1633178510246/rexdot.js?l=100&id=bQcwtEuR56COrLZk9d.SUZR7fSuiWWLQw5..4S2N.tv.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=117&lsdata=CeXHAO5MpZsj0SEe68mlqVkZAnxrquD3l946azIxLMj.Q7X07jl3U05wVImCwVD4d7AIVVVDKboNB__qPizRqWKia98R/2Ah3ipIQKtm6n/&fpdata=qEdhPsCRrduhiDuZsaIV6cGkC9IIaK1wwERdg2DSC5H.b7&vis=1&fpcap=
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Request Chain 255
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVhTj7DDsACPtxUdvJtxxwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Request Chain 257
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Request Chain 259
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVhTj7DDsACPtxUdvJtxxwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Request Chain 261
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Request Chain 263
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVhTj7DDsACPtxUdvJtxxwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Request Chain 265
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
Request Chain 305
  • https://gcdn.2mdn.net/videoplayback/id/5b443c75f29a4b7e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3775070506/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6BBF3A77EEFBC5D73CA109263E8FEF25C79CD044.8F79885F911C2FAC40A96E067975DB3E58941389/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/5b443c75f29a4b7e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3775070506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/12527374689BDA39269858982D92C68C51759FA7.3F2F36866577EE87074010EBDAF556FC482ED23A/key/cms1/cms_redirect/yes/mh/on/mip/216.131.114.132/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1633177947/mv/m/mvi/2/pl/24/file/file.mp4
Request Chain 308
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAuUUGmD-I801wjoTPVj9BU&google_cver=1&google_push=AYg5qPLDmnpEEBHcGo-bf0WdG9GztYfpH4cO4atspcV5O9WYh-79TRxpGnWaO5dabxlY9B0gt1dOMfR8-u-rDZOp_q_6ohm-rY8 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEAuUUGmD-I801wjoTPVj9BU&google_cver=1&google_push=AYg5qPLDmnpEEBHcGo-bf0WdG9GztYfpH4cO4atspcV5O9WYh-79TRxpGnWaO5dabxlY9B0gt1dOMfR8-u-rDZOp_q_6ohm-rY8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=iqYzdncqRbiN1YVejaYO-mFYU48
Request Chain 309
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOJ87C3NhIzgOoxrlCLCWQY&google_cver=1&google_push=AYg5qPL4dSU8sL35jMi1umpJ8-7UEH1wxJRNfouFNdjJS195Op5MTJ_tfVSbkrxOTPAowHCmGqqFANFuzCJQl92igOiD-j_A_fU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL4dSU8sL35jMi1umpJ8-7UEH1wxJRNfouFNdjJS195Op5MTJ_tfVSbkrxOTPAowHCmGqqFANFuzCJQl92igOiD-j_A_fU
Request Chain 311
  • https://cs.media.net/cksync?type=g&google_gid=CAESEC97ZTc8G4ydSqPthoeC_oU&google_cver=1&google_push=AYg5qPKJ30GQWxAmshwl7UbilmQ6Gr_rvlUFpP7shM4QqxC-MC8-hJQ6DGAJco4p41BVa26Dl0C5VMxQG_k44UaDfqbJTlJugfk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&mn_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKJ30GQWxAmshwl7UbilmQ6Gr_rvlUFpP7shM4QqxC-MC8-hJQ6DGAJco4p41BVa26Dl0C5VMxQG_k44UaDfqbJTlJugfk&gdpr=&gdpr_consent=
Request Chain 329
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEPeVcTqtoXtiiHQo2wEAyik&google_cver=1&google_push=AYg5qPIIcYMFLWX9zUIUPnyNchH0HSacsphQcScUotK1h6ImZQFPKQ8TJ98NEniXbA3xBplEeyrq7houI1pT530OglLa9AUGPw HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEPeVcTqtoXtiiHQo2wEAyik&google_cver=1&google_push=AYg5qPIIcYMFLWX9zUIUPnyNchH0HSacsphQcScUotK1h6ImZQFPKQ8TJ98NEniXbA3xBplEeyrq7houI1pT530OglLa9AUGPw&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIIcYMFLWX9zUIUPnyNchH0HSacsphQcScUotK1h6ImZQFPKQ8TJ98NEniXbA3xBplEeyrq7houI1pT530OglLa9AUGPw&google_hm=bBPwopj_D0EAAikABlF8QQZrHQ%3D%3D
Request Chain 330
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEJwk7XBn9oDlv6zrTFih_C8&google_cver=1&google_push=AYg5qPIk4yVYBmk8GSM0tFVT10Al0RK--o-DzcVXo4vOOcHH6swMEzbgn4H5qRzBnIYhz7wEi_OuthAzlViWhBuf2dXvS_p08CA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPIk4yVYBmk8GSM0tFVT10Al0RK--o-DzcVXo4vOOcHH6swMEzbgn4H5qRzBnIYhz7wEi_OuthAzlViWhBuf2dXvS_p08CA
Request Chain 331
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g&google_cver=1&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g
Request Chain 332
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIVOJJHqt9vjdhlQ4pBjg-k&google_cver=1&google_push=AYg5qPLwGpV3KFrn7-yVphpHFZig6nmX8AL1UyxvpZEjp0M8CCQlh1tb121yesFiJKqbVn9s7LZKWT_ARQbetaUTXU_8MjbKLCc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLwGpV3KFrn7-yVphpHFZig6nmX8AL1UyxvpZEjp0M8CCQlh1tb121yesFiJKqbVn9s7LZKWT_ARQbetaUTXU_8MjbKLCc
Request Chain 333
  • https://match.360yield.com/match/ebda?google_gid=CAESEDBN2CY7wt5quAL-pXsHIKY&google_cver=1&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDBN2CY7wt5quAL-pXsHIKY&google_cver=1&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8
Request Chain 334
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEECJTqgEHvV-McEIA6uM8h0&google_cver=1&google_push=AYg5qPKkXHnu3FX61C0gLe5OHVGjiD0jgZA6vWmIl9_tP-9Od4MekZc8uS-ZhQbIJNaxrVj2LeP9K2ki-BfdVdg1GTUXuAn5REQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPKkXHnu3FX61C0gLe5OHVGjiD0jgZA6vWmIl9_tP-9Od4MekZc8uS-ZhQbIJNaxrVj2LeP9K2ki-BfdVdg1GTUXuAn5REQ&google_hm=WVZoVGtNQ284WUFBQU1XN0pBQUFBQUFB
Request Chain 335
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDXg8-iJGhdM3ZBO67ylJIc&google_cver=1&google_push=AYg5qPLYMbnTqzKUNjuk9EEsozmrVVrWLikSzdN3hgtHFJEuwrD4MhycBUsL9dIEWKGsM9hZ8g-sn-9keDiPSiDdhvMpFq7qAU4 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDXg8-iJGhdM3ZBO67ylJIc&google_cver=1&google_push=AYg5qPLYMbnTqzKUNjuk9EEsozmrVVrWLikSzdN3hgtHFJEuwrD4MhycBUsL9dIEWKGsM9hZ8g-sn-9keDiPSiDdhvMpFq7qAU4&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GaDZoNDF4RTJ1R3pHUnM3dmRRNlJUN2FQMVNnWHhwc35B&google_push=AYg5qPLYMbnTqzKUNjuk9EEsozmrVVrWLikSzdN3hgtHFJEuwrD4MhycBUsL9dIEWKGsM9hZ8g-sn-9keDiPSiDdhvMpFq7qAU4
Request Chain 338
  • https://a.c.appier.net/gcm?google_gid=CAESEAFkJdFD_oQY9ZajaT4pJS0&google_cver=1&google_push=AYg5qPIqdIJid6dLIp_mtjaEwoTjOC6dYGe0kiS4teWrgY0sLTzAoHUhFy1kkERCvJOjVc1YNA_wlXob8UNGoeVhpvwIOX4b6d09 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bjdRMWY3MnhDdENvOUM2NWtGTllZUQ%3D%3D&google_push=AYg5qPIqdIJid6dLIp_mtjaEwoTjOC6dYGe0kiS4teWrgY0sLTzAoHUhFy1kkERCvJOjVc1YNA_wlXob8UNGoeVhpvwIOX4b6d09
Request Chain 340
  • https://google-sync.rutarget.ru/sync?google_gid=CAESENXA9SNtNEgENptofxNKQRM&google_cver=1&google_push=AYg5qPKvxRRo2H8jbtOSgc4tMqO7jGr584jErETwN2zEIf-rLTuAfOVYXWVBm0ly2twg61RpO2ZP_Hm1Wib_24xv2frKoHJPPeTG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=TjRhWmJfMnNkQmhB&google_ula=2046794&google_push=AYg5qPKvxRRo2H8jbtOSgc4tMqO7jGr584jErETwN2zEIf-rLTuAfOVYXWVBm0ly2twg61RpO2ZP_Hm1Wib_24xv2frKoHJPPeTG
Request Chain 343
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEAaFf_bo_m4zbcjqY2t3LHU&google_cver=1&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY
Request Chain 344
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEB88Ggh-yTmbin7y0_Yrp70&google_cver=1&google_push=AYg5qPJtjCyFUh76ZNP0ARk0m9lG8VPR2MFky2qNhIiAPgv59aABhUA7luNKLBdY_mhnW02owDQRhXhso5xVoN9AQTuXGCcCmlURLw HTTP 301
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D798df4eb-c683-47b1-a959-bcc60ba50425%26google_push%3DAYg5qPJtjCyFUh76ZNP0ARk0m9lG8VPR2MFky2qNhIiAPgv59aABhUA7luNKLBdY_mhnW02owDQRhXhso5xVoN9AQTuXGCcCmlURLw&ssp=googlevid&exu=CAESEB88Ggh-yTmbin7y0_Yrp70 HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=798df4eb-c683-47b1-a959-bcc60ba50425&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D798df4eb-c683-47b1-a959-bcc60ba50425%26google_push%3DAYg5qPJtjCyFUh76ZNP0ARk0m9lG8VPR2MFky2qNhIiAPgv59aABhUA7luNKLBdY_mhnW02owDQRhXhso5xVoN9AQTuXGCcCmlURLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=798df4eb-c683-47b1-a959-bcc60ba50425&google_push=AYg5qPJtjCyFUh76ZNP0ARk0m9lG8VPR2MFky2qNhIiAPgv59aABhUA7luNKLBdY_mhnW02owDQRhXhso5xVoN9AQTuXGCcCmlURLw
Request Chain 347
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGrcyUDGOevun-ArXV6LiWs&google_cver=1&google_push=AYg5qPLMVQQpvk-VDQiJr-Z5whUEdGBnrm-wvK8KlCG6VUh4N6prCHX9GvZkBlYBs0Z5SzTMk_9EKa21sTQGcNTpylPigisbIpA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNDQ0ODI5NzU3MTUxNDUxNQ%3D%3D&google_push=AYg5qPLMVQQpvk-VDQiJr-Z5whUEdGBnrm-wvK8KlCG6VUh4N6prCHX9GvZkBlYBs0Z5SzTMk_9EKa21sTQGcNTpylPigisbIpA
Request Chain 348
  • https://a.c.appier.net/gcm?google_gid=CAESENC6yk4kTFcrLPYA5F6ypkM&google_cver=1&google_push=AYg5qPJDGE5IiC0qLQzL32WsWN-xvMh-pe-KmMfM6UwQ6NFTOFYMz4yeQSxm9UbDxZIAxP1Hjn6F4_PQbsdxdW_vs3unrxeTiA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZTNFclJLOG5EczZWcVZ5TWtGTllZUQ%3D%3D&google_push=AYg5qPJDGE5IiC0qLQzL32WsWN-xvMh-pe-KmMfM6UwQ6NFTOFYMz4yeQSxm9UbDxZIAxP1Hjn6F4_PQbsdxdW_vs3unrxeTiA
Request Chain 349
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGIkZE48v6AVRLkJKNsN3hw&google_cver=1&google_push=AYg5qPKPdY2FR0m44tuRFohKfCcgDi-f605M6gcBXkHfUjXRb-vvguZFqP4-rhrHEf8BjmlW_wcJ3OL-CY-YMPsx3hMMYJ7wBIY HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGIkZE48v6AVRLkJKNsN3hw&google_cver=1&google_push=AYg5qPKPdY2FR0m44tuRFohKfCcgDi-f605M6gcBXkHfUjXRb-vvguZFqP4-rhrHEf8BjmlW_wcJ3OL-CY-YMPsx3hMMYJ7wBIY&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9xQHkyKVSNCBTe2HnvGlvQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKPdY2FR0m44tuRFohKfCcgDi-f605M6gcBXkHfUjXRb-vvguZFqP4-rhrHEf8BjmlW_wcJ3OL-CY-YMPsx3hMMYJ7wBIY
Request Chain 350
  • https://cs.media.net/cksync?type=g&google_gid=CAESECO_wjkgMC_3wkuMgO1gx-c&google_cver=1&google_push=AYg5qPK7KBec1aubP4SRzxzfOaKJN9bvoofMsonSK3yjbxIqG5h07SlE3N891-WtR-kLvf0ZyL1K1BB4w2XPbwAOmu-a9zLmea4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&mn_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK7KBec1aubP4SRzxzfOaKJN9bvoofMsonSK3yjbxIqG5h07SlE3N891-WtR-kLvf0ZyL1K1BB4w2XPbwAOmu-a9zLmea4&gdpr=&gdpr_consent=
Request Chain 351
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDkuIqCLqAiyZsS_3aBh6wo&google_cver=1&google_push=AYg5qPL5a8f0UYqd_Gtl6ywT3SNkRNSX5vx_Hpt2R6eRdPL47_aOPNx4Xgd7G0yRS90NjxAb1S3C_RILPWWG42CJWd_2NM-uGA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPL5a8f0UYqd_Gtl6ywT3SNkRNSX5vx_Hpt2R6eRdPL47_aOPNx4Xgd7G0yRS90NjxAb1S3C_RILPWWG42CJWd_2NM-uGA&google_hm=WVZoVGtNQ284WHNBQUtaREdjVUFBQUFB
Request Chain 352
  • https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESENPqxTTngjMEtU578H9tJvY&google_cver=1&google_push=AYg5qPL0zcSpJomggJDARmyltQeMVxsbR0EfXbMAUgDYpZFDqqyrEgmB-bOp5_OZCkgkKQ0rnQVClLiAeJPYd_PlCxWqyCI5FslX HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=M2I4MzNlYzctMDdiYS00OGQxLTg5OWEtZTg0YWUwZjZhMDY2&google_push=AYg5qPL0zcSpJomggJDARmyltQeMVxsbR0EfXbMAUgDYpZFDqqyrEgmB-bOp5_OZCkgkKQ0rnQVClLiAeJPYd_PlCxWqyCI5FslX
Request Chain 360
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhib7dmzASABMAE&v=APEucNW5a6vNtX89DrGv8tWotUhQE638ZuGf3YX8o5JL5yW56bypPAgyhR4OuXMYAnXpnn7ZpeQH2UJdL-TH7blvTjXMvbv558ciuF5rFmhYp8sk-F7JHWs HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjY2NTZmYTctYzVjYy0yMGRjLWZjMWItNDllNmY1MGQ2OWRh

385 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
www.grokiskis.lt/verslas/ 		242 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4691398530c0dee4792e6323b8030373c599d722cc99a3a95fc1fc6b631c4e4b

Request headers

:method
GET
:authority
www.grokiskis.lt
:scheme
https
:path
/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-type
text/html; charset=UTF-8
vary
User-Agent,Accept-Encoding
last-modified
Sat, 02 Oct 2021 11:38:02 GMT
cache-control
private, must-revalidate
expires
Mon, 29 Oct 1923 20:30:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is4R1huOIrGEakheiYdbBoQtXlIj9Tp0o%2FQrzywirr0%2BGCqzm1LFPmxRBFMioTNKbZLPhtiMrkxF%2Fe092DZGAkZNUrp2VdO66aabVziOBMH1hpGEr7BdiqsugAS4mvXl85Tn"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
697e01ccce67432d-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
YjwouMDpXaM0X3Jp96QPJv9HiT0.js
www.grokiskis.lt/cdn-cgi/apps/head/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/cdn-cgi/apps/head/YjwouMDpXaM0X3Jp96QPJv9HiT0.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3068ff642720bbe008b966164a5608ad25c25a3d2e1bfb4055e95c2dff5872c6

Request headers

:path
/cdn-cgi/apps/head/YjwouMDpXaM0X3Jp96QPJv9HiT0.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EYGNTPRM2VWHXDG9
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-version-id
1dScnH1wDAPDj9Cc9Ilvj_X_uIumM3sK
x-amz-id-2
JsoVrvg8LH3XbqhvaGRPW7PyRd9Iv5/408klpBSXte6T13hgyPrLYUH38L3Dg14ClbUrOaTfpqg=
last-modified
Tue, 05 Jan 2021 11:28:14 GMT
server
cloudflare
etag
W/"5f81aafee80c6b38f35d65ff83adfeb9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNTGXJmZmuoAOhpfNLmc3CAWN7NLmgTvMPZH7sGMUjM%2BmlcapSVmKHbppbVh0hez7SMIrbrblXX%2BnvAhZvzAxgUZJn3Vm90ZlFjEd75f85j7PLjSgwKTdEvpgAk6nP6O3%2Fa3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
697e01cde90e432d-FRA
s6kj.css
www.grokiskis.lt/wp-content/cache/wpfc-minified/243fjdet/ 		114 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/243fjdet/s6kj.css
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fda9e64057963e0da5b44de0621f6dab58cd0c5672643c72f1f547070799967

Request headers

:path
/wp-content/cache/wpfc-minified/243fjdet/s6kj.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 10:39:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOWZMqNfYpIwe8VSSPu2w9gfhiXLJoq4%2BdCCoJ5qDVv4Bm9JNglf1hYpwXrY6kJF5mqDVAsFE1DfUnKoBPK2ShhjUbOjNUKQ1%2Fd2MLH80HMmlRZM72PyVa00tG4TQHwzzThJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cde910432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
css
fonts.googleapis.com/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic%2C300italic%2C300
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
f4f6b9ba73bf8965170f34cd055a71fdfe9f336192f4a0ccdfd4959495f329fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 12:35:12 GMT
server
ESF
date
Sat, 02 Oct 2021 12:41:48 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 12:41:48 GMT
s6kj.css
www.grokiskis.lt/wp-content/cache/wpfc-minified/jykpybn9/ 		199 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/jykpybn9/s6kj.css
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80515e9ff9cf794e1e85f93895dece25724bb787a0b4664a037d395a6c5eccf

Request headers

:path
/wp-content/cache/wpfc-minified/jykpybn9/s6kj.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 10:39:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZ9DOj4RJYNfdCTuhdzTt0WQAqteUJf%2FE9JYJ4dt5iq2EaBFyH1sMAXbPG4zE%2FzeQ%2BzjIgl%2BlxoGRA1TpW6UFbAlngKqi%2B6TBqgBE6wi7ozl3P8eD1mKQ7QCK%2BgcTm3T4i1a"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cde91a432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
s6kj.css
www.grokiskis.lt/wp-content/cache/wpfc-minified/2cas7z3x/ 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/2cas7z3x/s6kj.css
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f73bf1ceeed5124abdb938edb25db5e212a997a7716295a724c6fd61d353ca9

Request headers

:path
/wp-content/cache/wpfc-minified/2cas7z3x/s6kj.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 10:39:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odFDXDUbgCE5gIAjwHSU1Qhqf8KdERC7HCxJyagU5ir4fgYbeX2OytNOPuhMNVEmYV1Z1WP7a8frxsl0xPotKReQwObbglLgv90p4oDVEVz3jUsSACNLXLBsjDCHY32b3JdH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cde91c432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
css
fonts.googleapis.com/ 		53 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600%2C600italic%7COpen+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%7CRoboto+Condensed%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic&display=swap
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
3ab9160829fadbd81bb1d6a869a34ef0786c32e5cbc49786598f144ed4f5c653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 12:41:48 GMT
server
ESF
date
Sat, 02 Oct 2021 12:41:48 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 12:41:48 GMT
s6kk.css
www.grokiskis.lt/wp-content/cache/wpfc-minified/bsxldjo/ 		118 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/bsxldjo/s6kk.css
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c24f10649dec8916503604c3ee96e69c68a633b441fc5aef824441b2bff212

Request headers

:path
/wp-content/cache/wpfc-minified/bsxldjo/s6kk.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 10:39:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ26YlS4bT%2BGki8mNGFS8tzp2AHu75zviGBZWLifNdRPhuAFn82h6So7XuLhAlw%2BkghVI6%2FyTGEtbfeoZOPlUeeEHBgvHyEeSxtqkVxCvnWNDio%2BEYNyoRrYee78zZ2RRVkX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cde91e432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
s6kj.css
www.grokiskis.lt/wp-content/cache/wpfc-minified/jpu4a9a8/ 		950 KB
104 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/jpu4a9a8/s6kj.css
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bcc8894fbb9808055c41dcf76dc0c7838f58e3ae7b7102a621fbcc581c64fb1

Request headers

:path
/wp-content/cache/wpfc-minified/jpu4a9a8/s6kj.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 10:39:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIS5lLHbTsJzPp9D0XifLbn6DGGPewL5Bd5dL0WH%2BAINVQ2CJTQEWvykcz%2BY4VXMCxeL06IYtF5y1tliGCZNFMgmTHT1aQyrOwAfF8PsboOIE%2BBppsWH69DJzgnqnaG8HV20"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cde920432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
jquery.min.js
www.grokiskis.lt/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJPUT3bSVlz1btp%2BVggsdkyPOvd181xTSRX%2B2nAdQDNyJQLyc2m9Xj7xYmMKXBFevMlygK3Dq%2BAOmOlSAZVOZEiaFCEYGL91gAvb%2BFSYBLD2QXDvkkET%2BCQ2JLNFuP3ZTmJH"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cde923432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
jquery-migrate.min.js
www.grokiskis.lt/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 17 Dec 2020 11:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCz%2Bd2DZg3R631H1ONTzcsaK5WvSf3cdp25WuuhMcVoTaaUPqW83uQYWL4zIzIFwrcluZ7fBOioZa4WMvkw9MThnUNiGGXaW3LDiXS%2F3nyZgupmRsyNBaaOyYcxR95EdM4RM"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cde925432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
clipboard.min.js
www.grokiskis.lt/wp-includes/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/clipboard.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4934fe889bc2f975cd69f0c35adc72107079ef0d36a139fa141b5219e0e6b0

Request headers

:path
/wp-includes/js/clipboard.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8U7rokD8F6HVeznn3JtkCFYEze4jNQdZ0YMjQsAewRpEbCxYRCjZEn1QhsPTBuMXXdaLSXqlJsYd0XNzleeO29LIBRXOJ8d3LSv0LBfrxgDHxaKwzRYJF3Ex7oLvUOnUCQ7h"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cde92b432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
moxie.min.js
www.grokiskis.lt/wp-includes/js/plupload/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/plupload/moxie.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d1c42257d4146bc0d7a845c51edd7cc7d1544b86cd5a5981ed423199d60db2

Request headers

:path
/wp-includes/js/plupload/moxie.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWYEGEKTy1G79ikAk%2FrOdI2LxE7DMKPNko%2BbYSomRXsMy6UowoYZBe0ZXhRB%2FlmNWO0Nq3xK3MMEkFMwNX3p0DxIq3sLTwC6fXSFb4cI9e2fcSUb%2Bt1DiH0dfNudfZmjOhvu"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cde92c432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
plupload.min.js
www.grokiskis.lt/wp-includes/js/plupload/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/plupload/plupload.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416211f730a5a0ff81eb5a9a80c7f22ff932478e0024a3bfd30d685019176c39

Request headers

:path
/wp-includes/js/plupload/plupload.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 04 Feb 2021 04:38:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vpom5RlXYDKTl0Ivxc7o1MVYSVtcux6QiM1N7txv4r2P76OG5sdBvXW4oLrW5ne3kWNOjSBrd%2Bz4KqyEBGP5wY8oAiZgVW48qOa%2Fk4XPatPJTEjXsaJ0Q4UkVOkb%2FUxRdRb%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf931432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
underscore.min.js
www.grokiskis.lt/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/underscore.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

:path
/wp-includes/js/underscore.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwk9I8ULZsly37OU%2Fb%2FhbpyvBgNLPPEFoqNGCitonxwpNlIdqvPmlXsZ7UHO8pQ%2BXaPWVNhFi3XWVn4eBP8RevBLR72ZKKTbOad4Dkg7ff9x98UOVeh3M%2F9Gq8IWBj3Abpn7"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf934432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
regenerator-runtime.min.js
www.grokiskis.lt/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

:path
/wp-includes/js/dist/vendor/regenerator-runtime.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrJFVZXQ%2BLIZxCgtOZnHdBYVemLjGJpnWQ0%2FnLP4NPzBcQ9VWz%2F5jbkQUhReCTaPqGXU2544%2B31aOfE%2FRi7Ii6BVqjSpL%2BiUHRSpggaQ9X2k8i%2FkLq%2Bz5UirbE9t1oKJFdVU"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf937432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
wp-polyfill.min.js
www.grokiskis.lt/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

:path
/wp-includes/js/dist/vendor/wp-polyfill.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPONVsFAQkOyOJBdaLA3xVj9gLiBHXAGFfEpp5QJoiGB72sbGQVCRau5uFfxY24I5MHgYPvc91TyDpPj2sMcmo9qJu7UBUs7wBEdMTiZx7yzr01nMCOQ4aUlaoZgr6SVePUx"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf938432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
dom-ready.min.js
www.grokiskis.lt/wp-includes/js/dist/ 		1 KB
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/dist/dom-ready.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

:path
/wp-includes/js/dist/dom-ready.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvQn8LwRIvuQ9TAYThth%2Fy0Z39QU3TiQ0hzbWKPEFTDSZgrVq9QEDEZZ6aLH95GdYLDoIYpHWrFSrYDDehhnWX6geIcGG2P7Ob6CkoVzvHr%2F9tF2hqgW17B6kJrUDsAeqEXq"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf93c432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
hooks.min.js
www.grokiskis.lt/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/dist/hooks.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

:path
/wp-includes/js/dist/hooks.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FxKb00A%2FwlIgaO1i%2FqBwLFr0ny6hLh%2FDUkvJtLwgs7V4vf0glhak59oYcoT2I%2BmQZ1AUCIWppwK4PHc9kOBTkEBcTD3znZhAFy90yQhb6pFI0CkskS1hvdWavucWYxZKKRC"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf93e432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
i18n.min.js
www.grokiskis.lt/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/dist/i18n.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Request headers

:path
/wp-includes/js/dist/i18n.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLYjWhXhfMuR7z9qV4wmMP%2BxHQ3hGpnfx0l6Q6eDz4JNMGiBiUyA84PlvXp8SHNWYceWyidGJuR6LcLfRN1Q7qIZNoxBPqUn%2BKogNnzjHYVOGbbQaFcmrZXZ%2B54mGah1mR8Z"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf941432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
a11y.min.js
www.grokiskis.lt/wp-includes/js/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/dist/a11y.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca

Request headers

:path
/wp-includes/js/dist/a11y.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ex6GHaumhOeEbcC2yNaJsV46an%2BFyO0wz59o%2BeEJ%2FBuNnXgsqHcu4zahzLLV6%2BDN%2Fnhh3itEBFtqFwchfDRjMGnmGPVnDTPzftZOgDKrQwEHaB3t3ta6UxWOIJIlGW5mE0ou"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf942432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
handlers.min.js
www.grokiskis.lt/wp-includes/js/plupload/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/plupload/handlers.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8139654317bd038b36ccfcb3c28c5de407e68b8bf6f90b4307443d6099faffb

Request headers

:path
/wp-includes/js/plupload/handlers.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMBBPQsYwLgVo9ZLQd0lPoDgrJQsI7NKRPtHo7m1nOv2n2GIT3XgmN%2BtMRZhiOzuZyBrjl492YWpWw44ST8XGXViTa%2Bs8oiNwBn8y%2B61U5OZbdLDb0l%2B1Faq6Ts2Mqdl4faV"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf945432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
AjaxUpload.js
www.grokiskis.lt/wp-content/plugins/wppas/public/assets/js/vbc/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/wppas/public/assets/js/vbc/AjaxUpload.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06818a46a6caa4efae4f00ce156f9e0fabbcce98ffadb3f5672bcc1438be4ebf

Request headers

:path
/wp-content/plugins/wppas/public/assets/js/vbc/AjaxUpload.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 04 Dec 2017 16:17:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtBYN4Hcm0YVc3VwqjjzxL3H%2F8ugWiN6TYqcl%2F75ldspLV0n4Riv28HNCqBmjhm2bq9dlaSK4RkxYk4JfhVf30YVF6CSR2klA9%2F5MI7fYCeNFP%2FwNPwq%2Fgmpd5N1B3YguOoO"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf94a432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
advertising.js
www.grokiskis.lt/wp-content/plugins/wppas/templates/js/ 		209 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/wppas/templates/js/advertising.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f1b61af3e5755661749291d9830d7d582c6a799b5eace1253099c08d38c3

Request headers

:path
/wp-content/plugins/wppas/templates/js/advertising.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 04 Dec 2017 16:17:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjAuwVr3xZAi1XItVtwiM5b50w9JeIq8R4O6jSaBFDHGj2PQLxzAMlz3hLrpuZpu%2FCaA0yzmwNuxXFBBQ8W%2FiFC01Nb0sB4fhYZwgkFGRF0wpaZQiHcj9p2Dq%2FmaIfWToNPs"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01cdf94d432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74776351-1
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2f520ecf143086a008eece260bb19e268fbb76635c4fddad9b6b74021b599083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38977
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Oct 2021 12:41:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e11faafce785ce27d576232a8cf2e17d979f19faf40cda6fe641239d33c4647e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50832
x-xss-protection
0
server
cafe
etag
11230310692278948709
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 12:41:48 GMT
inview.js
grokiskis.lt/wp-content/themes/Newsmag-child/stpdjs/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grokiskis.lt/wp-content/themes/Newsmag-child/stpdjs/inview.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 22 Jun 2020 13:03:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgDmn6hpHzJ4YGSZCoqxWFOvheNPs8jfNvrpccbGATfVq6Bw3RphqkbaJCRXjEe9SPSMbF79VgvKLEkbrbk5tOjW2rlj7V6sjcdz81jaGzMLIdGKqpDMDabLgfo%2BqQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01ce4a2e432d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
447c7efd257a057a8e8470a34deb9ddf7aafca1ef5efcda21db410dc25fa8da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1003 / 420 of 1000 / last-modified: 1633126070"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25717
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 02 Oct 2021 12:41:48 GMT
grokiskislt.js
stpd.cloud/assets/hb/ 		925 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/hb/grokiskislt.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.43.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2195385bdfc2517da91d7c226168c0e6195ff11b72375c586ed88675600c5d0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
LpiMjAlm76XLWF8B1nBuzQ==
age
4725
x-ms-lease-status
unlocked
last-modified
Fri, 01 Oct 2021 13:40:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Q0WBVGmqMXh0mmKJMxEo73H%2BkNk%2F080i6Wk1U27QvZDHmxtKb0%2FxOp9%2BNwU7oEG9d2kLd7OFre%2FS7nvPQ6FBTbGMZKkvinmT7Y8zT10buutDwSIjOsDrkO1jPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-ms-request-id
1b01131e-e01e-003b-41ca-b6ba33000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
697e01d10dfa692d-FRA
grokiskis-logo.png
www.grokiskis.lt/wp-content/uploads/2016/03/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2016/03/grokiskis-logo.png
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df87908a15f667e4362a981f1dec9067c4252ecb87958375be0a77c7ee78ccc3

Request headers

:path
/wp-content/uploads/2016/03/grokiskis-logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 31 Mar 2016 15:59:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7lFnNUi7OoyEG4c28AAuuR1UroIUUTAIBPC9ofYmb3P2YqV3LR5o0of7Ac9fx1jRSfE4O95%2BgWilEqH5i9xR3N8f959Tk1T6MaR3IqrxbvHIsg3SUxMCChEB4WOWQSClFuh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d0eda6177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11029
expires
max-age=A10368000, public
grokiskis-mobile-logo-wb.png
www.grokiskis.lt/wp-content/uploads/2016/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2016/03/grokiskis-mobile-logo-wb.png
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f6d108b26471371ba5d0d2850df31f6c62f37fba7b61a73f08e2d2f834ac1a

Request headers

:path
/wp-content/uploads/2016/03/grokiskis-mobile-logo-wb.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 31 Mar 2016 16:20:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7skEOTIQ5qGcQB5PvfJBy7yq%2BNc9a2MXYaLtOWSu5YYpvg%2B9KSNypXrLCugBCcGX9JBVQBw4DzT3lQl7rBrAaQsjKqUG5XbnNQDbZaWATBntHKW%2FAsLLhlQSPbFg2FlMFyX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d0eda7177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9122
expires
max-age=A10368000, public
blank.gif
www.grokiskis.lt/wp-content/plugins/wp-fastest-cache-premium/pro/images/ 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/plugins/wp-fastest-cache-premium/pro/images/blank.gif
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:path
/wp-content/plugins/wp-fastest-cache-premium/pro/images/blank.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 10:38:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XBQH7T5uTXKQi3zV%2FXi6iJZg8j7wqiDOA3FnBmRHqgCNP9j1E8JnpzFzdKkBd44yXBg0xs5KrUOpzwEtK0YBT4RA62Uq5S9fDDpjokTUZWJt4aW5oaob5xX0z%2FNNAlaBKG5"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d0eda8177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
max-age=A10368000, public
email-decode.min.js
www.grokiskis.lt/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 11:33:04 GMT
server
cloudflare
etag
W/"61544ef0-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbRm%2BwO73TD%2BnuwY%2BEw5RihxZ4l9AEl03WfjA74I3QkXGtCnJbq4%2BDYsrC9fLnvwr3aLE3QgW44ldPlJmXPPgKCPi%2FgfWOUcTF%2FGGo%2BiIRUqiE4zMhxzQaoIbvJu9dvEQ9Fr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d02c90177a-FRA
vary
Accept-Encoding
expires
Mon, 04 Oct 2021 12:41:48 GMT
s6kj.css
www.grokiskis.lt/wp-content/cache/wpfc-minified/9h5abw54/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/9h5abw54/s6kj.css
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf45fd887386f78ea2a2ba3aaebea9a7dc894e851e686f3d195f7e62ea8d38c3

Request headers

:path
/wp-content/cache/wpfc-minified/9h5abw54/s6kj.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 10:39:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pu385e%2Fm3S%2Bp%2F8ojhGZAaNvh6lzkiBiSBlKJdXaWuyJ8Nfs3jbvnst%2FtiL2alWWWtJCaFNvuUVTsNiKuCZMQUP2FwnP836jNZIccrI%2BqBsi1dk2LPIX1COzLxEphwg6EQmPf"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d03ca5177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
index.js
www.grokiskis.lt/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/index.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:31:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8z3El5s6ysIM56SyWX4doMNsN4eArOGrhXj8uah52m83HjcdldGQPWnO86UulNAfk7VEaR2r5zLXcwGBraWFPvIuQSXmaiguJOIy1oS1%2FlI%2Fl3iG6Bah5Hb8GwH%2FXMeGUdC"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d06cd8177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
core.min.js
www.grokiskis.lt/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path
/wp-includes/js/jquery/ui/core.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 15 Apr 2021 04:38:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fl5Jq9LuZEKCllcG1rPOeCt0d%2BnhVYy49HbLYo7di2eIue4ijAPH7wqATUFYQzQoK0N8EnO4DWwqqYGoTNeOlX6%2BYRIMVsmKPqzlmV81f2IxpY8FlQwP4R74YScEJeH4Fd6m"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed7c177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
datepicker.min.js
www.grokiskis.lt/wp-includes/js/jquery/ui/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/jquery/ui/datepicker.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c

Request headers

:path
/wp-includes/js/jquery/ui/datepicker.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMpdyrWrhpl9REkWiwICrrcsYNqnQdxXF2FquVQc9IhSBWf%2Bvk4QugJ2eKNKRLOYnzEPcfmveNWklAxcW7QHNlZh6b1MQIUyTRUqW6olAlP%2B6k%2BG1zxjMCPg0TSGV7vRtl8M"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed7f177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
up-custom-script.js
www.grokiskis.lt/wp-content/plugins/userpro/scripts/ 		550 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/userpro/scripts/up-custom-script.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22dcd692874ca981306de1f5aea9ded0f77f2debba2c447ba36585867c26be68

Request headers

:path
/wp-content/plugins/userpro/scripts/up-custom-script.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 18 Apr 2018 14:05:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2hTMrizapgDP3qRvZe0MKr2PKEFQtN%2FUe1p1w6m7hB7Pudgtdl6A74OzKXSE7rMyVsQRHiWFyjFFuJwu24qIILx7yzNhEI8SlJQ8dz2vX8HFEpZLMvbwiJYvwMKrHiWILf%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed82177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
timeline.js
www.grokiskis.lt/wp-content/plugins/userpro/addons/timeline/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/userpro/addons/timeline/assets/js/timeline.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c05becaf948243f8426c8c072fc0bf1de88e64cef7a383c092b2a356c0a1116

Request headers

:path
/wp-content/plugins/userpro/addons/timeline/assets/js/timeline.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 18 Apr 2018 14:05:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bxxx5Y9gHi7izoCSUowXFcQlyYcG58L0EOCBVpgJIWlLpiZXc8yIJ9pSBM5DSou79rGKVhkgMQrMAUNWbcDj4WE0eGr6g7Q2v2kNqrMZK5UG5Llyk5vLs63zSPDoKRCKrLDv"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed86177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
wpdiscuz-combo.min.js
www.grokiskis.lt/wp-content/plugins/wpdiscuz/assets/js/ 		309 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62016ee99dc0705dc119be912b1142cbcac0a3f22e630b853739c8eeb106566d

Request headers

:path
/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:33:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TWoU8MuKUdjJB3K7DyNq5mh%2BbIHoJ%2FUYVcy%2B3%2BtEDP4TP%2BZLmtm33oRO4lxN%2FzWXHgtAS08BRqpd5TC6gw50yqL%2BF2jEUGvLLXoBxRP86wV%2F8PzPlBu8Nc3zebeFKeyYUcp"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed89177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
effect.min.js
www.grokiskis.lt/wp-includes/js/jquery/ui/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/jquery/ui/effect.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74cc6a206326b8229276585c91ff2029af2061b89ffbadb4e5873353cf6e93ae

Request headers

:path
/wp-includes/js/jquery/ui/effect.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 10:37:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsDNCuEmBz1h5s%2Bsw41WRU5goYOrbWY5oLQlrzA4qBOhQP5uSK1tvebVIyMy1jCVAbkS%2BkMpszy4cNAWuzEBw7NwBQMPTReZTWfiR0v5dV%2FyESyQd20Zk4rpNKnFams4T%2BAL"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed8d177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
effect-shake.min.js
www.grokiskis.lt/wp-includes/js/jquery/ui/ 		804 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/jquery/ui/effect-shake.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b116b6b54187cf95c28c610af8a4b902c4b9a0ef589f1943d2ce8ca553a4c65

Request headers

:path
/wp-includes/js/jquery/ui/effect-shake.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 04 Feb 2021 04:38:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KP%2FdH60StshlnmGhHoZOXvDIDHAf46BvSbMOvmBqhhNkdRNGIrWcPlpqhQgPhFLT2r62e7gNXJinLYIdzLBHGoFVN6Z%2BSR10pouiDhnrUmObIQbaBrGQgX81vuAKOLC1eT1u"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed8e177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
jquery-ui-effects.min.js
www.grokiskis.lt/wp-content/plugins/wppas/public/assets/js/vbc/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/wppas/public/assets/js/vbc/jquery-ui-effects.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4db0e0a3a8c36214b489e004d5d77427aca983d46020b3ae33b73463ccf254d0

Request headers

:path
/wp-content/plugins/wppas/public/assets/js/vbc/jquery-ui-effects.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 04 Dec 2017 16:17:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2B0Qm2pj2LfS78qTtl57ptJUfd3JsMHiLq6AEzS1cPujwV6jUZ%2BlVnH6hfxWpYco6goC22Dr3U07vePpurRbBX2Mp6SsFloFfOKrpmQ0SgPPA%2FP2vu61MlglJsgiRtxeW7Pv"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed91177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
postscribe.min.js
www.grokiskis.lt/wp-content/plugins/wppas/public/assets/js/vbc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/wppas/public/assets/js/vbc/postscribe.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Request headers

:path
/wp-content/plugins/wppas/public/assets/js/vbc/postscribe.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 04 Dec 2017 16:17:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1%2FLfKBgrCP94dFEGc1SR9pgMTo7olhiY16lqA44cHANT5BCtabbw0pB88y3mEQvQdF%2BFD4mPZmEm8pQ3DFCSENb%2B4NQSM5Gv24zJ838F7h%2Fid2FmQOc8MgJYliJKkU6DC0Q"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed94177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
dom-to-image.js
www.grokiskis.lt/wp-content/plugins/wppas/public/assets/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/wppas/public/assets/js/dom-to-image.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8231e1d644e755e0c3153fda10db7a627713b88677086920531f10d4636bb7a6

Request headers

:path
/wp-content/plugins/wppas/public/assets/js/dom-to-image.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 04 Dec 2017 16:17:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI%2FzribmYwmOzx57BxHTPv7NJmeFehtL79becp1EbusGHGTaTzqnfoMiQyAROkwiK5d06SotnvLAmNZ1JySEkTqXwxK16I9HCoIqvy2JlIRz2m0oGNmgwTjVeYa%2BgVUD4DLC"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed9d177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
jquery.wppas.vbc.min.js
www.grokiskis.lt/wp-content/plugins/wppas/public/assets/js/vbc/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/wppas/public/assets/js/vbc/jquery.wppas.vbc.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b910dfff8e26606ba1618454ab57de193b2919b3655ffcc08929ac30b3c4d84

Request headers

:path
/wp-content/plugins/wppas/public/assets/js/vbc/jquery.wppas.vbc.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 04 Dec 2017 16:17:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBxpcINk0pdU7JFzJlQwPKErbQ4GhE7yfrFxMTmC%2FgtGgDKLKwjDBIKuOqSaiY9g33KNY1HYj%2BDosv2opzOe1RnBmB%2FSVU%2F4X7G9qFD6aV8tD3oQlabt2bYeKC%2FO4UZP9xMO"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed9e177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
tagdiv_theme.min.js
www.grokiskis.lt/wp-content/plugins/td-composer/legacy/Newsmag/js/ 		241 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf4d48991ea48232f18187c0f6892f5ce33d73a32d32489d03e6d50327e60d9

Request headers

:path
/wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 17 Dec 2020 11:26:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CInNtv9CXJk4IbMnKDhulI4ti%2FKtqSgG71AS80jS8%2Fo0XJ72deamQKElnkNG1Wu1766TIDfoH%2FheQCom2ZVtenQLMq%2BVGObNR3PekyTFrTjhiN33M7arrum%2FwcwOgwz38B4h"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0ed9f177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
comment-reply.min.js
www.grokiskis.lt/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/comment-reply.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path
/wp-includes/js/comment-reply.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 15 Apr 2021 04:38:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1T%2FdghIfIjUNIN2nV8A2n2onCPknnyhD9kdJWtEuY1NgdPOBQ39ZFwH71r9QveGiEnHY6gecLN7HY5BkOpkQD7L%2BBFqb650lIHXNx1kBUt6QQunn1YlF6sbrdLjyuSmFSoph"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0eda1177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
q2w3-fixed-widget.min.js
www.grokiskis.lt/wp-content/plugins/q2w3-fixed-widget/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

:path
/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 09 Jun 2021 08:14:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znddWnUKG1%2BVTQ4rTdsI4TXySqRhxvPJS5qSEr4QiQeXg2gaxgkco16eXGjLOk7ywUu%2BZiR0MLrsYhFBcijHqPn03K1R6BavueFp5QvLigHtYxudvyd9VZ2m2CGSJoXe7tqG"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0eda3177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
wp-embed.min.js
www.grokiskis.lt/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-includes/js/wp-embed.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 04 Feb 2021 04:38:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZxiranFQm3cjvjuL0rA6ID3RsfSZTGGrrUdBUl7djLucEn5QZSNBF%2FYcX3OOInq04iin0ybRmPk2nWJsullxhXc2V4LWz1vXXVyWZr55qnyB8XhwIgpQG%2FPoefbQj1w0F9c"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0eda4177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
wppas.min.js
www.grokiskis.lt/wp-content/plugins/wppas/templates/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/wppas/templates/js/wppas.min.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9edbb3274b9458f32863ad429285de7318f1a6c9e2f36a9d18728f3b05658e75

Request headers

:path
/wp-content/plugins/wppas/templates/js/wppas.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 04 Dec 2017 16:17:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlfB0s2WfBdlcxuStCBMQTgQ25DT74rlgxjwG%2BPSY47OCK6u0hlA4cD3xxH1ASH2iglZ%2BorHgj76UsueV9QjwJYxgrsgWRX9XrmaC%2FQrrH%2BsBvG7LhpOd76%2BcGIoriDWA%2FrW"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
697e01d0eda5177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
max-age=A10368000, public
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6891
date
Sat, 02 Oct 2021 10:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 02 Oct 2021 12:46:57 GMT
AGSKWxWJ-d7g24sgCXocPHILo7TRStJ70YDlJrZsR32ZoGg6jYjeQDxqI7NnTj1CpEtth9YOSipZ5lrLruOCGCzMXvs=
fundingchoicesmessages.google.com/f/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWJ-d7g24sgCXocPHILo7TRStJ70YDlJrZsR32ZoGg6jYjeQDxqI7NnTj1CpEtth9YOSipZ5lrLruOCGCzMXvs=
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
39479efae0025b91536959aba2d0f85c545cadbdd095c3be98fd9fa895f32e24
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LxosC2/C7S9RCXwcGc6trA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-LxosC2/C7S9RCXwcGc6trA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-LxosC2/C7S9RCXwcGc6trA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-LxosC2/C7S9RCXwcGc6trA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic%2C300italic%2C300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
245408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:31:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic%2C300italic%2C300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:27:37 GMT
x-content-type-options
nosniff
age
414851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Sep 2022 17:27:37 GMT
weather.woff
www.grokiskis.lt/wp-content/plugins/td-composer/legacy/Newsmag/assets/images/icons/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/td-composer/legacy/Newsmag/assets/images/icons/weather.woff?1
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/wp-content/cache/wpfc-minified/jpu4a9a8/s6kj.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e44f709face9013da1e9679c6b316b4b59280bdcba01ad65c1e87bf4bd889e35

Request headers

:path
/wp-content/plugins/td-composer/legacy/Newsmag/assets/images/icons/weather.woff?1
pragma
no-cache
origin
https://www.grokiskis.lt
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/jpu4a9a8/s6kj.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/jpu4a9a8/s6kj.css
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
MISS
last-modified
Thu, 17 Dec 2020 11:26:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5nqdV%2Fq1d%2Fy3Fx6daJpnywf53XZQnwE4MeaNA7y2ido%2B1iZJhJPYQwUAO2Axidk3AGgVka0IK7J7cxICN4%2FY4qJFQ%2FGPZKp7SEGfjRpOLBz63iZ4poog2dosUs%2BZROwG5YI"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-woff
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d10dd8177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4796
expires
max-age=A10368000, public
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic%2C300italic%2C300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
245408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:31:40 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic%2C300italic%2C300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:33:20 GMT
x-content-type-options
nosniff
age
245308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:33:20 GMT
newsmag.woff
www.grokiskis.lt/wp-content/themes/Newsmag/images/icons/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/themes/Newsmag/images/icons/newsmag.woff?14
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/wp-content/cache/wpfc-minified/bsxldjo/s6kk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97dd405edccde8f0171941d1cd209ebd48e64b47bedadd221a37640483c19b1e

Request headers

:path
/wp-content/themes/Newsmag/images/icons/newsmag.woff?14
pragma
no-cache
origin
https://www.grokiskis.lt
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/bsxldjo/s6kk.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/bsxldjo/s6kk.css
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 17 Dec 2020 11:23:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYOp6dpRzFNU09%2BosUJCgITyZdL7HuRXOzNj%2FUGfShSFHP8ZalPyssYO369pJQUG6y2MorK8fx8LQQmKrSApPkloM4oG7BN2C4G90TerzJxnItrHmpmytHJddDN9%2F3SY5IDy"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-woff
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d11e06177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19272
expires
max-age=A10368000, public
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic%2C300italic%2C300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:37:36 GMT
x-content-type-options
nosniff
age
245052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:37:36 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic%2C300italic%2C300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:33:20 GMT
x-content-type-options
nosniff
age
245308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:33:20 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
sdk.js
connect.facebook.net/lt_LT/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/lt_LT/sdk.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
c17baaf34dd02f1e89998020b750d907c7280c4c58fcedacf696370c3bd977dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
3KjgI5Xx5mzxzemVv1s/ZQ==
cross-origin-resource-policy
cross-origin
expires
Sat, 02 Oct 2021 12:47:57 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
e7vFJBV/ud/gMtCTUsl7Y13Gi9KL87kXf3z2YcrNvAC+JR46JwSh0viuasz0K3hWewli03EtTCkbnDWyAHgP/w==
x-fb-trip-id
917726464
x-fb-content-md5
5d4374a558fd585762f3e8ac283bec3a
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 02 Oct 2021 12:41:49 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"596f7b0584bfecc9605ae131375cf223"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
vilkas-Custom-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/04/vilkas-Custom-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7167102d24e43d5c95dcfadc9f1e2e6469ec09e0125853ab68fa013eb668ab05

Request headers

:path
/wp-content/uploads/2021/04/vilkas-Custom-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 29 Apr 2021 13:09:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jc3wVUWMhYYUHJtfZzaxYOftqa7pxv1ERYLni%2B6HAAutoxP%2BaLZg0we0rgnhnHL%2ByiwgXK5VSiZnHqLvKMn%2FKp%2FH1XplxZeWtA73tztohNMT8lMPPj8QnEwPXtmsZO3BxYKL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d20f4b177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5900
expires
max-age=A10368000, public
rokisksikorona-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2020/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2020/09/rokisksikorona-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5e6678cbe5efd13de0860118411c04fd151eafa923b81ad018a12652cf34ad

Request headers

:path
/wp-content/uploads/2020/09/rokisksikorona-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 21 Sep 2020 07:51:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLeDBnad8Yl5C2KDf%2Fw4Oezsk36gheTpcwlVn1Xzb5vOk%2B%2B1sEEJ9iYiDJuEbfgSGUu5zNPPcOXWt8MoXp6baiXsylrBaDYnwd5F2bwWdglqW0zpd2d22vRm4CyYDeWPceQ0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d20f54177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9057
expires
max-age=A10368000, public
2021-10-02-nr-77-sestadienis-mazintas-page-001-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/2021-10-02-nr-77-sestadienis-mazintas-page-001-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
375bbb6d581fda6202117a9c4c2891605e3933ec354eef5676587dab3367824d

Request headers

:path
/wp-content/uploads/2021/10/2021-10-02-nr-77-sestadienis-mazintas-page-001-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 14:51:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTzzsuxMK1tm0CzaxlEBf8UjU1gaPwFPxredaN0CvrFoTy5yBo3IFtd%2B5dofpehuhOL7LF5QiW6hLSK7T%2BsjswTnkxFhGSi0IueuX%2BOX%2FvxhOLxlffUUEN6%2Fcg5k2nYXima%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d20f55177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10301
expires
max-age=A10368000, public
Untitled-v-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/Untitled-v-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d8abc3366f7cba64ca61ff6c7cb593866699acb0adeef1b9684bdf24fab1b7

Request headers

:path
/wp-content/uploads/2021/10/Untitled-v-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 02 Oct 2021 03:39:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5i8A06ufscN6YhSwLHc67t9XNvkbKkYx0QxFx1p8NAms%2FWHo3MNqvV0t08lLtFIyO%2Fs0PgQr7VtmDNnInhazWmrzdo2CaYvf94TJwTza6uhcJsHDhAYJuQsT8NT23KQVTAc3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d20f57177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18851
expires
max-age=A10368000, public
243689063_1766862813508234_6451485876487999405_n-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/243689063_1766862813508234_6451485876487999405_n-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a733829c63f059d94d91dde8f4b021aec70d1e3575b06b1d135bb43b1620e16a

Request headers

:path
/wp-content/uploads/2021/10/243689063_1766862813508234_6451485876487999405_n-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 14:58:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW9Yqi84ukD41aaiNf9w3Qx0BK3l0LGhSy71W1tdBCN1cqh6WrTgqkZyNWcmjA3PygkiuQWCty0d59h2OO1%2Bkh7PXQBll2EtkB9sxtB%2FXdsyVZQmGNk6wNQ05qhG0hC92BRB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d20f59177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9007
expires
max-age=A10368000, public
118100143_3524622460882912_2083980109042901203_o-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/02/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/02/118100143_3524622460882912_2083980109042901203_o-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce717e2474d97d8890bb3a71b7cb54c9deb5c192c070db68e34d7a963bdab95d

Request headers

:path
/wp-content/uploads/2021/02/118100143_3524622460882912_2083980109042901203_o-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 20 Feb 2021 07:21:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpb2wbC4I%2B5PivIkmH4d7O1QR3AfoKQuvteJjNRB4E30kKURLt4BB9kPEZZ5ajBF8V%2BLUZ83758nFCddkD2iCK5BT9UFdY%2FNHVR6zaHBTHlZdfJIdflrVf6XbAe2f7r0rKmF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d21f76177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5921
expires
max-age=A10368000, public
daugnora-1-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2020/04/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2020/04/daugnora-1-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702098ff29ed3b7bdb1c89e14312394d60b7ae2a33a6f259c02da214c4db52c8

Request headers

:path
/wp-content/uploads/2020/04/daugnora-1-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 16 Apr 2020 14:07:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4O6F18JhGmDShFHTMRslbr40jry42Lco6ONsEefTa8ZzpfyvzZow4W3AhCJJ0sXNKZJzJGCRMYDUF2KRc%2B2y4X6dcaV6qh4su0bm0BZSoLtvBIsShkhG2NmRt6RR%2FBoSaCD7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d21f7a177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
70144
expires
max-age=A10368000, public
nuotrauka-Rasa-K.-300x350-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2019/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2019/10/nuotrauka-Rasa-K.-300x350-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
374912dd918446f01485c7cc03f547f4de5dfa6af75fbb1295b17e04c548ac88

Request headers

:path
/wp-content/uploads/2019/10/nuotrauka-Rasa-K.-300x350-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 08 Oct 2019 20:25:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YO%2FMqH0c7tUecYDOHmiFv%2FEA0y6te3p50tGDMCgEY5neJ4h9hxsHnAg5aI%2FSYCtD5KYvNOJYEsbh1faLnUOduLsIn4qp1BmW0tk7vZ6Hxq%2FqlyMoLksAp7CClzfN71o3oZMy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d21f7c177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3681
expires
max-age=A10368000, public
greta-akcentam-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2020/09/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2020/09/greta-akcentam-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a20979d104a372e82fb1621d63961ccd233305cd5d7726e47b2c6518d1acc88

Request headers

:path
/wp-content/uploads/2020/09/greta-akcentam-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 19 Sep 2020 04:08:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVO%2FuhATzNUn%2BhIYhRJJXD%2Fp24NNkQl6Q9fgRw8imWXsVm%2BRcam7rEH8%2FnS86Kx4JovVpGOFAviKntHMipQyYZxJGUaReGm1POo%2BbU%2F8J9s4121dCICWmyLBEjU1v9fK3O5S"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d21f7d177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14287
expires
max-age=A10368000, public
242427303_261737879285665_5521555474417933485_n-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/242427303_261737879285665_5521555474417933485_n-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1437110bbca03f1ec813a0e193f40678110470fd271de5c69c74b8e8c0c8484

Request headers

:path
/wp-content/uploads/2021/09/242427303_261737879285665_5521555474417933485_n-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 27 Sep 2021 13:23:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKVqg4uD%2BCKwEhJgpZCQ68aciR55oUeIDK13JMVaRC8%2BK4m8SseaOCVsNhrfsKPK7T7wUVwAAIWVZaKxHK2zvzgMHd55PHd%2BptzXBl2SaLayjOu%2BNvxewZofmOekqoRmfZ7V"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d22f91177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4298
expires
max-age=A10368000, public
lina-herbas-681x454-1-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/lina-herbas-681x454-1-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
538ac18972f09dd2cd6f278e00967e8e965a668eba811a30b290af23e4dccd96

Request headers

:path
/wp-content/uploads/2021/09/lina-herbas-681x454-1-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 27 Sep 2021 07:42:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtV4mFvElt6DTVQVywS4t31dqXgdF3RODdeSJEkp5iRMtXx4MgRM3ZMuvaRKS1G%2F2qIgjHiKj%2B47PAbqpuizsB1%2BOyOaFox1XR4l06rSJkrQOH3r5PMV6un0lLmhCVcFukVB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d22f95177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7711
expires
max-age=A10368000, public
IMG_20200609_185245-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2020/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2020/07/IMG_20200609_185245-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
886e0879b599211865a10eaba3e23347370bd0acb83b11f7bb5bcdd26990104a

Request headers

:path
/wp-content/uploads/2020/07/IMG_20200609_185245-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 30 Jul 2020 12:44:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VugXJAGB90%2ByqTQP9r8fm%2F%2FbW54U4TGxkE97zdyRMHSwGIvZoJdOuAA%2FWnNOIOGcY8jhEX3b8%2FmHG%2FW9MfnbNn4CZRnvPdPCMRzIxtt3CFyqkvEyoHuuHhmESJCU9oRPFFm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d22f96177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6929
expires
max-age=A10368000, public
kriaunu-seniune-Akvile-Saltene-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/08/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/08/kriaunu-seniune-Akvile-Saltene-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8dd4466fb9ec44a07be02416ed059d8848a2f29c242d8a80ef534c8855c890

Request headers

:path
/wp-content/uploads/2021/08/kriaunu-seniune-Akvile-Saltene-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 30 Aug 2021 14:50:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00DZZS7571N%2F2CxOFZM57Bf6upLcx2cIQsCJQFctwaR%2Bqh%2FGYTBpa%2BU7deQ1uucwEnNU8lw3gXr2OhihyoHgEx%2B%2FOXcOGQO1ku4TCvAl9Fmwj%2FKVTZiYdl%2F6VZCxhn6%2FqNrJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d22f97177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
36424
expires
max-age=A10368000, public
viber_image_2021-08-05_14-55-03-300-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/08/viber_image_2021-08-05_14-55-03-300-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b538a230fb05e8ebd0f4793edba8e06ffea9fbd37d29280c453285a4254a905f

Request headers

:path
/wp-content/uploads/2021/08/viber_image_2021-08-05_14-55-03-300-180x135.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 09 Aug 2021 07:56:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sjba1uv%2F9PQSWWVSsJcAZyJenb8Hnb2Ue57%2Bv6C8JXO%2Bf051imT1FXf6Wk9IYYRblWg1TxHxfdkhPucyyosNycbx%2BV8MziUzccftM1b0ko3JOxHg54P1kGGRmpxgoxW5hb8P"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d22f99177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6815
expires
max-age=A10368000, public
pubads_impl_2021092101.js
securepubads.g.doubleclick.net/gpt/ 		336 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
9cddc4e1c7049c1e45ebb678a8a47bb3b67dfa86009c877de6a9e6da0cfae474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120556
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 08:37:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 02 Oct 2021 12:41:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		117 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.grokiskis.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
90f97d5674a1b276d53c93139427991e717bbf04870eede80281ee6cbd80d7fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
expires
Sat, 02 Oct 2021 12:41:49 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1692123377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&ul=en-us&de=UTF-8&dt=Populiariausios%20dovanos%20vyrams%20pagal%20j%C5%B3%20laisvalaik%C4%AF%3A%20k%C4%85%20pasirinkti%3F%20-%20Gimtasis%20Roki%C5%A1kis&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=618302631&gjid=1621134145&cid=59639036.1633178509&tid=UA-74776351-1&_gid=536711134.1633178509&_r=1&_slc=1&z=1763446678
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
eilute-su-zum-ir-rokiskio-vvg-1-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/eilute-su-zum-ir-rokiskio-vvg-1-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66818fbdd574f73e73d1eaf6b23ff6338adacedd6167fe31f72f6fae648966ea

Request headers

:path
/wp-content/uploads/2021/09/eilute-su-zum-ir-rokiskio-vvg-1-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 29 Sep 2021 04:25:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVR7h8LXVc2FPUIr6lcYbX1h8ktmpNtAQBKFY7XyOKSiczqzG7%2BBAuUKlVgaWXPkr%2BzdYu2P7V%2B8MjSOvv4beggh%2F6PTRPSuZV87IeX%2BGq77t3le7IKMs2tqqJOEoKkn9%2BcX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d2781f177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22795
expires
max-age=A10368000, public
MOLIUGAI-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/MOLIUGAI-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e146f3f271846198b9e124359c46d8981e1b644326b2e67b80ec120ff0659c5

Request headers

:path
/wp-content/uploads/2021/09/MOLIUGAI-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 24 Sep 2021 04:24:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FO2P%2BEAEnRWVK%2FsGvmvwUp5LIJXhxJmD431vrKbVWiBKOHtGboNf8ypYfSJU1Mj2PqbkCO%2BGDLhZAUARUc%2BPEwXomksiJr7ewv6rX3sjRKGHF2rtqud8dysH0yw8DO0EQ%2FIl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d27820177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9057
expires
max-age=A10368000, public
dssdsds-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/dssdsds-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf6705013803751aeca656a2770b283c8ba14b56047006f1dce94263d86023c

Request headers

:path
/wp-content/uploads/2021/09/dssdsds-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 21 Sep 2021 04:36:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4WODM8e4Fvkhy2Gjai5mfefIpyqIZspjq5PZoSOanKb6QcKiNUtxPygi2Qoriv2jFF7%2FG5cDTOQqDqbd9bnb77jHvfNXu%2FvjQIYVw1fCrz7niZDs2WKc0PBu4LGLlLxiVUL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d27821177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16473
expires
max-age=A10368000, public
MG_3629-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/MG_3629-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae35cb0bf7206cd7044a916e1764ae10fa9957b57b64ee220df5cf571dc6bad

Request headers

:path
/wp-content/uploads/2021/09/MG_3629-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 13 Sep 2021 06:42:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H43eGxHDGBL%2BHOYiYY95WiNIHvRzjRa8h1EIA%2BGBoZxYvuiwfqQDJxhv6BKBVB7UEo7u%2FCZcrN5OX0rePg8LjkLCIGx958yWD7wpTfnEqsB6Pj8vvPi%2BAeJfNnwiBuznjp0p"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d27823177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34842
expires
max-age=A10368000, public
puseles-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/puseles-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
496daa9464e65e81897432d67e47f73ba5438a65afb2471f53ce22ba1d92b05e

Request headers

:path
/wp-content/uploads/2021/09/puseles-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 06 Sep 2021 05:46:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9t8u%2Bsut2%2BPPOOmlKmyLq2fBZVWsAORMIYCZGuR6a87833u69mg8fzWntW9SUz3A5DwTgzfHX62qChVkRs5Rq0cDj2QWjQrhLaBjCcFyGPtoYPpTWMHjnKhQCu%2BWmHZ8FsO%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d27824177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39381
expires
max-age=A10368000, public
AGSKWxVJK36N0sx-jFBsH5xdo3v5jU0mn_WKSX4rXUUdqtyJmR1Xl2OP15AUpYKG6G33YXA0ForZeKT-pB2YQJ9dlT0=
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVJK36N0sx-jFBsH5xdo3v5jU0mn_WKSX4rXUUdqtyJmR1Xl2OP15AUpYKG6G33YXA0ForZeKT-pB2YQJ9dlT0=?pvid=25AF8D7B-ADBA-4494-B11A-F27AE7350463&anonid=B4DCFBD1-DB55-4491-8BF4-08CB9F53C49A
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.4XkxggWOgZc.es5.O/d=1/rs=AJlcJMwOvQYjLyywogU7GHfSFqcavnjWLw/m=loader_js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nOIAmLCbx9pF1vkhwEDqHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-nOIAmLCbx9pF1vkhwEDqHQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-nOIAmLCbx9pF1vkhwEDqHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-nOIAmLCbx9pF1vkhwEDqHQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVa-kIIVKMCIHwt6rM5rbI6_YvI8xRcrxObwt5YYLldMygCzLi9RuatRI6fCzctUXdQURaxHIMc2apcat857EE=
fundingchoicesmessages.google.com/f/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVa-kIIVKMCIHwt6rM5rbI6_YvI8xRcrxObwt5YYLldMygCzLi9RuatRI6fCzctUXdQURaxHIMc2apcat857EE=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzMTc4NTA5LDIyNzAwMDAwMF0sIjI1QUY4RDdCLUFEQkEtNDQ5NC1CMTFBLUYyN0FFNzM1MDQ2MyIsIkI0RENGQkQxLURCNTUtNDQ5MS04QkY0LTA4Q0I5RjUzQzQ5QSIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxmYWxzZV0sImh0dHBzOi8vd3d3Lmdyb2tpc2tpcy5sdC92ZXJzbGFzL3BvcHVsaWFyaWF1c2lvcy1kb3Zhbm9zLXZ5cmFtcy1wYWdhbC1qdS1sYWlzdmFsYWlraS1rYS1wYXNpcmlua3RpIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.4XkxggWOgZc.es5.O/d=1/rs=AJlcJMwOvQYjLyywogU7GHfSFqcavnjWLw/m=loader_js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
dd8d56b47974079bae9bd46456c03983882bef27c1548fbdce14d5827b8fc7c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4LUFd5kQ7s72+H8UBuSZ0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4LUFd5kQ7s72+H8UBuSZ0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-4LUFd5kQ7s72+H8UBuSZ0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4LUFd5kQ7s72+H8UBuSZ0A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/ 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
94cfe0e7f05a53a4381439225e7467af76d1b3e3c7969c04f2fd0756e4b69209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97122
x-xss-protection
0
server
cafe
etag
2748859267989515757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 12:41:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame BCA0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210928/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 01 Oct 2021 23:27:01 GMT
expires
Fri, 15 Oct 2021 23:27:01 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
47688
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sdk.js
connect.facebook.net/lt_LT/ 		267 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/lt_LT/sdk.js?hash=bd111149e9e32e051cfa6b36043768e7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/lt_LT/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
d004db3b4ccbd1be28d42295d1da41acfbe35043f157579214c97a3ed4e2746e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.grokiskis.lt/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
JRPXyfRXIz0JlWxZC3OXFg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77064
x-fb-rlafr
0
x-fb-debug
ag/Eeu4WW2E9WKN9OwQ4wDoGZyilSvdXsmCXKPQpkKXooGxP55zr3qYeBEon3zggAY+B6P+d8TC5PKCKKS++DQ==
x-fb-content-md5
55907d1ada9445d8ec0e054319a27541
x-frame-options
DENY
date
Sat, 02 Oct 2021 12:41:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"9de90ce9a7c9e6337e5f0be9f704407c"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 02 Oct 2022 11:48:45 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1692123377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&ul=en-us&de=UTF-8&dt=Populiariausios%20dovanos%20vyrams%20pagal%20j%C5%B3%20laisvalaik%C4%AF%3A%20k%C4%85%20pasirinkti%3F%20-%20Gimtasis%20Roki%C5%A1kis&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=635979928&gjid=1548243493&cid=59639036.1633178509&tid=UA-74776351-1&_gid=536711134.1633178509&_r=1&gtm=2ou9r0&z=1663049085
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1692123377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&ul=en-us&de=UTF-8&dt=Populiariausios%20dovanos%20vyrams%20pagal%20j%C5%B3%20laisvalaik%C4%AF%3A%20k%C4%85%20pasirinkti%3F%20-%20Gimtasis%20Roki%C5%A1kis&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABBAAAAC~&jid=&gjid=&cid=59639036.1633178509&tid=UA-74776351-1&_gid=536711134.1633178509&gtm=2ou9r0&did=dZTNiMT&z=832810010
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 05:57:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
24236
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Baltymai-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/Baltymai-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d59feeec37062affacfdcb5efbd8662df48c2c6b38361b5c6241b735a86bcb23

Request headers

:path
/wp-content/uploads/2021/09/Baltymai-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 27 Sep 2021 13:39:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qL1AiWoYJ5Vb%2FucdfxaEPPr7jyX8OhCWEVTfiuZze4h4196THDnoMOph2OREoNdcV%2FE72I%2Fboy45bks2aLDY4XckziW66Nj3URdAk5QfGOrXHl37bahEOsuV7kFKeLaD9wmZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d30932177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6713
expires
max-age=A10368000, public
poliklinika-2-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2019/11/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2019/11/poliklinika-2-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65b68799a66f02cb0da6dca10ca277ac2929e5caf4ddd2e24a6e5d1726734c0

Request headers

:path
/wp-content/uploads/2019/11/poliklinika-2-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 14 Nov 2019 12:16:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgK43JvWQxbqpx47En5GsO0hCAfw2phumMr2GSLGZvFFiLf51fg118cGKzXVOHzJ76WF1av6zS3wKcn%2FFf2Bhybl7m7%2BfxGKg4qpJnxd2rSTMDsw6bsP1I2OxloWgJH6zklE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d30934177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24249
expires
max-age=A10368000, public
Ligonin%C4%97_web-681x454-1-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2020/09/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2020/09/Ligonin%C4%97_web-681x454-1-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2645a17ec73ba130f541305cf03b954dc4b12e2de6145128f67445b1a0dd4809

Request headers

:path
/wp-content/uploads/2020/09/Ligonin%C4%97_web-681x454-1-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 07 Sep 2020 08:53:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W70tU3%2FUKyPXd2zJnZ2sxkuXPO9euJ1VyKpsa%2FxEG9RdpN74H5wTWaBddxiW8Buc0zYxcd58BmOraDz3njuXIP2I%2FZRYVMi2EL48i42H1iPlWcOAgO8uUVfes%2FGImUP2LbUf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d30935177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30257
expires
max-age=A10368000, public
sveikatai-uzs-1-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/sveikatai-uzs-1-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9b722be20733f8d8f6c26f21f81042527d88b79252cdb80b5bdf0e6ba66ade1

Request headers

:path
/wp-content/uploads/2021/09/sveikatai-uzs-1-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 20 Sep 2021 03:54:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlMGpmrt%2BsA6CnG5G27qIH5vX2AYPzdfyUeb0WGyJCpGuWo7T2eWfT1KQ5zHOMVzCpcrX7NT5NUCvvochauMHPzTMTlcJ3iq6od2CJhGMBNnb0Z3MU%2F3GSw2KSADB1dB2%2BUz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d30937177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4582
expires
max-age=A10368000, public
skiepai-5bf688519464c-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/skiepai-5bf688519464c-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd99d496a024f3936f204dc73b052d85d5bb656258f586525dd363fca33e1f69

Request headers

:path
/wp-content/uploads/2021/09/skiepai-5bf688519464c-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 16 Sep 2021 11:23:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmEkczjyYkWtTl6i5bHavJbQDfxLf86EXPojLPaYAwwldCN57Y5UMWo1hkw06vk4Xyq%2Fc891U5%2B0vMWKJDCEeWoxTWo70Wij18bPPo74VKJQH%2B08abFNuXikPoWrtwm3CE3X"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d3093a177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5859
expires
max-age=A10368000, public
subtiliaitrrrump-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/07/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/07/subtiliaitrrrump-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
372ac6ffeed2bf8f5bc36aaf8d4baf5265811f125b146fe33ab9dc599f3ea470

Request headers

:path
/wp-content/uploads/2021/07/subtiliaitrrrump-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 09 Jul 2021 15:13:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBrz9ruzoZN%2BQZC%2Fq1nfSpCRhRuPPzsfi%2B4UuRKk1dstTxrbqwRXsUcHSg0D3cGWnO4tfBGLKJiqlVEJVr7RHMpTsRUQZCVw9KGGQTaj5CxMk8URSa8Alys%2BRnzqYjRlDeDy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d379c8177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16418
expires
max-age=A10368000, public
subtiliaikarp-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/06/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/06/subtiliaikarp-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bec14c2e87d5fa2bb1a0ab7fb202eda53045737f9c764a6da8e1b1b6f789b1a

Request headers

:path
/wp-content/uploads/2021/06/subtiliaikarp-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 25 Jun 2021 05:53:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZPCicSrvr9cbB504Z9pDYXU0NpVQ%2Fndp4UOfRGpFyxg748twVH9ka%2Ff9OJ8VFyF2FKhmCH2CAyacdg8mdS8YZwGIjJ0uIpHJhtC0gdAegYcOdXY2X7wZfcpdt91HbUDzN3U"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d379cb177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15336
expires
max-age=A10368000, public
subtiliai11111111-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/06/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/06/subtiliai11111111-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64565ccebb71b1a700c4ebbdab79e2b6e43161ed5c1a5e08b7fd55e8a6ce41a

Request headers

:path
/wp-content/uploads/2021/06/subtiliai11111111-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 10 Jun 2021 07:34:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lYwO8uYe6DKSqSsLWewMwv1nDpTUGyqI1lTQ7y2lYm5i7jv7TIzCVyThGnTNjCDtPfVqTns5AnsSHhkoX3NqNlvSFc%2Fg%2BnwlfdKP4cT2Qz53MS4rd%2F4oesL%2B54s6NJYL2DF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d379ce177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14524
expires
max-age=A10368000, public
subtiliaidom-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/05/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/05/subtiliaidom-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
554f0efec6dee3c0e3b0715bb52087ec7f531bf89a180961f4c7a4d6b2180819

Request headers

:path
/wp-content/uploads/2021/05/subtiliaidom-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 27 May 2021 13:31:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5I0bqGgRAeFodObFgd1wNCb%2Fs3I4XnXaOQ1SPRDlzCqS57jf5z%2FRSzEhukId6vnTB4cmQXGnf9nGKFcWAh7XedY0jfJgJb3Ewkrn23WZTtY1aiteHIB0nQfL4dx5mqJS%2BpQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d379cf177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14356
expires
max-age=A10368000, public
subtiliaipaulius-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/05/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/05/subtiliaipaulius-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ae347b7dc1c7dbc2d96943265f9e22b223e03fddf90bc4b03b9ff26fbb278ce

Request headers

:path
/wp-content/uploads/2021/05/subtiliaipaulius-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 May 2021 08:28:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ua95RWCpHAT7jgD1lMP9j5i9KeHjtW18%2Bj%2BVfKIyrn5ZL6Zii7Sz8POmqk0FCrlRRS2WGReqxK6CBIAcKUMMQkMC0APVqLkROHJxpgzDNepgL7lMgd4xhhzUR4RgQj5s7rap"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d379d0177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14765
expires
max-age=A10368000, public
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600%2C600italic%7COpen+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%7CRoboto+Condensed%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 20:32:05 GMT
x-content-type-options
nosniff
age
230984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47804
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:51:13 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 20:32:05 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600%2C600italic%7COpen+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%7CRoboto+Condensed%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:04:31 GMT
x-content-type-options
nosniff
age
157038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:04:31 GMT
KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic%2C300italic%2C300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
a74103e38e9100725602e7787a2c49fde1be6ed403db86151329352e648300c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:50:02 GMT
x-content-type-options
nosniff
age
244307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12692
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:50:02 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-74776351-1&cid=59639036.1633178509&jid=618302631&gjid=1621134145&_gid=536711134.1633178509&_u=IEBAAEAAAAAAAC~&z=940419064
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 02 Oct 2021 12:41:49 GMT
content-type
text/plain
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-74776351-1&cid=59639036.1633178509&jid=635979928&gjid=1548243493&_gid=536711134.1633178509&_u=aEDAAUABAAAAAC~&z=610916027
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 02 Oct 2021 12:41:49 GMT
content-type
text/plain
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
foteliai-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/foteliai-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad806661f0b8196c3990925a86a255a34c44112c25138bbf519a58b962d5be0d

Request headers

:path
/wp-content/uploads/2021/10/foteliai-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 03:31:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6X4YQnb9g8vWXfY9NAmCSJJIDnNGyW1%2BpCPBeo1mfMdZS1n7TMRmQ%2BRCgC%2Bm9KBsjX94RApcz9PgOAc86gNj1%2BmtjtvJoEyV2Vo7JTzRtlIswoq66mn2FsauynwtfT%2FnVl1c"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d3ca65177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15313
expires
max-age=A10368000, public
lentynos-internetu-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/lentynos-internetu-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
742e335a28425d636567483fb1dc524ccc55e7cf4d0399103894a663e6169697

Request headers

:path
/wp-content/uploads/2021/10/lentynos-internetu-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 03:30:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24VIvZDoYZFVsrof8i8hEfwRp6wcTDr%2FpJRPNa%2BGJuPnDTsRbjc7Fc%2BlpdtpB5K2qwKkZGizZwGjj%2FPHagreL1a2a1ROfvGn4LL6%2B02RKgyEpsojscluvyJE5rg1wMQBtGPX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d3ca6a177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6815
expires
max-age=A10368000, public
What-Does-The-Oil-Filter-Do-1617122629462-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/What-Does-The-Oil-Filter-Do-1617122629462-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd32618a02827b29aa1c6c427d0193e80109c529d7de6af6de92c19a8cf06be

Request headers

:path
/wp-content/uploads/2021/09/What-Does-The-Oil-Filter-Do-1617122629462-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 30 Sep 2021 07:50:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhrYRlOZXMFALjUAPfYRkLkSf0ifSLr7rG02kY1HcDW4PW58rZ9Os9VIKzh3XO0Oultbs4kv4%2BUuH7iZN7tPDUjhXXFMy2HLgcFD7%2FsPGNFbUaDZouuNiFgCY5fimLh%2FuV3h"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d3ca70177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6333
expires
max-age=A10368000, public
PE-zenklas-logo-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/PE-zenklas-logo-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47496f72f870a670162d5593c59f17e440171da04a5a8167beccf1b8eda4a528

Request headers

:path
/wp-content/uploads/2021/09/PE-zenklas-logo-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 29 Sep 2021 06:47:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR4IDtQ4fYQCI9waU5fo7StbYEAtZPWqGlA6ruQ%2FQsP70ty8PQQ2To0NvqRzdFN0NRsnmyurCQTHDB7ECFCRMy8flMUb5aTqOUxYKKHaCPF2gZNKK0Z0xMRKtnOCOQ7gcjeN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d3ca73177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16869
expires
max-age=A10368000, public
purslaifoto02-180x135.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/purslaifoto02-180x135.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b48a905f0b3dec6d7849cc7dfa4bb7bdcd0f746d367a1c6a86e6fec4d59ba4

Request headers

:path
/wp-content/uploads/2021/09/purslaifoto02-180x135.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 12:35:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GubQ6wCKPssz9NXLDsR9ZeLrlXUF5TPq%2Fl%2FJQohaiifUpCK2kRe%2BfjtCWgpgjgTIvCBPIwS9vEEPSirwEUT7JL5rMG45bnQdN9ZuuepOsqRs63BlMu1Z6sa3dirQiEc9DHx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d3ca77177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7436
expires
max-age=A10368000, public
uzs-681x454.jpg
www.grokiskis.lt/wp-content/uploads/2021/08/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/08/uzs-681x454.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba65cb5bed8a2e4e62db02ecb55e9c941a2d2b167356e968cd6c4d7b947d6bb

Request headers

:path
/wp-content/uploads/2021/08/uzs-681x454.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211]]; _gat_gtag_UA_74776351_1=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
MISS
last-modified
Mon, 16 Aug 2021 07:52:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qo7204oHTSnGY7XedKLpTzETOonrXhDL70cehVUnheKIP8L5QzCNV66rA8pQsh%2B%2FG13wpEKOVstbrzbFt2FoUSGRGjjVxqYioADarMOV7yb53C%2BG2FmIM%2BYpz%2BjjrEaM%2FBzG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d3ca7b177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22278
expires
max-age=A10368000, public
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.grokiskis.lt%2F&domain=www.grokiskis.lt&cw=1&lsw=1
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.grokiskis.lt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.grokiskis.lt
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1385
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
vary
Accept-Encoding
AGSKWxVJK36N0sx-jFBsH5xdo3v5jU0mn_WKSX4rXUUdqtyJmR1Xl2OP15AUpYKG6G33YXA0ForZeKT-pB2YQJ9dlT0=
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVJK36N0sx-jFBsH5xdo3v5jU0mn_WKSX4rXUUdqtyJmR1Xl2OP15AUpYKG6G33YXA0ForZeKT-pB2YQJ9dlT0=?pvid=25AF8D7B-ADBA-4494-B11A-F27AE7350463&anonid=B4DCFBD1-DB55-4491-8BF4-08CB9F53C49A
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.4XkxggWOgZc.es5.O/d=1/rs=AJlcJMwOvQYjLyywogU7GHfSFqcavnjWLw/m=loader_js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8Rw9bYsyPwkkDsu1SsKH4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8Rw9bYsyPwkkDsu1SsKH4w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-8Rw9bYsyPwkkDsu1SsKH4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8Rw9bYsyPwkkDsu1SsKH4w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/ 		483 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
100869
x-amz-request-id
tx4156f9f298ad4ef289067-006156c982
x-amz-id-2
tx4156f9f298ad4ef289067-006156c982
last-modified
Fri, 01 Oct 2021 08:34:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1633077261838806
cf-ray
697e01d44e2818e5-FRA
expires
Sat, 02 Oct 2021 13:11:49 GMT
json
gum.criteo.com/sid/ 		350 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.grokiskis.lt%2F&domain=www.grokiskis.lt&cw=1&lsw=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
eed5bdb5b6ef894a5c3560be7719e78098aa08b06a015d06725bd73e140c4bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 02 Oct 2021 12:41:49 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2365
expires
0
481.json
id5-sync.com/g/v2/ 		213 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.49 , France, ASN16276 (OVH, FR),
Reverse DNS
p04.id5-sync.com
Software
/
Resource Hash
a8346a2e1f5e9152c6d1a96fc3fdbe8d2dd1a603677a75d12090ad32adaf88c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.grokiskis.lt
Date
Sat, 02 Oct 2021 12:41:48 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
147246189
fundingchoicesmessages.google.com/i/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/147246189?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
f065d32d7b0b81c0dd9888f80fd04fd8cce90254a7086286c77a4a8edcf4b3df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1gqtEoYJvHTEuDfIgzmjPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-1gqtEoYJvHTEuDfIgzmjPA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-1gqtEoYJvHTEuDfIgzmjPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-1gqtEoYJvHTEuDfIgzmjPA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
date
Sat, 02 Oct 2021 12:41:49 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-74776351-1&cid=59639036.1633178509&jid=618302631&_u=IEBAAEAAAAAAAC~&z=1624017264
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-74776351-1&cid=59639036.1633178509&jid=635979928&_u=aEDAAUABAAAAAC~&z=1027631754
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUQz-JEnxNvYLKMg9fFCWjlvsNDYeR-Ubcy9bNL9K-5Yzr7UrZkrFtTt0rWHUgIQg3EVev8Vs6zVDk1tuNBL8rklREtFdpQfkgktM_W9RKhD-sB8M1RD5_D3Q3AYh9Rh9Igjpu6yG4fk2Zm9B0hyS22j5jNGmmOVhZ_16kCgfuThvbl4XClWdL7sg0d
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUQz-JEnxNvYLKMg9fFCWjlvsNDYeR-Ubcy9bNL9K-5Yzr7UrZkrFtTt0rWHUgIQg3EVev8Vs6zVDk1tuNBL8rklREtFdpQfkgktM_W9RKhD-sB8M1RD5_D3Q3AYh9Rh9Igjpu6yG4fk2Zm9B0hyS22j5jNGmmOVhZ_16kCgfuThvbl4XClWdL7sg0d?dmid=8224701033fdbdeb
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.de.LY2vfBBdcSg.es5.O/d=1/rs=AJlcJMzlBz2u4QuXX5711fcAri9Gl-DpHw/m=iabtcfv2signalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g9USF8EjFLN5e+5yMXwWXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-g9USF8EjFLN5e+5yMXwWXg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-g9USF8EjFLN5e+5yMXwWXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-g9USF8EjFLN5e+5yMXwWXg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWQO4Eag7ksQHVbQeuFPg2WhHf3qHhm4XFmbfKv_ChbUFdTpfCiNjDoHRlLP08w6lT2T3jk88QzCzBhTkHr4svSTX-LcfMC-pKQijxaK78wxSEx2IjtCiQiP6eC6LD5gy9k6235cPfVIFA1YPgRXH2kRl0-U54NfbX36ZXkVSpV9VlmXICLZsuzvhdF
fundingchoicesmessages.google.com/f/ 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWQO4Eag7ksQHVbQeuFPg2WhHf3qHhm4XFmbfKv_ChbUFdTpfCiNjDoHRlLP08w6lT2T3jk88QzCzBhTkHr4svSTX-LcfMC-pKQijxaK78wxSEx2IjtCiQiP6eC6LD5gy9k6235cPfVIFA1YPgRXH2kRl0-U54NfbX36ZXkVSpV9VlmXICLZsuzvhdF?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzMTc4NTA5LDUxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsbnVsbCwwXSwiaHR0cHM6Ly93d3cuZ3Jva2lza2lzLmx0L3ZlcnNsYXMvcG9wdWxpYXJpYXVzaW9zLWRvdmFub3MtdnlyYW1zLXBhZ2FsLWp1LWxhaXN2YWxhaWtpLWthLXBhc2lyaW5rdGkiXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.de.LY2vfBBdcSg.es5.O/d=1/rs=AJlcJMzlBz2u4QuXX5711fcAri9Gl-DpHw/m=iabtcfv2signalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
11e4ed1d1f60d33b428991a033612e8437d8d13e02e8210a2d38b93204a153fe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-42vtnl0ufmAUv09/Tic0qA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-42vtnl0ufmAUv09/Tic0qA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-42vtnl0ufmAUv09/Tic0qA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-42vtnl0ufmAUv09/Tic0qA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
fa-regular-400.woff2
www.grokiskis.lt/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-regular-400.woff2
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/wp-content/cache/wpfc-minified/2cas7z3x/s6kj.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

sec-fetch-mode
cors
origin
https://www.grokiskis.lt
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]
:path
/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-regular-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/2cas7z3x/s6kj.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/2cas7z3x/s6kj.css
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 10:33:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXDvtAILTTa3HMJlUk0g%2FdG2XS6Zh%2F1XxnsQgylj%2F3out3Dn%2BOhDHiB1MMkvhgiF9v1qEkWkrxOcD26DKvsmDtwOnxR7%2FaBrDvc0PsH1V5EQxhXOZb7jDk1o0B8OMDy8zx25"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d4abfa177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13584
expires
max-age=A10368000, public
fa-solid-900.woff2
www.grokiskis.lt/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-solid-900.woff2
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/wp-content/cache/wpfc-minified/2cas7z3x/s6kj.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

sec-fetch-mode
cors
origin
https://www.grokiskis.lt
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]
:path
/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-solid-900.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/2cas7z3x/s6kj.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.grokiskis.lt/wp-content/cache/wpfc-minified/2cas7z3x/s6kj.css
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 10:33:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xz6DoxiCrMGpipadeb83HsZDKL2prFa7%2F6aRApO09OWvcrka61h0vC3rYZD6J5YB21JWJ1ldpH1eJ32SbmS8kTvnqpQ4hdho11Fb9laJ91WhklkIZE4%2Fjxnrjo7ORRLrUP17"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d4abfd177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
79444
expires
max-age=A10368000, public
cookie.js
partner.googleadservices.com/gampad/ 		202 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.grokiskis.lt&callback=_gfp_s_&client=ca-pub-4966801959205189
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d34592887ed8049b3ff66cfec4e26de808bd92d6a7cc3e6f19458726aea84bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.grokiskis.lt
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DC80 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4966801959205189&output=html&adk=1812271804&adf=3025194257&lmt=1633174682&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633178509241&bpp=3&bdt=814&idt=294&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6662075095076&frm=20&pv=2&ga_vid=59639036.1633178509&ga_sid=1633178510&ga_hid=1692123377&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062945&oid=2&pvsid=4006835641361368&pem=805&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?gdpr=0&client=ca-pub-4966801959205189&output=html&adk=1812271804&adf=3025194257&lmt=1633174682&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633178509241&bpp=3&bdt=814&idt=294&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6662075095076&frm=20&pv=2&ga_vid=59639036.1633178509&ga_sid=1633178510&ga_hid=1692123377&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062945&oid=2&pvsid=4006835641361368&pem=805&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=336
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 02 Oct 2021 12:41:49 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 12:56:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 12:41:49 GMT
cache-control
private
cookie_sync
prebid-stag.setupad.net/ 		42 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaViKxmiKZhp%2B4oqFOkCQQXZr3OUPoD2smDj5Zks%2Fh0GKmU%2BUHroLLeqMRQOiECDpEcd3Sp6mGT0L4KwtosPQqHL5tfF1WnHlOcacccdZSt4oHRofrkbH8GytU%2Bh2OnTcyi7707HuoA9"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
697e01d55cb5f9ce-PRG
content-length
42
expires
0
auction
prebid-stag.setupad.net/openrtb2/ 		112 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df8b754f183c4dc64a23436b21f6a4e363ac95dcd497aa6913e0aec3ee55e12

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqHRCfb2u3qrXiB%2FSNXjHczMFo6gd2090U9tgYRxDR3Jv7IlB44swQVdf%2Fe9ybb9ELafRiZwnA1X86jZhUrdVgIA0bmeerz1zQZTqHY0gJIxL4LAARfMNEozfHj97o4EczNBjcJ4ZxkT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
697e01d55cb7f9ce-PRG
expires
0
/
adx.adform.net/adx/ 		10 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwNTAzMzgmdHJhbnNhY3Rpb25JZD1iNWNjMTBmNC05ZWMyLTQ5YzItODdiNC02MDMxMzA0MDFhZDU%3D&bWlkPTEwNTAzMzkmdHJhbnNhY3Rpb25JZD1mNGI0ZTcwMC1hN2Y5LTRkZTUtODM3OS03MzkyYzU4ZWU1YzA%3D&pt=gross&stid=3b2ed724-bc8c-49ac-b7a8-c4438341c55e&gdpr=0&gdpr_consent=undefined&fd=1&eids=eyJpZDUtc3luYy5jb20iOnsiMCI6WzFdfSwicHViY2lkLm9yZyI6eyI4MGNiNTVkYi00MTQ5LTQ2MDEtOTVlNS03NGYyZGQ4YWU1ZmIiOlsxXX19
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
10
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grokiskis.lt
date
Sat, 02 Oct 2021 12:41:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cygnus
htlb.casalemedia.com/ 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=677515&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22137c7f8dfefddde%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22486%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221408a89b77fbf26%22%2C%22ext%22%3A%7B%22siteID%22%3A%22677515%22%2C%22sid%22%3A%22grokiskis.lt_300x600_sidebar_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221545339063c979%22%2C%22ext%22%3A%7B%22siteID%22%3A%22677515%22%2C%22sid%22%3A%22grokiskis.lt_300x600_sidebar_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22166aa7284e780b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22677515%22%2C%22sid%22%3A%22grokiskis.lt_300x600_sidebar_2%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22177ecd8ca2b246b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22677515%22%2C%22sid%22%3A%22grokiskis.lt_300x600_sidebar_2%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
780a7c8a6535a28a8c37900625c05b2c1e5be0b8b35bc417d27b1fbc5b101c38

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.132], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grokiskis.lt
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 02 Oct 2021 12:41:49 GMT
/
adx.adform.net/adx/ 		5 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwNTQzMzEmdHJhbnNhY3Rpb25JZD1iNWNjMTBmNC05ZWMyLTQ5YzItODdiNC02MDMxMzA0MDFhZDU%3D&pt=gross&stid=3b2ed724-bc8c-49ac-b7a8-c4438341c55e&gdpr=0&gdpr_consent=undefined&fd=1&url=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&eids=eyJpZDUtc3luYy5jb20iOnsiMCI6WzFdfSwicHViY2lkLm9yZyI6eyI4MGNiNTVkYi00MTQ5LTQ2MDEtOTVlNS03NGYyZGQ4YWU1ZmIiOlsxXX19
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=6735613173
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grokiskis.lt
date
Sat, 02 Oct 2021 12:41:48 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
918fe0d8e006ba68228038e73c1afba11d63a9cfaa91e1ac027214a882d67086
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:49 GMT
X-Proxy-Origin
216.131.114.132; 216.131.114.132; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e921bad9-6c71-4d83-b7a5-be199198f4ea
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.grokiskis.lt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		864 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
64bf902b06a5cf69c37f0026efe2f33e3ac644d8237cff3acd7a4e18ee167add

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:48 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b17%3b106
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		863 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
be5d0c88c043e11e4d0346defe44d44423d7dfc791f2151420968327411c7adb

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b19%3b84
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
Untitled-v-681x454.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/Untitled-v-681x454.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1883d6ead1d5a94750c0f28d962ca6d8794a8a45158e4fa9c34dd74a397a37b6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2021/10/Untitled-v-681x454.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
cf_use_ob=0; path=/; expires=Sat, 02-Oct-21 12:42:19 GMT
cf-ray
697e01d54d0f177a-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
243689063_1766862813508234_6451485876487999405_n-681x511.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/243689063_1766862813508234_6451485876487999405_n-681x511.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b85884b0f1e28f6553f3e223066df3af307ffc7ec51007635e84064bf273aad
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2021/10/243689063_1766862813508234_6451485876487999405_n-681x511.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
cf_use_ob=0; path=/; expires=Sat, 02-Oct-21 12:42:19 GMT
cf-ray
697e01d54d13177a-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
2021-10-02-nr-77-sestadienis-mazintas-page-001-483x681.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/2021-10-02-nr-77-sestadienis-mazintas-page-001-483x681.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48aa32edeb26220ed2f2b362345c54ed30f1853eab4592f74b1792e70d69fce1

Request headers

:path
/wp-content/uploads/2021/10/2021-10-02-nr-77-sestadienis-mazintas-page-001-483x681.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 14:51:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6n3zJ90t24T%2FNnYN5RKm1yKMJ4A8I23LdKy%2BJKRA79yK6H0ovy9e0XMtf%2BecCw473Dp0CUWC3n%2FV4iui9GHwWKe%2F0BIzUy%2Fo81pdD9xOh851Lz5EUbLlnTZJ706Nrs49XilV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d18177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
82373
expires
max-age=A10368000, public
vilkas-Custom.jpg
www.grokiskis.lt/wp-content/uploads/2021/04/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/04/vilkas-Custom.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
432bb2ae2a45d83aa8aab7a551a42cf266061f86a1a416696027f13ae4fd05fa

Request headers

:path
/wp-content/uploads/2021/04/vilkas-Custom.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 29 Apr 2021 13:09:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWLJ5TymYBb0gfTyHyJFGL%2BeEEeiDr8AOKoUM2oM%2FBsweVHPWtjRTh%2Fqz6T%2BXuJmvP3YPxjxSQhjIKN7SeW44eoYvhvEXiZ9bnw0FqfUVGD0TDjCYN63LncL0%2F7NHJ4mQu8V"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d1b177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49335
expires
max-age=A10368000, public
gudgaliene-300x350-1-681x261.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/gudgaliene-300x350-1-681x261.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f247618c9b0011652cfdc3e7e360646c5693c8ef9ea3452f9226fa4bd97f0cf

Request headers

:path
/wp-content/uploads/2021/10/gudgaliene-300x350-1-681x261.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 14:11:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfHvRWJw9gxezQ6WN2aQ0NaIQYoIEcq5M%2B3BRmZZ0Y2CPmnH%2FOIR7j7jBGA%2B5ZA%2Bj57yVcJ2LRV%2BbDbvVzuwRUdvIfZTH2U4rEwGJZblODk%2FxT1xjSgvnSuVj5CMlDZ2D9vX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d1e177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54701
expires
max-age=A10368000, public
242652573_3133509350219593_1303979890549667067_n-681x511.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/242652573_3133509350219593_1303979890549667067_n-681x511.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e734c3bb4b067bebafc986038da41e1a398971f634fb1abc8380980a9c42a13a

Request headers

:path
/wp-content/uploads/2021/09/242652573_3133509350219593_1303979890549667067_n-681x511.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 29 Sep 2021 03:32:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJya7Aev%2FSb3%2BQMRVRWJsf0oEHtlhHkfkkQKYm%2BWjgYt%2FD9YM%2F0EuoUyf5oQBChmTKE%2FNL7%2FMZXCtbN6Q1%2Faw02q0X3tEUWi5%2FO4RpJUOXQOuSvFqqO%2F6gX7gVd8B%2B6Gn2uY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d20177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
56980
expires
max-age=A10368000, public
242702121_3059565150987222_3051357940843046318_n-681x417.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/242702121_3059565150987222_3051357940843046318_n-681x417.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea6e05826ec32c3a615a2b530f9544b15c0992dfdce055c42e34dfdc2876bc8

Request headers

:path
/wp-content/uploads/2021/09/242702121_3059565150987222_3051357940843046318_n-681x417.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 06:15:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ro93Hk5qLrOyWSagSp3pFIEX8ajPM9YRRdRR7mCHXSWzm9WHGr2zBQlvDVSL6Cri4mVZOdRLirQqEw%2FK2TT0gTcVSOYRrk%2BBF8D6mSvqlobFQwG%2FgrbX8kFENvLbFr6HJ9M%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d23177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59386
expires
max-age=A10368000, public
cegeslskiene-nauja-681x406.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/cegeslskiene-nauja-681x406.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd7a75d456fd8a3177c45486414cf5041a6901ebc56021e0c866e722fe65a8f

Request headers

:path
/wp-content/uploads/2021/09/cegeslskiene-nauja-681x406.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 14 Sep 2021 07:05:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsRdX9B8xlCNgAWEozIMXiHU8PNbF13MdUYW08NAhQP%2FnZg%2B84GcklFMFBWkuSqxxCfIbdSG0k8pWLdyDs8000E%2BDAwS0UUzlUO4wDcB9ts4maU02F1kynK%2BdbPOy%2Fvy0R1k"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d24177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59028
expires
max-age=A10368000, public
image0-1-e1627976383500-681x454-1.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/image0-1-e1627976383500-681x454-1.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d28789bcc260a66ab6fb721d5ae5acebbab52f41eec01e6b18784cf479a8774
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2021/09/image0-1-e1627976383500-681x454-1.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
cf_use_ob=0; path=/; expires=Sat, 02-Oct-21 12:42:19 GMT
cf-ray
697e01d54d26177a-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
image_6483441-681x455.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/image_6483441-681x455.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e0ce5296bf59b136dafbb48f74aad84ed968cc3c89153ac715318757c609fcd

Request headers

:path
/wp-content/uploads/2021/09/image_6483441-681x455.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 12:22:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1X4QiW9PLjMdiwxsYpOJvKRyd3ZHTmnIj9yOEFX2emYwVuWjRFvfEjEQL0H57ZBLuoe96n8mZ17O9UGIrhy83wD8F5er2Xp5SHON9uPmfTi%2FpfrLKlRyl8Vl2CSqS2GwGaQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d28177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73255
expires
max-age=A10368000, public
20210925_170640-681x511.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/20210925_170640-681x511.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e691e8f0165da611ca039205a7aee6677cb893a82e22f981d56474020855053

Request headers

:path
/wp-content/uploads/2021/09/20210925_170640-681x511.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 05:29:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HsUiOFZtLIqANPn%2FcihHgL%2FSFlKzOTXrb6Flnb3B0uDhRFzwrEhqkWlqndgVSUrtpTQO%2FoJyCrypQtJd5LVUTcc55S1VMXzgg2HK5T%2B3hSaEPqXfu48qCNs55dxf86MWF0y"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d2b177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74276
expires
max-age=A10368000, public
242687210_188632830044029_666981074261921288_n-e1632727311369-681x535.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/242687210_188632830044029_666981074261921288_n-e1632727311369-681x535.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68bfbd9557fa7b16edbebfa2c46dc82a8a35625ded91f882f5b6ac30466d5c67

Request headers

:path
/wp-content/uploads/2021/09/242687210_188632830044029_666981074261921288_n-e1632727311369-681x535.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 27 Sep 2021 07:21:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=542Ho5YERaVQuba%2BlYjDtIDhoyigJoPQKslarEotUX0iTc9h%2FH1NjXEflu%2BzTV29jBDbcsImln5mqVxsXMb5cjmY7aQhuMEzURVlpxVXibTzuqPMTIMifhjwX7%2B9rYdg1O1p"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d2c177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44752
expires
max-age=A10368000, public
martyniskenai-681x511.jpg
www.grokiskis.lt/wp-content/uploads/2021/08/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/08/martyniskenai-681x511.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9db9941c3262a26370f65d1af3f9ba960ca8c11751eee5933fc0947fae3b4ff

Request headers

:path
/wp-content/uploads/2021/08/martyniskenai-681x511.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 11 Aug 2021 10:57:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8yb4PsWQ6zQTjEyXHd%2FVk5wJB7S9dtQ65EJZanRBM63NO9DJHO3Iuexwh4ANtE2%2FnQ%2BSe1T3kE1Y3uwivChTVpl6I0S%2BZUPMJ5yfGC%2F34DQR4%2BdBmQBKWE4le8DLkI17B7l"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d2d177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
98301
expires
max-age=A10368000, public
greta-zoline-skemuose.jpg
www.grokiskis.lt/wp-content/uploads/2021/08/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/08/greta-zoline-skemuose.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655a58b7c0d247255d5668aeb42387bf54640fad5b6b2ae6fee0357f9997af2a

Request headers

:path
/wp-content/uploads/2021/08/greta-zoline-skemuose.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 11 Aug 2021 10:46:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBCWPXNFkRi9dai5RWwF4qSC6IUIyeuLxcECkNNxnJk184Vtez4ixhDTYtJEOb08nsMGHzy7kWZpr6xwLr2ucrAVIA4CNUT%2FBMsc9tO2iMF%2B%2Fb1D%2BIW34h%2Bn%2FxPTC8nqQ1%2Bn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d2e177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
108106
expires
max-age=A10368000, public
20626787_1895131194147076_5284568225593805966_o-681x504.jpg
www.grokiskis.lt/wp-content/uploads/2021/08/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/08/20626787_1895131194147076_5284568225593805966_o-681x504.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce9ea6c38e8e6aff4ad099f2bf9c801ffae7699cc858cbe126517b43665c4195

Request headers

:path
/wp-content/uploads/2021/08/20626787_1895131194147076_5284568225593805966_o-681x504.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 03 Aug 2021 12:19:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=307mzczOFdHWkQt0LuMGkGPCvA3bGihvZJm3TF8fwL%2B0t9Xp%2B6tFr%2FtudjaEF9nUc90jSZLNkYzAgPwa%2FNI2d%2FV95N019pEX%2FUan%2FhSbKIhz2%2BbVF%2Fjm5Wj75bdpyjaUE5U%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d2f177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58064
expires
max-age=A10368000, public
13-681x454.jpg
www.grokiskis.lt/wp-content/uploads/2021/08/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/08/13-681x454.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
187c87df2a8792385f1ac2c2ddd3c2c9023e5d9e94faa82fed5756a3257d4e98

Request headers

:path
/wp-content/uploads/2021/08/13-681x454.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 03 Aug 2021 05:15:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXKefLCBOfxpe6tv2LgH0gqZQweS2v7jQYKJWyNOp6dOWs6Dqur7H96pwoiBSsGhAWCFyqWjxHOEhvJvsyFaFIVE9va%2BEf00F6RbNvhDOVE8D2ZobO7MtFNX%2FZBJTZJm8VwK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d54d33177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
87906
expires
max-age=A10368000, public
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v26/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600%2C600italic%7COpen+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%7CRoboto+Condensed%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
cf34c41118af0e84df8a1d8536a15825937068ffc4290c4a2087c0b848caa36f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 20:22:10 GMT
x-content-type-options
nosniff
age
231579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31404
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 20:22:10 GMT
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7ddf617c63da9bd588428601e0f8ad67395a39a44c1f014577ac0f2bbb5f9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
97098
access-control-max-age
3000
x-amz-request-id
txefd259da0f654ceb965e6-006156cc7f
x-amz-id-2
txefd259da0f654ceb965e6-006156cc7f
last-modified
Fri, 01 Oct 2021 08:34:20 GMT
server
cloudflare
etag
W/"5300a3b1be09eec23740c383b46565be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1633077260231162
cf-ray
697e01d57b5e4e5c-FRA
access-control-allow-headers
Authorization
expires
Sat, 02 Oct 2021 13:11:49 GMT
foteliai-681x370.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/foteliai-681x370.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab76bdae22de0e7b48f53ef986b987bece2970e38e5540a4865907909af00f6

Request headers

:path
/wp-content/uploads/2021/10/foteliai-681x370.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 03:31:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3Iax61iQLiURpQMoop8mciC3sdD4%2FtcqfHvrm231WQJFtpRoxbd1cBS1SEXKUinYFaLdECF%2BBdP18ErWMMJG10Q7txeAx6TxpsQTVfTFxqiqg%2FnE5rlkELfRzzP%2B2%2BG62sw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d56d4b177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39991
expires
max-age=A10368000, public
lentynos-internetu-681x370.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/lentynos-internetu-681x370.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d6ba53a88a88478bb05786eddac9110755cf8e8d8eaa2c0a83e9dd1c3ccac2c

Request headers

:path
/wp-content/uploads/2021/10/lentynos-internetu-681x370.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 01 Oct 2021 03:30:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUVnGeM0H8LjHORQZV6FWexq%2FJmNi4%2FLwrdo0ZvmLysmNYbN8SXND0Rt5AM0I%2FLO8Z16AX6O%2FsrF3C1BCYLQs5it%2FjtlZq4E5Pe9ySDlqp80J7lZ4YX8470rZkcFTCAGoNyx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d56d51177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51179
expires
max-age=A10368000, public
What-Does-The-Oil-Filter-Do-1617122629462-681x332.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/What-Does-The-Oil-Filter-Do-1617122629462-681x332.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7cd58b23f25b4a857b01f04c962f4ba4b3d68f9b62dd16bbeb042f38d16db48

Request headers

:path
/wp-content/uploads/2021/09/What-Does-The-Oil-Filter-Do-1617122629462-681x332.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 30 Sep 2021 07:50:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6H8Wk%2B8wVDUmoZcR77nYS9HrJwGOZZTDJ30n8E%2F%2FZxHiPimTRusPYmny5t49j7Nk0%2F6CLsvWbiPoEpp8fCnac7mkBQTMcjB4rHZWKYdCfDjJMIRzDArMkipPWp56Zo1OIrk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d57177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39719
expires
max-age=A10368000, public
PE-zenklas-logo-681x390.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/PE-zenklas-logo-681x390.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad7430e4a1a9b59a8862f11ec312f980335052776bb27387ed7cf1ad53be39b

Request headers

:path
/wp-content/uploads/2021/09/PE-zenklas-logo-681x390.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 29 Sep 2021 06:47:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FuGt9b5GHKn9zUfGusu9Z5kUpX0clJiZu8nmp735Hze5DjxgGakRpbI5h5b5ql2CvFZf14BYL%2FP1UsrvLfBjSWgOH6xqCPAmlnbOGeNgcBd7ax4Q867JE%2BvOj6Or6ELACz3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d58177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31972
expires
max-age=A10368000, public
IMG_9514-681x454.jpg
www.grokiskis.lt/wp-content/uploads/2020/06/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2020/06/IMG_9514-681x454.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
476eca3b24f635baf6664a6ef7a2748694ac5b33b553ae7e259ead3e07859ad8

Request headers

:path
/wp-content/uploads/2020/06/IMG_9514-681x454.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 12 Jun 2020 07:35:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FYASwLS93L52rNANcezli%2FJOsIIqKz5DgUrrse26YoKJf7q90zKO6aJNmS3MGZ0tRWtGj93XpAQz4vPBtHCNRCueg9ZSHr2J14XcZHcYry6oaRSDjtroZhmJ1yg2xTXn5Ro"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d60177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
37014
expires
max-age=A10368000, public
DSC_9110-681x454.jpg
www.grokiskis.lt/wp-content/uploads/2020/12/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2020/12/DSC_9110-681x454.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d5e1186d325c697cea58cabe9a08a31528ce6a73a337f7a70a16db5dde7bef

Request headers

:path
/wp-content/uploads/2020/12/DSC_9110-681x454.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 04 Dec 2020 09:50:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFjm7Eeo%2FWUORHiaVfpKpvDz6d0hzmrX9%2BPZWRdfj5I%2BoDHa%2BAczFSWPda2m7C3AdPgg2XnKjitC%2BE7Bq0M7Y%2FkzD5rc073X4cZtIYL9nPDRZL4toQw%2F7EP75elp6IN9LTTp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d61177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
130154
expires
max-age=A10368000, public
policijos-ekspertu-automobilis-5b6c29d30ee14-681x449.jpg
www.grokiskis.lt/wp-content/uploads/2020/10/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2020/10/policijos-ekspertu-automobilis-5b6c29d30ee14-681x449.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3b605752a246fbfc52fff6d98ca04eec2c1d0cdbd46c54c244733b301b6ac8

Request headers

:path
/wp-content/uploads/2020/10/policijos-ekspertu-automobilis-5b6c29d30ee14-681x449.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 02 Oct 2020 05:52:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJLPe4pXvMbm24t26DfuC1Y9YE8NEsO3QWArHmREk6IDI0c17th9wdKFcR0GMgb3%2Fa5FNGfawxjmaIg1D4LlFac9LDfp9fQ67jWvbOla8t2Ygzwa9zGXg73p6oxIyNnHwk17"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d63177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
36134
expires
max-age=A10368000, public
aaa-681x439.jpg
www.grokiskis.lt/wp-content/uploads/2021/10/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/10/aaa-681x439.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a8ca772d8b6a161ab3b21a361110e22bfbd86b168d180977a555391f753f4d

Request headers

:path
/wp-content/uploads/2021/10/aaa-681x439.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 02 Oct 2021 04:38:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oX3uoLIAmfQjvxB%2FjD80%2FxxucmsgO2xsz%2BfD7qV4CcPar7PChEHTayxPr4bqQlJgOd9sA1yWk6ocTcwEjsA7vRRlzrgMVD6a7E3PEOviN5TR2EKoX9KRpQhma4FEPDb1XD5l"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d64177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
95523
expires
max-age=A10368000, public
viber_image_2021-09-25_08-01-02-777-e1632546607560-681x412.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/viber_image_2021-09-25_08-01-02-777-e1632546607560-681x412.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f9f4009092d95137c7056d0e37530f54f780967dbb0cc6145d33b6885640b22

Request headers

:path
/wp-content/uploads/2021/09/viber_image_2021-09-25_08-01-02-777-e1632546607560-681x412.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 25 Sep 2021 05:10:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3c35bWTik%2FFe2FbCSwYod5u4wIYx8d86ZuVcquKZqxrZeb1cmOV3KlnqVcIfRvSyumcR7cy0eR7VEa49mAUAMe%2BkuGBMnVz2a%2BLjsZUstiudq0M7y68tkJKzRbY5CMMljC%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d66177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
36138
expires
max-age=A10368000, public
DVY_9573-681x454.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/DVY_9573-681x454.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af397f326eb4c9052dc17e54762cc0d1669ea67ceac7222f3a02e5de555e1536

Request headers

:path
/wp-content/uploads/2021/09/DVY_9573-681x454.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 18 Sep 2021 19:59:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1TP2g20gOEBasS4sMmxM3fiR1im6lF7iRQGDij2TAd7QTWka0S7%2FaFdYJrlEeU24pn6M9IJCNcQPIP8%2BYd8z9WofyncJshglqaivonM%2FWcP5oAR5NZB0c4OcK%2BBGa1LiSit"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d68177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52299
expires
max-age=A10368000, public
DVY_9027-681x454.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/DVY_9027-681x454.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9c68ffb2f72b4ebd74bc3bbbeedaaf4cfd8a9acb1a330d9f6cedc3a64bbabd

Request headers

:path
/wp-content/uploads/2021/09/DVY_9027-681x454.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 17 Sep 2021 12:00:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76Rw5h599fIXf5UDJISUk7akwQ%2Bra7YGhdkl56O8W6vO6rcHVBtXi%2F1mr7iDcCQwXBdlOmdHdS6MB7mlZ1eAWwjhYESdi3fTSm00%2BJGH%2F49Sq49ZlRG3uBK9ZDVxNWcvYbku"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d6b177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
104794
expires
max-age=A10368000, public
Baltymai-681x454.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/Baltymai-681x454.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f4967b92670635fc7e4b9d57f938ad6b5ae4f8b8cf27ef1ec6e88ac7641eb5e

Request headers

:path
/wp-content/uploads/2021/09/Baltymai-681x454.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 27 Sep 2021 13:39:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ry08bX07alRpTZjBg0EPCA3qWtycXfGCasJWZcfQEUVfjvMHAXVoxL7JWyiSegJ%2BaD5pC5M912ctpTPCXsri0Gp5TW9fvO8z3dMh5cndFWlyrUC4MrW3IA4uOgGFxWrqM0uf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d6d177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52476
expires
max-age=A10368000, public
poliklinika-2-681x429.jpg
www.grokiskis.lt/wp-content/uploads/2019/11/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2019/11/poliklinika-2-681x429.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4dc0b43a043e48cbbd47551b3ea57a8169851d9503b3ce9f15fd7b7c4b692d8

Request headers

:path
/wp-content/uploads/2019/11/poliklinika-2-681x429.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 14 Nov 2019 12:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEXyb%2BNxSzBdVjL1WhpJU1QRJPwot7ejLKsYMV6jFmNZIEghUzBVMZ4ziHvld8JNjZBm0VWznkaN%2BXfHWOjqQ5fKqs3l17HDqxsAoZqDop5fkpC9yBW1KHbjwykz5kBF5PCo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d6e177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
82586
expires
max-age=A10368000, public
Ligonin%C4%97_web-681x454-1.jpg
www.grokiskis.lt/wp-content/uploads/2020/09/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2020/09/Ligonin%C4%97_web-681x454-1.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a076373353cb3020df988f2a782b575bed07ac0650e443de90f3092b0dc2f722

Request headers

:path
/wp-content/uploads/2020/09/Ligonin%C4%97_web-681x454-1.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 07 Sep 2020 08:53:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6RzLAYo7e9s9XkdTO17HUobpa3LC63HSjVtBvh%2BgT%2F8vPZu%2FLYWtq52Pe1Mi8B09QWhwrXwYgYOIryImBWA9BEqs6KY4RsflpIzOnto7M%2FL%2F%2F6P4ntc2gkQKxTj8KrJ7xy%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
697e01d57d72177a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
99405
expires
max-age=A10368000, public
sveikatai-uzs-1-511x681.jpg
www.grokiskis.lt/wp-content/uploads/2021/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grokiskis.lt/wp-content/uploads/2021/09/sveikatai-uzs-1-511x681.jpg
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfead86602806c825f9918b0fd6d84238c30d5e7d17e880f73afd1fda99f3c20
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2021/09/sveikatai-uzs-1-511x681.jpg
pragma
no-cache
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
cf_use_ob=0; path=/; expires=Sat, 02-Oct-21 12:42:19 GMT
cf-ray
697e01d57d73177a-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
xgemius.js
galt.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galt.hit.gemius.pl/xgemius.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx2.host.hit.gemius.pl
Software
GHC /
Resource Hash
0f94f262142bd783259bfd6292bd3f2691b725489e5c5aea82903dc1c4e75f17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 10:02:32 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Sun, 03 Oct 2021 00:41:49 GMT
/
www.facebook.com/login/ Frame 8EA1
Redirect Chain
  • https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=161777944003932&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df350...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3503b905827954%2526domain%253Dwww.grokiskis.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.grokiskis.lt%25252Ff248dd001144ef8%2526relation%253Dparent.parent%26container_width%3D728%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgrokiskis%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/lt_LT/sdk.js?hash=bd111149e9e32e051cfa6b36043768e7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3503b905827954%2526domain%253Dwww.grokiskis.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.grokiskis.lt%25252Ff248dd001144ef8%2526relation%253Dparent.parent%26container_width%3D728%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgrokiskis%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
t5uzlAm5aqoggN869w6gA0WDHXLFHJBNi/3vBLLgbkW805ZMYp6fsqtkcx8P6TK6e8fO3HZI6qxyqIvlp7TfIg==
date
Sat, 02 Oct 2021 12:41:50 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3503b905827954%2526domain%253Dwww.grokiskis.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.grokiskis.lt%25252Ff248dd001144ef8%2526relation%253Dparent.parent%26container_width%3D728%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgrokiskis%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v4.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
D8EK2KjcVklPBujTfnMfaQe3wswRur2cZHTTbv2E9d/jOYFacn1N7Kj2gJavH2vLWTBLcZbHSur3qdyWDk9nsQ==
content-length
0
date
Sat, 02 Oct 2021 12:41:49 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
/
www.facebook.com/login/ Frame 8E5E
Redirect Chain
  • https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=161777944003932&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a3...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a3448fb4aecb%2526domain%253Dwww.grokiskis.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.grokiskis.lt%25252Ff248dd001144ef8%2526relation%253Dparent.parent%26container_width%3D301%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgrokiskis%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/lt_LT/sdk.js?hash=bd111149e9e32e051cfa6b36043768e7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a3448fb4aecb%2526domain%253Dwww.grokiskis.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.grokiskis.lt%25252Ff248dd001144ef8%2526relation%253Dparent.parent%26container_width%3D301%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgrokiskis%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
Ez3TEdXS8vvUpYTZ4qQrWlK4JXEHZzYQ51r6Pqu+uIjIx65p68IyTxO6q5RsmT2HZbtfwcU1Hyolxd/xOmIjqQ==
date
Sat, 02 Oct 2021 12:41:49 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D161777944003932%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2a3448fb4aecb%2526domain%253Dwww.grokiskis.lt%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.grokiskis.lt%25252Ff248dd001144ef8%2526relation%253Dparent.parent%26container_width%3D301%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fgrokiskis%252F%26locale%3Dlt_LT%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v4.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
/1//a3k6tVSTi9543T+quLg52zdTCfeWN695NJJhsfRofGL26eVjseyWC2BfUfIRIhwfycMELsaI4JNxZBrLoQ==
content-length
0
date
Sat, 02 Oct 2021 12:41:49 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
auction
prebid-stag.setupad.net/openrtb2/ 		111 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45fdcd9f085cacfa8611f78837c728a8d055dc3d4eb3a630c63684ddcfad871

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oEqdH7rNQx4h0mPfaP%2BytO4Y0Aa9%2Ff4Kn6bSKugfe2ES801qAFH3Z6EizUpIVIy9i5QOm5BDjr7TJGvWq73lBvGaY9Tgqz9lBS06TZHvT0bj6QwJ5uJ5KGgIzZusU%2BS1DJHJCHjr5q7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
697e01d69d4cf9ce-PRG
expires
0
cygnus
htlb.casalemedia.com/ 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=677515&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223641e617ded6be7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22486%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2237f676c53a22a3b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22677515%22%2C%22sid%22%3A%22grokiskis.lt_300x250_article_1%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb14a0dad6941230774daba24a989249a45674fd3afc175c2cc99741f46462e9

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.132], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grokiskis.lt
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 02 Oct 2021 12:41:49 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0e0b6b065b4bc6e798f16174a0ae9e260ea89cde06ece454e23b9b4769855933
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:49 GMT
X-Proxy-Origin
216.131.114.132; 216.131.114.132; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e21eeb75-2c1a-4978-8f12-6e83f4b83acb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.grokiskis.lt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ 		5 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwNTAzNDQmdHJhbnNhY3Rpb25JZD1iMjBmMDUyNS1jNDYxLTQ0NTQtYTkyMy0xNDZhMzQ0NmRlOGI%3D&pt=gross&stid=4b763d6b-475d-4719-952d-751165e5a814&gdpr=0&gdpr_consent=undefined&fd=1&eids=eyJpZDUtc3luYy5jb20iOnsiMCI6WzFdfSwicHViY2lkLm9yZyI6eyI4MGNiNTVkYi00MTQ5LTQ2MDEtOTVlNS03NGYyZGQ4YWU1ZmIiOlsxXX19
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
adx.adform.net/adx/ 		5 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwNTQzMjkmdHJhbnNhY3Rpb25JZD1iMjBmMDUyNS1jNDYxLTQ0NTQtYTkyMy0xNDZhMzQ0NmRlOGI%3D&pt=gross&stid=4b763d6b-475d-4719-952d-751165e5a814&gdpr=0&gdpr_consent=undefined&fd=1&url=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&eids=eyJpZDUtc3luYy5jb20iOnsiMCI6WzFdfSwicHViY2lkLm9yZyI6eyI4MGNiNTVkYi00MTQ5LTQ2MDEtOTVlNS03NGYyZGQ4YWU1ZmIiOlsxXX19
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d49512430277dac2fc4182539094c15672302805f63f7ef3757d1b17b8dc2b73

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b10%3b50
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=34421532974
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grokiskis.lt
date
Sat, 02 Oct 2021 12:41:49 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grokiskis.lt
date
Sat, 02 Oct 2021 12:41:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
auction
prebid-stag.setupad.net/openrtb2/ 		112 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e74af5f9b66a6e6ab6ac2bdd18111578293e52bfde1826d6ccc8d3e2c46ac6cd

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQKIhnHAWQkMwJyhk170yXjFz2g8VkXuGhQAS1iyxwT9eLfOpMtFxi%2BcaY2E2G2biYGt3QNPz4BC9CYgfFDzf1CyZyULCYvERyrlGbzQ3q1F0cXINaGIAnywf54lMuXMF3%2FDur7Dmjd4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
697e01d6ad52f9ce-PRG
expires
0
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=34309145524
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grokiskis.lt
date
Sat, 02 Oct 2021 12:41:49 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grokiskis.lt
date
Sat, 02 Oct 2021 12:41:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ 		625 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
70ff7b90020a2b75866a03f2cfaa5d57f9b3610b7d91a8bcc78694c73f082747

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b25%3b47
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
cygnus
htlb.casalemedia.com/ 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=677515&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2261d5b7eebf31cb9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22486%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2262272b171ffcc29%22%2C%22ext%22%3A%7B%22siteID%22%3A%22677515%22%2C%22sid%22%3A%22grokiskis.lt_300x600_sidebar_3%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226359179f57163f6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22677515%22%2C%22sid%22%3A%22grokiskis.lt_300x600_sidebar_3%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-111-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6911fddd3edd78506ebac0b5ba7c8cc3fd9bd0ffd80b644bb9bf7679acf8c415

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.132], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grokiskis.lt
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Sat, 02 Oct 2021 12:41:49 GMT
/
adx.adform.net/adx/ 		5 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEwNTAzNDAmdHJhbnNhY3Rpb25JZD04MzZlN2NhNi01ZTQwLTQ5ZDEtYWMyMC1mOWEzZGU4MzZmNDY%3D&pt=gross&stid=4cef7054-55b5-4b96-876d-e5c69033d600&gdpr=0&gdpr_consent=undefined&fd=1&eids=eyJpZDUtc3luYy5jb20iOnsiMCI6WzFdfSwicHViY2lkLm9yZyI6eyI4MGNiNTVkYi00MTQ5LTQ2MDEtOTVlNS03NGYyZGQ4YWU1ZmIiOlsxXX19
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0bbdc81d578bbd0f77eebba79113d5f31e001a899472db7bee02405d09939a32
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:49 GMT
X-Proxy-Origin
216.131.114.132; 216.131.114.132; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
227f3814-e648-41c1-91f2-c1ed234c8809
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.grokiskis.lt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.grokiskis.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 12:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4006835641361368&correlator=3139690806843680&output=ldjh&impl=fifs&eid=31060978%2C31061422%2C31062393%2C31062995%2C31061424%2C31061029&vrg=2021092101&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211002&iu_parts=147246189%3A22594663729%2Cgrokiskis.lt_300x600_sidebar_1%2Cgrokiskis.lt_300x600_sidebar_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%7C300x250%2C300x600%7C300x250&eri=1&cust_params=hb_rf%3D0&cookie=ID%3D26d3c398197e5796-22875a50e4ca00db%3AT%3D1633178509%3ART%3D1633178509%3AS%3DALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A&bc=31&abxe=1&lmt=1633174682&dt=1633178509875&dlt=1633178508427&idt=1004&frm=20&biw=1600&bih=1200&oid=2&adxs=990%2C990&adys=562%2C828&adks=3933956134%2C4134244295&ucis=1%7C2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&vis=1&dmc=8&scr_x=0&scr_y=0&psz=301x-1%7C301x-1&msz=301x-1%7C301x-1&ga_vid=59639036.1633178509&ga_sid=1633178510&ga_hid=1692123377&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
10508b41163f3f8ccdcc61874c616db4a957683fa30a37f3055701199cb17056
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14357
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1636 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 02 Oct 2021 12:41:49 GMT
expires
Sun, 02 Oct 2022 12:41:49 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C700%2C700italic%2C300italic%2C300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grokiskis.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:37:36 GMT
x-content-type-options
nosniff
age
245053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17004
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:37:36 GMT
admin-ajax.php
www.grokiskis.lt/wp-admin/ 		13 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grokiskis.lt/wp-admin/admin-ajax.php?td_theme_name=Newsmag&v=4.9.6
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/wp-includes/js/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.128.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a51ffc84a86d20107a380d46785c1554d99f0afeb79503b29ae22e1cbb3c890
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://www.grokiskis.lt
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
_ga=GA1.2.59639036.1633178509; _gid=GA1.2.536711134.1633178509; _gat=1; _gat_gtag_UA_74776351_1=1; _pbjs_userid_consent_data=6683316680106290; _pubcid=80cb55db-4149-4601-95e5-74f2dd8ae5fb; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1633178509211],null]; cto_bidid=PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q; cto_bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw; __gads=ID=26d3c398197e5796-22875a50e4ca00db:T=1633178509:RT=1633178509:S=ALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A; cf_use_ob=0
content-length
52
:path
/wp-admin/admin-ajax.php?td_theme_name=Newsmag&v=4.9.6
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.grokiskis.lt
referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 02 Oct 2021 12:41:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MaeJQ7lP%2Bj6AXeTv9oogaKe9aeMjaPLzqb3H0Wne2eddrn1wzEa43mGlku1PazNsGy5QQqJH%2BMw8D20rDi0we7A0LmMP%2Fe3e4sZlLmRcTF%2F%2FMhFeVsDDkPN4p%2F06BNaUUB2"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
set-cookie
PHPSESSID=m7h5514fhe9ut0eh0mv2hgcnsb; path=/
cf-ray
697e01d76ffc177a-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:28 GMT
server
nginx
etag
W/"6138b194-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 03 Oct 2021 12:41:50 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4006835641361368&correlator=1787130394047798&output=ldjh&impl=fifs&eid=31060978%2C31061422%2C31062393%2C31062995%2C31061424%2C31061029&vrg=2021092101&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211002&iu_parts=147246189%3A22594663729%2Cgrokiskis.lt_300x250_article_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_rf%3D0&eri=1&cookie=ID%3D26d3c398197e5796-22875a50e4ca00db%3AT%3D1633178509%3ART%3D1633178509%3AS%3DALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A&bc=31&abxe=1&lmt=1633174682&dt=1633178510109&dlt=1633178508427&idt=1004&frm=20&biw=1600&bih=1200&oid=2&adxs=310&adys=1103&adks=101180153&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=59639036.1633178509&ga_sid=1633178510&ga_hid=1692123377&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a7687a8fc3bea2ddf266c3072c40e6ff388f0838bb5663f2d2cc4b02bcc1341c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21147
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4006835641361368&correlator=2889836626471138&output=ldjh&impl=fifs&eid=31060978%2C31061422%2C31062393%2C31062995%2C31061424%2C31061029&vrg=2021092101&ptt=17&gdpr=0&sc=1&sfv=1-0-38&ecs=20211002&iu_parts=147246189%3A22594663729%2Cgrokiskis.lt_300x600_sidebar_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&prev_scp=hb_rf%3D0&eri=1&cookie=ID%3D26d3c398197e5796-22875a50e4ca00db%3AT%3D1633178509%3ART%3D1633178509%3AS%3DALNI_MYkWHHl6SKYVEXAgClJNd7mmQxE-A&bc=31&abxe=1&lmt=1633174682&dt=1633178510121&dlt=1633178508427&idt=1004&frm=20&biw=1600&bih=1200&oid=2&adxs=990&adys=1094&adks=4281986056&ucis=4&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&vis=1&dmc=8&scr_x=0&scr_y=0&psz=301x-1&msz=301x-1&ga_vid=59639036.1633178509&ga_sid=1633178510&ga_hid=1692123377&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9cc94a022ccb0f7150c13016f045ff1ae8f21217ec58dae64f3dc479337aac89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9565
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
fpdata.js
galt.hit.gemius.pl/ 		281 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://galt.hit.gemius.pl/fpdata.js?href=www.grokiskis.lt
Requested by
Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx2.host.hit.gemius.pl
Software
GHC /
Resource Hash
f292824b95430557ee966854a25d81c17cb4e2de4309d5b6b21fd5ad4833a23f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
281
expires
Mon, 01 Nov 2021 12:41:50 GMT
lsget.html
ls.hit.gemius.pl/ Frame 7903 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS
ip108.ip-146-59-30.eu
Software
GHC /
Resource Hash
2515c5d8ee09ea4169f4434b739cba7a79188c31162615082cb8d1d9ecc27b70

Request headers

:method
GET
:authority
ls.hit.gemius.pl
:scheme
https
:path
/lsget.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
expires
Mon, 01 Nov 2021 12:41:50 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2718
content-encoding
gzip
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:28 GMT
server
nginx
etag
W/"6138b194-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 03 Oct 2021 12:41:50 GMT
rexdot.js
galt.hit.gemius.pl/__/_1633178510246/
Redirect Chain
  • https://galt.hit.gemius.pl/_1633178510246/rexdot.js?l=100&id=bQcwtEuR56COrLZk9d.SUZR7fSuiWWLQw5..4S2N.tv.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.grokisk...
  • https://galt.hit.gemius.pl/__/_1633178510246/rexdot.js?l=100&id=bQcwtEuR56COrLZk9d.SUZR7fSuiWWLQw5..4S2N.tv.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.grok...
167 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://galt.hit.gemius.pl/__/_1633178510246/rexdot.js?l=100&id=bQcwtEuR56COrLZk9d.SUZR7fSuiWWLQw5..4S2N.tv.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=117&lsdata=CeXHAO5MpZsj0SEe68mlqVkZAnxrquD3l946azIxLMj.Q7X07jl3U05wVImCwVD4d7AIVVVDKboNB__qPizRqWKia98R/2Ah3ipIQKtm6n/&fpdata=qEdhPsCRrduhiDuZsaIV6cGkC9IIaK1wwERdg2DSC5H.b7&vis=1&fpcap=
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.143 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx2.host.hit.gemius.pl
Software
GHC /
Resource Hash
ae6f863ccc4408cc01f91eb4e5cb3c9a0f571f18cf0c10ee128da15ff258594f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:50 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
167
expires
Fri, 01 Oct 2021 12:41:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:50 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1633178510246/rexdot.js?l=100&id=bQcwtEuR56COrLZk9d.SUZR7fSuiWWLQw5..4S2N.tv.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.grokiskis.lt%2Fverslas%2Fpopuliariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=117&lsdata=CeXHAO5MpZsj0SEe68mlqVkZAnxrquD3l946azIxLMj.Q7X07jl3U05wVImCwVD4d7AIVVVDKboNB__qPizRqWKia98R/2Ah3ipIQKtm6n/&fpdata=qEdhPsCRrduhiDuZsaIV6cGkC9IIaK1wwERdg2DSC5H.b7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 01 Oct 2021 12:41:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
aa047bd57fab9d34962cf867f2f7df6025429e0a13a04d16c5269bd381022a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8633
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 2C44 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.grokiskis.lt&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.grokiskis.lt&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2042
set-cookie
uid=cf5e4c44-c1ec-49d7-a819-6b1df376a770; expires=Thu, 27 Oct 2022 12:41:50 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sat, 02 Oct 2021 12:41:50 GMT
content-length
4666
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 02 Oct 2021 12:41:50 GMT
json
gum.criteo.com/sid/ Frame 2C44 		417 B
516 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=grokiskis.lt&sn=ChromeSyncframe&so=3&topUrl=www.grokiskis.lt&bundle=6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw&cw=1&lsw=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.grokiskis.lt&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e41e8464c8b1b487da7d473860e4c8424042b2a2fcb555e80a82dd55a84cd8eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.grokiskis.lt&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 02 Oct 2021 12:41:49 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3123
expires
0
container.html
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 03C6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 02 Oct 2021 12:41:49 GMT
expires
Sun, 02 Oct 2022 12:41:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F14 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 02 Oct 2021 12:41:49 GMT
expires
Sun, 02 Oct 2022 12:41:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A43 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 02 Oct 2021 12:41:49 GMT
expires
Sun, 02 Oct 2022 12:41:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
spo_show.asp
fundingchoicesmessages.google.com/f/AGSKWxWTaOjOXleXfOTUT0NJChOaCJRqcvGepcquGi0YA1DVyz-dzolTWcY2hs-WVP_WrZmQMwBzU_t29rkzzuqRxHRE2sfEBUB-Z25tA1a38c933brIRYGJe0f_UqMyzVK0Z1zJIDEb3FaRpWTitUpCS0zpEHk6C... 		54 B
107 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWTaOjOXleXfOTUT0NJChOaCJRqcvGepcquGi0YA1DVyz-dzolTWcY2hs-WVP_WrZmQMwBzU_t29rkzzuqRxHRE2sfEBUB-Z25tA1a38c933brIRYGJe0f_UqMyzVK0Z1zJIDEb3FaRpWTitUpCS0zpEHk6CBFz44Oi2_PanR1HTnBNpqM0JVNY0j0r4Y066-irkugJPp3JAUPzBFc-FhrSkFTvGGxoygJZA5vXNYh2VEA=/_/adbase.://adcl./network_ad._160x500./spo_show.asp?
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
78557e84e47b8f87536df3dfc0a62aa3e304b1933ad6df93faa3430b43c62a3a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OlWq7v1Ch8qrnZzGOYkJzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OlWq7v1Ch8qrnZzGOYkJzA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-OlWq7v1Ch8qrnZzGOYkJzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OlWq7v1Ch8qrnZzGOYkJzA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
bf3b3826f55b517d5634fcc936d6b6c36bbc7b9154cca94af5cf485217c67b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51105
x-xss-protection
0
server
cafe
etag
14223024329260039428
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 12:41:50 GMT
AGSKWxVxEWaoA5IK-E7b2Joi0-JKBrdg1tO9AzM95qQCsyySeb9HHd3IVoSSYcyr-X0-mvj5cI_cyOb3I7jxpIihCm_T_lZIlm1sNJMAPgogcvH1cnttNddfvNm3CWqRPom_UU56u54TfGY7J_5ZEidrPbe366N25mDr3-6TR8u0tCuWkTgd9jCmVByhcDIx
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVxEWaoA5IK-E7b2Joi0-JKBrdg1tO9AzM95qQCsyySeb9HHd3IVoSSYcyr-X0-mvj5cI_cyOb3I7jxpIihCm_T_lZIlm1sNJMAPgogcvH1cnttNddfvNm3CWqRPom_UU56u54TfGY7J_5ZEidrPbe366N25mDr3-6TR8u0tCuWkTgd9jCmVByhcDIx
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z9Q1spSMP5CwTwKd8uRiGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Z9Q1spSMP5CwTwKd8uRiGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-Z9Q1spSMP5CwTwKd8uRiGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Z9Q1spSMP5CwTwKd8uRiGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2B6E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 01 Oct 2021 17:43:22 GMT
expires
Sat, 01 Oct 2022 17:43:22 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
68308
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DE1C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
13b556349e5b51c79fc255aaff074b79d89fb2d26a27233fe86f79eeb6dfa0e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9AT83JD8IfwA87U8liaCng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 02 Oct 2021 12:41:50 GMT
date
Sat, 02 Oct 2021 12:41:50 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9AT83JD8IfwA87U8liaCng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2C9C 		645 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNU92vIJv6K5uk6vP-Nz1yO2jRJsWXffF3LZQzKEDQJzsCpBy4wlv1WrfEr7i3bwegrk-jDilevvZLWJRvJwXgJEbX8KKswx1sobYcvZCgzJv5_fNtI
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNU92vIJv6K5uk6vP-Nz1yO2jRJsWXffF3LZQzKEDQJzsCpBy4wlv1WrfEr7i3bwegrk-jDilevvZLWJRvJwXgJEbX8KKswx1sobYcvZCgzJv5_fNtI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkWuFsFflTFrzsWnA8ew2ei5CgmlRh4_1kgVYBvsneymJet3w_0CKLXXP2C7jo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 02 Oct 2021 12:41:50 GMT
server
cafe
cache-control
private
content-length
285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 03C6 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIKc6DSZjmv7eAUYFpPJR_T1uImucy6YIxcCRym1pfdbq6Sy6vywRnGnV2pI_Or6qY2Hn8eqPOb-U-PDRIwCLkB046pwJ8rBa1jSFkjOUgkmokY-fMH5SJbx_-xl93oTO7jBTEf9LojmsUsP4BRr2kcaCgmg&cry=1&dbm_d=AKAmf-CfSFVMWsgw76irddnM3VGrVE9C7P3h0Ymi6yamBJI1E2yQwE2vfGRYnararIYa976Sv6fwPgLwwTAS-Yg7EOA3INPR93FjZVr3n25oLds-7-97nTm0PBbwnRPDIPB3BJR2EdPU7kp1nAP9JShuMLiON868onWkomKlHTuM3PEfUUI054GcxIFo6Lw6JlS3fpXpu3Uf9aOPDlv87QyOU-VwHX5XzwiTerCsHgMYKi2KOKvIAeMF_rPwaUP-gIZBSku6-dTqFO2zbL0tX9wqE44KFjK8n2C2y0tl-kOW8Ft9L6XZZrcFi-8REFiYOgVFCjiYngKaiOEUDPzRtcv3arwmHbsWTwIrRD7zRP9GX3CaTzB6uTa7tS8Glw627PKeG4mnLxrwt7O8DvCSSSpOeZJJLiSyPjvgC7WLYeIfcXnpuad2IrhUPu8UmBrxNb_gfTOzr9P4fAGmeUsaEdV2fQ1lYk6LnJsGvUt4HUqZctFU3QE4l7t60nywwXJ_22Qcja57uffFYTOAy2f6VVv9c3ORp6xKQG13v5_7sRuEMdrhhB9t8d14JKDhruDJN48cl0z1lAbDvItXaV2m7HtHPnerpO6NbQH48zwaNJwkefOWzvpzuQrWb3qSC5aputoi7rBDVM_L0b8sDeJcihM2Sua4VkNujZ7KfjbxFRMVwH7268owZ8T2e2sQyQ25Ga5R-Zf-PC4hzKdhAmrJu6NS4IVsSChXQreYEAo50XyVyakJkblEOWcmX6LgcuqEp5k1VhiZki2eokbI7Cq3uzyObLAAUfKRRdlR6b8Mh8rlf3HgdXAvHDALTIlKRrw57ZJKMp1arpUhqRHpkMv2uErd0Y0rX-MNQ5lkXsFHlJBG3zqV17KZldUq3mo2JTvvYlUFNlQrBo30d4Op2tpC-ZbJMKdNs45k3DH5CTMPOL-eIh5N1Yu_6OG6b4wnAZ9YTdb-t2grTSKC7_9Rk2vyEPiWaFwLn3FpYYVK2DHV-8Ci8nnb5nV6bTUJb6tCzOnXXV0W-qOH6u6nEcd11j396rBKu33jsCnErqVpbw_gmKfndpPtZGDnbDczm8NyQII3Mq7QXJhiO-8dJ4wPyeDmvM6mhCwkxuxOQqhT5pwGQagCYLBo-GInPWj5BFESsuIts9YstIlsYMTJFn7_c4VXEzLTUH1RGr0VsRJpDp4QIcrksUWvvQiWLYOlWwZhvt_ealJWVmZ5xffLPcTkaoORzAhVLfvAdWDDqU4SGntXll-xcpTuEeJO1PAzBEznl7QQHwq2kWv-DwxqXPMSOGGidCqxtJlomyziltkMnFk43mOjXRtG4lTRc_aQENi2tLufQ7HdT-FmY5WuPSJeTSO0OD6t8G7rmVC8S64KLmaDgdGGLNitmA6f_-_7Z_sc65gn1xOlw7EHbgdS4BOh-8PDkmKUmcIs0vLptsc3U9tL5X7zw5OAQyhyBzsylcYzrRmVYJZsApQNN5cpST4Us2a5SMUxiF7M0OJntV-8RixLb14VTe79k7XNGlIQbIYQpWjJnwUlfYbgzFDLgLiC1bdcNtCr97-qoZPAliy9XRY7kmY2BDLpJHa76j-fK9DTNtzeLDpfjp6dtUlMYlxfZaKW3ZC885PsNI3RIe4k6tVvw_uoVaVPB2jGHf5XSbKXnCnOnes0L075bpfb5c7RqQ6346XEHWwAsGM0URJPYaAyOEvCt02ULQJo9DBzRASrJgHz4Pb50dlsC2_dbJ4jLLGY2rXOS1eAWDHPrmwUIt7_7o5QWKf0pJPsXhyou-NSAfbMidZNuv4GVfT7MW9aF5-AIQ_EfXm5jUUTbXY69s8q2ZdEfDec3jRiYRJjqoLnJp6wx85M2cqRtQxDk2_FGaT1n5LmFL5v58aa36LA1NQ2fta4OcV8SWa841l6SkUAhg1SMjCt36q6FQSpL4r1kSxUa_-tXoUSFtOFTKtzTDiGBHkSFu7uFQSTqKp0uEKBkZv2hzjthZJaC2RddWslulRUTomvS78Jqa35D7hJIiG_XZkwgiGdK3JuHTqHZON-mp-cnDUCtWkmsz8wNRvFPx-X-q8BWkcaJXWlIZOgqKkm6XsUMnxNUpOJ9LDjrDWm8BWs09SQ6vrjxyGeebXqaeNUYDRILhmp2ZqyDbuAAioIFYOfOWIL1ripqpYcuDluarhi0IOoX-p1jvCBVXGX7pl5HUwgXpZTmaAaWBVk9DqyA7bflMw7NZ-QlERh9iTdCvkhoLKkdoXv_YujGSaOhQctlE8-Ji2R7IPAtHZ5MABQ2ewjvUVTMG6q_mA_v8wtWIr8fshAxYIWEh9HXElWyIsAd0GctTxo6rkI3akpCF71VUpPOwP7t_Uv4hLC2-TG75MvLhHxgyVhqjjTlObmZ16lkUGtkZTyOqNIbGbnOLZI1dVMp-pRY5xT1EY1COsrjs3z1ScQdZ9AaOYZ3jrnlzDOA1pauAdL5vp5jXpx6Zm3xPUSR-ur34RviNWeZ4lUykYhm00nBV455moMZ28KDaM01OwGkBbp9IUgFcq9oNrqKNUHWhlAZaCgWvv5Ck4FjtegnLz5FqboC_H6ka9cr7SPVe0iGZGK6OWl0836-qUq2EL6dh501gTxnLgqjzaERTZkg3JaafRC_3zUFJV4zbRN3a2hgm6WjQGyv3G8HABNNiXasAU89aLI_GVEZk0b1TowCJED7g_xKNnaOiHtOSxWs1WtXTYmaj3JV_7oYW6K6cPx8sz1fQdi4t9OJlJiGET5hDw-kPqy_EHEle0QBT38Yfs0tddzGIIaNoGMqNzUqtEhVmpHUEGAXLserxqFdiviR4bQcDdQfYZYaaYl0-6tfdbuFBjOIVjThZHvqIi2-KwubyoFQt2lJOv4XzEwUtP53TM3KQeDwPigZ7QoOpLWHvywB1FvAM2dS-rWR6yCjBjVzcQuja5E1HRGekHU5uXklMbAQkA0lHlkNd49BBpWkuBqhU5YBs3EsY4OjC2-uUKrmpZSrk_izEvCOoGj3403s4sVhLlpfhUYT1_M4RolkNUW3XDF43q0OTun7d6aP16bL7BWQkwghZdiJ1693IIDy0-YtB8oDQo9eG3h5KFaKDqw-u2thJ__jQ0MeKb0myGOu2-idl5ONz3b7vlOCnO8vv3uwqmsHR2JXWA1Gi6zu5l5mUJ6-QkmCulCG4D2cB1D_eewFq10rRH6Ox4sf1hhFjqKyKapJNNv2oqp0UNYus9ImdrrDmc6lhtZLUnMvTLqVCimn8J8FisAv5yShA4Q0BcSdVxENRdW8Lw5UFWdDyC1Klh7MjwPYs69e2m0x5SqMi5JJwsnlhaJEy706Sths5iXk72eaM-Y5EgCemOZrjWQxiJwX0RRPjmrq7OzKHRm0_X-SCQxQCrVkgYNZsHBw3XA0R-5PbQtryFhx6Pd_vvf6e5bwhloYw&cid=CAASEuRoMH0bI7uH1nEycDEz4ee8WQ&rfl=1%2Chttps%253A%252F%252Fwww.grokiskis.lt%252F%240
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
cb94cafd1967748fdc2efce59720f202e1216d8fa5d8ddfd7ee8d5006ff9ec9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13094
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 03C6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dv5E4APKsrLzIu98wAFJ0kxJYJ_cspBipcdcE-aJihypYI97WkkVsH8fT45-EJJY5pAXDSyJsI8n3EcvsnlgOhyQKTlxeT8Lr71FQQ3hfPsifx0g0
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 03C6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=16221812&cmp=25595871&plc=298923361&sid=1461433&dvregion=0&unit=300x600
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 12:41:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 03C6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:34:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 03C6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:37:36 GMT
l
www.google.com/ads/measurement/ Frame 03C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCY4iULHhL0q3utd3OXwCby_B9L2FlJP7E5ug-tRP4duVdGx_ofir2cKbn3v3qAM_m4axa17nZhToIIJOayad3aprimA
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 03C6 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 12:41:50 GMT
container.html
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A5D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.grokiskis.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 02 Oct 2021 12:41:49 GMT
expires
Sun, 02 Oct 2022 12:41:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame B51C 		645 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNXdFZAE-sEQmBV3njIkq5n6j3oOsK3DtIpnTMxrZsHvXbM21End6FguC1Odkr2pIc2gP9-aaxfiP6RKDUW5ISQbSK1uwV0hufWdPT4Bv0sNOKsM8LY
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNXdFZAE-sEQmBV3njIkq5n6j3oOsK3DtIpnTMxrZsHvXbM21End6FguC1Odkr2pIc2gP9-aaxfiP6RKDUW5ISQbSK1uwV0hufWdPT4Bv0sNOKsM8LY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkWuFsFflTFrzsWnA8ew2ei5CgmlRh4_1kgVYBvsneymJet3w_0CKLXXP2C7jo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 02 Oct 2021 12:41:50 GMT
server
cafe
cache-control
private
content-length
285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 1F14 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRUnDsqNN-9wmNWFRm86R8g0nedwx-RuDtooUcNL87PXltjpBZ0NUgoqp4S07hXVEVS-hU8SJmTLfmfXUW6hzjPVyEIsckaVVh6L3b7PQ3s57shpJlKCcjffFHmdas_z7gi4_Un418opDEbZC0qNpnxalqfQ&cry=1&dbm_d=AKAmf-DipAnCOiTGsPqLIWzMWjszl1tjUZc2S-eauOTlzmYhok2gvmwUwZThZktg5Wlpk1HQg8nUEkUYVHFErzGdqipO4BhnLpuyUC2seOQkbiGW0SyDbEp6eruQTdCzjuvL75MSHK5HYUIQmQNHRuqlZ1lhC7MKu37Bj7GHd9aFd59YlFbS0DDyAe-BiV3fY3GdxoDW_TZGHgnWghCaLdKv-G6OUhWidv8bZ69VDnxOLcmotFwWsTi34uFQVFHttHf1aMwJOeMrSqN7yJlG4sTFDVfXrvckEIkfKmPoQI56pp_1iz4JMcaGGrFEnL7HMdOeYgylI2DVeYMgOyZek9Db0SG1P2bjJGBLZrsc6vmt45DZQ3TLvQn4QowOJ8UnL7ipYXaznTFP_iI1AP1Ex7WwbLkMacDEPwv-p8GacuOBgvsP9IlyC7JJM6KEMmmEB-srEfDAqW-mGBvPdo2EgbJOjUdCw8UNu-LAeW0IC_Fgg3iGj7z_hRQ4VVUJYkvKCIJj1wMzMKByyFJgdxJiOGw9_RVeUHOzs_QdEe-dwDc4Uq34OLwGIaEOvAzxNjSABSSN51uMIkHl4N2WY4l-EQndDqV-N_IFF1CKrRjKRt9_ocgjuXnivDFaJS-W85qsfvHycrQ_ENxcQ9Dw22ZpWxI4pHNNulMiJa5HL_-3w_LILCMvPxGSDt1Sl5NxXD9ShFrcXpg0MmnAuY6W71UuX3kEiuPEBgnuMsiskutZxscSoswkCk9LeSZb-FvoKQ7m9iZZ26yTIp-j8VmDrZj48f-WhHwx-PYj7TS9ZMLtyxnOCsM5ZW1baphNOz0KyjuxEA-HK6b-anLXqJH7Leor1Rho8Y_KKtBeC3Vtn11ODMCAtiardTvee0YwRKzShjxqxssyfWYLZ8PeLtp81WSolLfs8ie013_h1fTsTkr-d05s4p48GXvzuOAUdTEmquBM9ef_UaJcF1WonOjymC3B5ane5hZq3ZlpUjA2EMbuWLP2-0u2qLPJxKsCU-HBKZrIGNbaMPU1vxLiUAcEk53ldHpdeE2daA1W2jcV6Z3TtKWjbdyHjl6lcLYCHf_hO2HHe0yD7Nr2b-cIx33yiiKxatFyePI3MUawJJzV-SVb7uRxQf2SBLMRRnTcyZzBpBQl7msF9ij_HsBElYcmn26HnmGMgEaslVkVQ7AnJopCx-QjhU83QNGbqrynA_NUlTm_XKklbSufoWvAhLrISZHah5_CkMljydQi_6_ENlvlUK2rMdJC1Fyp5wLfLNpU2VLsJz3DvD7PJjyjHxiFnzWGay2JWTD2mNmp2j0XJVxy-SJqmCVqTbTqMfjqN81xuASlpUzOTlXcq4j5vBmgu4pwFXZyUdLe35jetCkfl5EQK7GEQ97iFYtYBkXdyWk7Xzy6bPzHh-y7D3nzJNpHCAklhAGFcQyt0m8aU2OVb5pb6kvcCs92AnGoDLAfx7TX1DywHJcKNpUTdGoXn6sKSdcU0wRiimHwCvz8axYFBgTrQ491xjFOK8kxHpUs9dkHsDm0RvCLDIm5kmt0c0hVOsruORJI5pHOsYvp9X13o7j1ASJhR_NKeOEqFTDit5ZgRMAVEwv_fcLVzXGQCEy8bh6HvI2qWhDi2cCuGE1WuSKEYb_TdhDMDQwsQNc0r2mo1Da_AfQhd1pJGcWTDiP4Zic1uqJ_C21J_Fn4N45mbpvexTx_cCpqgMRmLsugy_KHSINGRd5OZgKSOcLqnp8K1dqL11doLGLVHDbICcIjw9m0za5xZHAsod0h0wx5QA7Hm0xZ1wznPES7t5LiJYD-bH7x02cJ33XHDo8rmeYef96RvtK2loi5LBHVkqqYCRTSWKVnhe6JbSHpxjfGvkNxD0VaNC1Blr_kffZM81udcLIMZBM4NgQCZ5zwLJZnQV7iNMkkCmsU9AlezMfHgnxZN41WcisCxizH9UFcaTeJu9x2l1GueIR3oNnzVP8nnMgR9SeZoANqzehgB_ZLhXBJw2CPSVho1gSc5rKMMIW9wMJvhGf_ewoqn7TUYuY91g4HkEsiRbKgiaJDRtZm5PR5IZtdGXKVSXtSTU6tLftFTjFgyksIVJklf6TJZ0sYpJTl1Tx0rrIfb8O5MgeXnF6CeG0kKyXz-ugAYngH7-tb4GrmDB7Gud-mb0VQ4bNMpSPLRy8FKZdp-yqLmQdLmw4lvAoHs-nTcxK1n5irKK2ywtqX8UxtsQ_QJRUfrBGULUG-JG4uksMXSVcbHJAGm5BCqL3nxQDpDEtN1To7PGrOOT0f8zFtY1lGNoGOmTVZTnUz8RRNYHmcLCsXGh5qkR2Z_DtNrES26ukbHlAGXxgyeGwn_4G5CLvE8XTk8joomNi7Ibg8OdrUPD3E9DmfoawR058cR20fPiIkbFS0HF4AB3C3_69b67YiJmLg2GyM5A6DR0OAWtO_OaEjsaCxICq34WbsCvZP--1Di2gStxN43xONz1-8nwQeZs3mmYyJx_apSY0f018tePMMmH80LM3fya3XflOp6WWww1AGOnE0APpGYsJ13ulh0mXMwaijyeCuvmbaoeN3j7DGnnhIaJVHsTZYbL928wt5pDtP0MZHp9pq3___oWeQ7HgwjqfbRHVJo5x81H-o70Yt1jYTgqLAKY4uo0Z7_Xt878sqvCOQymimAXnN0H_r_JQyUOEt-I-U389Eon7hmYsbXQuy6BihxKQ5CxJDmA0OxrAl1Lkovvjewi5lFmJlXFsRSHL07CA3A9ze_feF0b6S4vWdq60cap4SBLiu_vcgF5sQkkAtZVhJaVxFCB9C0GCCY-9s5PzIRdf5iFv298cJIWOHbvapOvaduo5e2UcFzIkves13GD7c3tRDealWtYx6d1wQGPewLw4TjFykdrAn3f-yhP-QFnlnpbrssnyf6wSXTcqBuLBeLv149G0N-iL5y4aDilzjZ8wFml5vBLmAiuf680uN7_WTfDWux8x9J1DAgKt4WyNy5p-_2-vgzXy7AerJHyP14S0Xo0aTCMF-Lj3wphAp4ji6UHdujsEHOZPYxrVW5M4Q2_pyyWRN0LeAwvrNYWmFg6hJyAbG_qA1kef_KH_RaQR71FdCt8ejMA2EmZzcOOliXBUn8tAfYRnTBCbsSSBxMnjnfu4gsy18sgMji3M1F463XtlWJsiULis5K-EZ9YEnYB41jZmkWnGZKqrTKW5tjFP0PSS5EVtrzawK1_6qzcf3VrmbYLQMBnbtyzqJxFr3DxYmwS5vhN1KZLvuF1eph8X-jpnLPr_hPwwI5wUt_aNt_Dan3DDrQM1tonuDMnslxiau0RTzTQY7esyYph8RT67Q8bhW8FjKBZsfyCBnA8SPCSnIgWVnUhA6ITmzfeHYwWnGp8Ha1XfdHqRrSNNFqypPgVcwoElQS38V&cid=CAASEuRoZNHnYKujum-MjClANQHAzg&rfl=1%2Chttps%253A%252F%252Fwww.grokiskis.lt%252F%240
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
13985a3f55e5182391346d2cd0c08fa63127ed407d457be5ddb2d63aac371905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13084
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F14 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aqp98rfIa98VdK7DHtHv9QCjYnrrsruA5e_7agZemxelzEmaBi1Os81_yeTEKQD-X_FUc8vgbV2uW8WfF7pTBZLjqHbZIRo7MD7yfUtEawfrYdT50
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 1F14 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=16221812&cmp=25595871&plc=298923361&sid=1461433&dvregion=0&unit=300x600
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 12:41:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 1F14 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:34:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F14 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 12:41:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 1F14 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:37:36 GMT
l
www.google.com/ads/measurement/ Frame 1F14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIoUThjNBZjawVup1TAaJqy0WgnMZDPxy8kifuP5LId7QIBLhJg00WhmlS7fLs8TDSRCneLrgymYMuxTX3lKEy_cZ8OA
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9BF4 		645 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNWe36q919XGADoKrB8mIIKLZhqaPsvhZ-vD4t3FSuoH6HM-rapxC-7yXvau24lSDmcZeH1pUgWve0KVKDceatgNKEh13KVw-rdZrS7h62KqsuWk_a8
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNWe36q919XGADoKrB8mIIKLZhqaPsvhZ-vD4t3FSuoH6HM-rapxC-7yXvau24lSDmcZeH1pUgWve0KVKDceatgNKEh13KVw-rdZrS7h62KqsuWk_a8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkWuFsFflTFrzsWnA8ew2ei5CgmlRh4_1kgVYBvsneymJet3w_0CKLXXP2C7jo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 02 Oct 2021 12:41:50 GMT
server
cafe
cache-control
private
content-length
285
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2A43 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcV-Wh9HVrmhbnjUpLjrPX83FKLQv2oNgkJatSbNnUNjWzi80-QPgETURvadLZH7kJ-4_mn0MwSWmCPxuckhrnEECy4zWQloELfac8fdAlNtGCDSnMcfCONzDO7ziV53Bm2qoKlpi9xXxW3gLQeVUT2BAW1w&cry=1&dbm_d=AKAmf-C6TsXz819-kuzq2EuJTBT63DzBA9142V0EK_cvp5iDDZLNS3bfABys349fdk9yD8PmOp4d_Lq3pMxgz1jAg4LRHlgse4v3WFbcYqvPbCt85rk7vVyii-jlMA6MYG3WXcD8981svJ2WS6qQ70RUOd_gXyL1O9eVPpbKhAs8IJcfXm8njk8p77Pi2kiYCH7T_egTVO78wnKVqjJ2_TrYWl-IIsP4hAbDFcs6QLU7YPUoH8Nwz4ker2PMUi7k4BVVAJXd0-wBfH3NhKznkZLI9YWwpnfXeMoEckMK1eEAsmWHBLlmK-DzT64CgVl-hlhi2Hg3iUqMOavf4zA9u8zLOSHCfP2LapH-lK-UgFxhvAFuy3kyMzZAkeIkuMNOQb1VtB8rhgOdslcy2qnSnRHdrf2ooZOXfr_-y3R6QksZ7HNqvydqxWd1cwOhgctRhZCPaU90zy9fZ3Lu1feeUqK3i8YF0QcaOew7055nEjLSpT9PHG0GPfAwjmZGkvpMoDv8xc9Wiz13--ABh72_qxsjhFFl-jQJwBRQaAC50Tn-22qJN7F_w_oRd3Z9R3syuWLy-dP19AySsBFxccsHkQb_ufSVDhiinWlXb9ug5LPDVM5NEjEO4k4_U1xLP9tMitWBBRA2J4kG_6jS2W74qA4Rm6G9G9qW34imDnmXX3WpwaosscmxoG4AeGodPp1hHb0gbRuuuOw7L-K2szjKipvgDtAnFNmhwyql6L-dAJnfHRHxD19qLV-8WcjJByLOpiAccWzq4GHtPtPKyOnbWa8r-AxtEzlkp6Q8CQLQVCJWP9crSRFoDPDyREZN2T02KUB-oHe15S3KejSJo1te20gU1llrEICjIALVRBHtICTfg1irF6G9OIHTMTKwhvGYJsZC4c68GHUAhXgUVO75V4jT4fU6Hiu4lXSvZ1OA_KuEn9A6OFfrqJO4OLgIMOMq8S3-teP5dsRT6sOCCK8iy7tt7SNYX_EOpMmO9v8QtAT8VeqdQ_hcXnSDac0fXWfVwMIc_vDQoNTzIaXvAjh68-kQ-X1O_7cDvLexJgBgPOXERj19zOVQ9_1C7v8e2lzTtEgJgRbJQqLZwUoYHYfMU0q5GACScqOZS6Q5-42sLxxA3GaSqWc6uC74J8MGXs4beiSRybMqavknRYF-B-qx7U8CjuW-3SY03UmqahW1zAzJCO60oLR3JU6JFt4NodRZVUho3LmSeeZkluqx9AOZFk1npmNHtRvafmvbrGe7yuAQQQ9a1GqqlDEIeLue83dwAYy2r-Rs89Qifddelq7V9D9EMc5xADGW188eTzT-mV0ghl-_zS1uzZwR9vsa4Ob8rHf_CiijkGeg4kKS6JIA4FLnKr6wMpYAsWWNPa4t-eKWLK0z7OnAC13fIIbnid7hMtBH6ei6O_PxYWBXLhl0V12-XXFmEs28r90RnDD9yqhuhadwYcB1M6qU4WjWzNqXYDFHYW9RLkzL1PJo9DEN52CnxRazRndJHDB6DTcdyo6zaESN_BKXOwqy1sGQtlyCxQ2R6s6gDJ4jNa0NaShPrcZTA2TeloyHLOxHd2bX8enxu5RDEKK13CTGL_32Xg3mwxNq5RjMRm-zKObSm0Xa3FzqQEVIbKw9PR99gmxqMvcs1eXhsin4TfCcQsMrNbP46WncUiyZD52IjreRYfGsXKu9Fvv9UR7SxjRoqZf_s9ZPNoT2oUpSvxFhiLEwwp2gvVkL4a9s5pKFHGvLJKNiEyI8Gh4Shy6wy5Y8sZ3wRcsTa8VPKjW9N_pz-7yThxWHWvlUUv9kfHJFBYLcDZGYtrXFP4U26uK4N9AIsOEE8IcD4J-D2z--M4zEKhr85rSg0SO_AVnhONKH__bgSW_mG5FMygAt541z2tfBM3uzmNANphyWpmsx1EDD-8hnyGNhApgxZRLzI2TrwHwq6OI1OOj0yfVPaJ6sLFPXfWO6m9yfwv3eI7O376T8ZH_pH8oENLjyyYULRtOvW7tLLnBSGBvihPflfULRppN3I0JHgEIJB5ALjmDkbEo8iculQb5dEtlW4uLnP8H5S57WPVd5YtmECsPg63bs_OFs6eZ6QUG7FR9d9RwpYe3c1yrH8vXZuz99N-ueAjyNtJ8z21QYRRpMcImjOYLeyoPMCMcTw6lh5x37W5XVBzmUoT8jkZ-TrqZo9EJSAuurPbZYW-CIiGzJlCWpO1Msk508ZgJFiTN-ur3-j1W0YFcSi2MtNKc3M10fyLt4n0yvRBKRknjm1K8U3SA8C_25yK1TtmvB5slud1IIPZrUTsPXdESOE8OeUjOjp3SOTiLD6BkKOKiSdugd9qD_j-89gn4Mi7u5MiIx8-gFIXldVaeiS7kHv1RNiYv0_mqU9KyzSR2CQSagkpD2eGEleXwavAnDQ8bgL7pIklw_YwY8tVH_27mfbMfzgTETIlPX3KrqxcCSUTPUxRDaKLo840AyYgeMOpP1iiK9d4cYX_QqOo0m1VdTYjnypCaWeRdxqxokSBDzqeRxfMLQbg3AybwAXW8fzfru99snSPQ__TrsZO8SjkXHX4T_lFLeoo6nN8zO41rcs7vaskU_pFN7ADIAI4X9di4QYGkOOKg8830zg_onlgtUtyi9CWtAo83lpFkUcqOvNYd8y-QAm9p6GybpuO2q-qILHAf8M7Fcfja8OPNXIKYLbieysFPuI4K1m5yMDoda9tTrmD4AFWOon4leKcbddpMvRS24-j6qS6AYppzAI6yEZT6XJPqBtXk27KfTLiZJLpeomGBUdZnEi5Ae0idORnB_QOrF3Tnn-pceqeDd_JW4jFCqNkLF9iYn_R7HxoJK5H4e2p4dq-JECwvgrEINugheW_3jeDUkfMBE8iz5exXLDQyFpb4XJWhVw_Hyum2U7sS6ECoKLEUwFdxJ5UHifqKKGYcw1izWiwSmSoF9wggFaMDsQTIJlzSbXBvseW9_AYgEew991n6tlpuhoUD6jaFBQpUc9Tkxlc4e7bMd9J5X1g5XIlXwtpEknsIAjRtMA6ahuJJcjvZ92jEmD9hcEPFJ1yhnQ2Vj2n--hhXzvRr1CDcAfmJPW5mW0Z5KWcXfvaufLKCm7PO5QzkHvVtkUeNlInzbzRuOu2qv2V7L3RxzzBpoj6INnAukmb9TfL5mlajF4nFDMh09URs38lKa_YW9_us_JI62wYkiOc3irwQfufZ-sw6e9_vbI28WYln7694mJ9b7pco5SqkpheL1fnA0oGjSzA0YlbYMoQRbsp0k3NAOjAqEdL0XuNx4t-KbCNe9DkGzCBWDq04PwI8ZNVPNKv6kZz6jEwbpmgNZBmN-Nk5zwCL9qnRfsrlJQpcFTm3ExAWGpA_PdqrnC65jKef9pV8JLAT1N8_ZVpDazoKVrMmk_izp0cJzx0OC&cid=CAASEuRolX1QOdXtQZ2OL5UN-3v8gQ&rfl=1%2Chttps%253A%252F%252Fwww.grokiskis.lt%252F%240
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ad26ac45854433ed70dff18b311c7aefe1e5493461f7e5c778cbc578924fc5c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13206
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A43 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1hdGiDeazRSzYlWp5KjahlGKMcazafShprSiJUtkyUZJqWGwAXF-M6BJCphq-pSD7-DBSROQBij09kaKKjGhJ5dU4eEqiCDvhnxl2FP5oQNIpnv4
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 2A43 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=16221812&cmp=25595871&plc=298923361&sid=1461433&dvregion=0&unit=300x600
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 12:41:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 2A43 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:34:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A43 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sat, 02 Oct 2021 12:41:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 2A43 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:37:36 GMT
l
www.google.com/ads/measurement/ Frame 2A43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvB9MLbkOnt9eepKCTE3BO4u5HVr4_a0UyjgYHKhercNFBTR9hcyf5vmsBeEMK8NnQsD4gYU4mJu1e0T6t3xe0b4JFGQ
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
AGSKWxVxEWaoA5IK-E7b2Joi0-JKBrdg1tO9AzM95qQCsyySeb9HHd3IVoSSYcyr-X0-mvj5cI_cyOb3I7jxpIihCm_T_lZIlm1sNJMAPgogcvH1cnttNddfvNm3CWqRPom_UU56u54TfGY7J_5ZEidrPbe366N25mDr3-6TR8u0tCuWkTgd9jCmVByhcDIx
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVxEWaoA5IK-E7b2Joi0-JKBrdg1tO9AzM95qQCsyySeb9HHd3IVoSSYcyr-X0-mvj5cI_cyOb3I7jxpIihCm_T_lZIlm1sNJMAPgogcvH1cnttNddfvNm3CWqRPom_UU56u54TfGY7J_5ZEidrPbe366N25mDr3-6TR8u0tCuWkTgd9jCmVByhcDIx
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R/9XUPkATx6g5b6Bfj8dYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-R/9XUPkATx6g5b6Bfj8dYA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-R/9XUPkATx6g5b6Bfj8dYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-R/9XUPkATx6g5b6Bfj8dYA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVxEWaoA5IK-E7b2Joi0-JKBrdg1tO9AzM95qQCsyySeb9HHd3IVoSSYcyr-X0-mvj5cI_cyOb3I7jxpIihCm_T_lZIlm1sNJMAPgogcvH1cnttNddfvNm3CWqRPom_UU56u54TfGY7J_5ZEidrPbe366N25mDr3-6TR8u0tCuWkTgd9jCmVByhcDIx
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVxEWaoA5IK-E7b2Joi0-JKBrdg1tO9AzM95qQCsyySeb9HHd3IVoSSYcyr-X0-mvj5cI_cyOb3I7jxpIihCm_T_lZIlm1sNJMAPgogcvH1cnttNddfvNm3CWqRPom_UU56u54TfGY7J_5ZEidrPbe366N25mDr3-6TR8u0tCuWkTgd9jCmVByhcDIx
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fd4zmzEA5y2YoDQJBo0khQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Fd4zmzEA5y2YoDQJBo0khQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-Fd4zmzEA5y2YoDQJBo0khQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Fd4zmzEA5y2YoDQJBo0khQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVCjHMHVo40_yaT-OY656o_x8U84dijpoHN0SgwmsG9et7gQZGIUTe5syvCKz7trbYX3qY1FIYzsTl3ycpQRsgAPwAaMZm_0v1ZXyaK-q9Zm2sCFjDr-goDGO3svQPivD0DkMioQw-0eT6gPB2DSzU0zHNvA7vqqS53jgyo0I12RMQAJSIgyxjuAh6e
fundingchoicesmessages.google.com/f/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVCjHMHVo40_yaT-OY656o_x8U84dijpoHN0SgwmsG9et7gQZGIUTe5syvCKz7trbYX3qY1FIYzsTl3ycpQRsgAPwAaMZm_0v1ZXyaK-q9Zm2sCFjDr-goDGO3svQPivD0DkMioQw-0eT6gPB2DSzU0zHNvA7vqqS53jgyo0I12RMQAJSIgyxjuAh6e?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCxudWxsLFsxNjMzMTc4NTEwLDc4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLDBdLCJodHRwczovL3d3dy5ncm9raXNraXMubHQvdmVyc2xhcy9wb3B1bGlhcmlhdXNpb3MtZG92YW5vcy12eXJhbXMtcGFnYWwtanUtbGFpc3ZhbGFpa2kta2EtcGFzaXJpbmt0aSJd
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
e6fc8e20bcd0cbbf0d1a529829a7c292d1d2ad1e8210a6b429ff2b6619fbfed7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QuOBTQNyjnuK2fvZx976Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-QuOBTQNyjnuK2fvZx976Ow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-QuOBTQNyjnuK2fvZx976Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-QuOBTQNyjnuK2fvZx976Ow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVxEWaoA5IK-E7b2Joi0-JKBrdg1tO9AzM95qQCsyySeb9HHd3IVoSSYcyr-X0-mvj5cI_cyOb3I7jxpIihCm_T_lZIlm1sNJMAPgogcvH1cnttNddfvNm3CWqRPom_UU56u54TfGY7J_5ZEidrPbe366N25mDr3-6TR8u0tCuWkTgd9jCmVByhcDIx
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVxEWaoA5IK-E7b2Joi0-JKBrdg1tO9AzM95qQCsyySeb9HHd3IVoSSYcyr-X0-mvj5cI_cyOb3I7jxpIihCm_T_lZIlm1sNJMAPgogcvH1cnttNddfvNm3CWqRPom_UU56u54TfGY7J_5ZEidrPbe366N25mDr3-6TR8u0tCuWkTgd9jCmVByhcDIx
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.w-wcQGdm8yM.es5.O/d=1/rs=AJlcJMxnuDv7yrSEvQ34N-ZaL_NC9zLqHg/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-otRRUUXvSa6PYQREHpqX8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-otRRUUXvSa6PYQREHpqX8g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 12:41:50 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-otRRUUXvSa6PYQREHpqX8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-otRRUUXvSa6PYQREHpqX8g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 03C6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIKc6DSZjmv7eAUYFpPJR_T1uImucy6YIxcCRym1pfdbq6Sy6vywRnGnV2pI_Or6qY2Hn8eqPOb-U-PDRIwCLkB046pwJ8rBa1jSFkjOUgkmokY-fMH5SJbx_-xl93oTO7jBTEf9LojmsUsP4BRr2kcaCgmg&cry=1&dbm_d=AKAmf-CfSFVMWsgw76irddnM3VGrVE9C7P3h0Ymi6yamBJI1E2yQwE2vfGRYnararIYa976Sv6fwPgLwwTAS-Yg7EOA3INPR93FjZVr3n25oLds-7-97nTm0PBbwnRPDIPB3BJR2EdPU7kp1nAP9JShuMLiON868onWkomKlHTuM3PEfUUI054GcxIFo6Lw6JlS3fpXpu3Uf9aOPDlv87QyOU-VwHX5XzwiTerCsHgMYKi2KOKvIAeMF_rPwaUP-gIZBSku6-dTqFO2zbL0tX9wqE44KFjK8n2C2y0tl-kOW8Ft9L6XZZrcFi-8REFiYOgVFCjiYngKaiOEUDPzRtcv3arwmHbsWTwIrRD7zRP9GX3CaTzB6uTa7tS8Glw627PKeG4mnLxrwt7O8DvCSSSpOeZJJLiSyPjvgC7WLYeIfcXnpuad2IrhUPu8UmBrxNb_gfTOzr9P4fAGmeUsaEdV2fQ1lYk6LnJsGvUt4HUqZctFU3QE4l7t60nywwXJ_22Qcja57uffFYTOAy2f6VVv9c3ORp6xKQG13v5_7sRuEMdrhhB9t8d14JKDhruDJN48cl0z1lAbDvItXaV2m7HtHPnerpO6NbQH48zwaNJwkefOWzvpzuQrWb3qSC5aputoi7rBDVM_L0b8sDeJcihM2Sua4VkNujZ7KfjbxFRMVwH7268owZ8T2e2sQyQ25Ga5R-Zf-PC4hzKdhAmrJu6NS4IVsSChXQreYEAo50XyVyakJkblEOWcmX6LgcuqEp5k1VhiZki2eokbI7Cq3uzyObLAAUfKRRdlR6b8Mh8rlf3HgdXAvHDALTIlKRrw57ZJKMp1arpUhqRHpkMv2uErd0Y0rX-MNQ5lkXsFHlJBG3zqV17KZldUq3mo2JTvvYlUFNlQrBo30d4Op2tpC-ZbJMKdNs45k3DH5CTMPOL-eIh5N1Yu_6OG6b4wnAZ9YTdb-t2grTSKC7_9Rk2vyEPiWaFwLn3FpYYVK2DHV-8Ci8nnb5nV6bTUJb6tCzOnXXV0W-qOH6u6nEcd11j396rBKu33jsCnErqVpbw_gmKfndpPtZGDnbDczm8NyQII3Mq7QXJhiO-8dJ4wPyeDmvM6mhCwkxuxOQqhT5pwGQagCYLBo-GInPWj5BFESsuIts9YstIlsYMTJFn7_c4VXEzLTUH1RGr0VsRJpDp4QIcrksUWvvQiWLYOlWwZhvt_ealJWVmZ5xffLPcTkaoORzAhVLfvAdWDDqU4SGntXll-xcpTuEeJO1PAzBEznl7QQHwq2kWv-DwxqXPMSOGGidCqxtJlomyziltkMnFk43mOjXRtG4lTRc_aQENi2tLufQ7HdT-FmY5WuPSJeTSO0OD6t8G7rmVC8S64KLmaDgdGGLNitmA6f_-_7Z_sc65gn1xOlw7EHbgdS4BOh-8PDkmKUmcIs0vLptsc3U9tL5X7zw5OAQyhyBzsylcYzrRmVYJZsApQNN5cpST4Us2a5SMUxiF7M0OJntV-8RixLb14VTe79k7XNGlIQbIYQpWjJnwUlfYbgzFDLgLiC1bdcNtCr97-qoZPAliy9XRY7kmY2BDLpJHa76j-fK9DTNtzeLDpfjp6dtUlMYlxfZaKW3ZC885PsNI3RIe4k6tVvw_uoVaVPB2jGHf5XSbKXnCnOnes0L075bpfb5c7RqQ6346XEHWwAsGM0URJPYaAyOEvCt02ULQJo9DBzRASrJgHz4Pb50dlsC2_dbJ4jLLGY2rXOS1eAWDHPrmwUIt7_7o5QWKf0pJPsXhyou-NSAfbMidZNuv4GVfT7MW9aF5-AIQ_EfXm5jUUTbXY69s8q2ZdEfDec3jRiYRJjqoLnJp6wx85M2cqRtQxDk2_FGaT1n5LmFL5v58aa36LA1NQ2fta4OcV8SWa841l6SkUAhg1SMjCt36q6FQSpL4r1kSxUa_-tXoUSFtOFTKtzTDiGBHkSFu7uFQSTqKp0uEKBkZv2hzjthZJaC2RddWslulRUTomvS78Jqa35D7hJIiG_XZkwgiGdK3JuHTqHZON-mp-cnDUCtWkmsz8wNRvFPx-X-q8BWkcaJXWlIZOgqKkm6XsUMnxNUpOJ9LDjrDWm8BWs09SQ6vrjxyGeebXqaeNUYDRILhmp2ZqyDbuAAioIFYOfOWIL1ripqpYcuDluarhi0IOoX-p1jvCBVXGX7pl5HUwgXpZTmaAaWBVk9DqyA7bflMw7NZ-QlERh9iTdCvkhoLKkdoXv_YujGSaOhQctlE8-Ji2R7IPAtHZ5MABQ2ewjvUVTMG6q_mA_v8wtWIr8fshAxYIWEh9HXElWyIsAd0GctTxo6rkI3akpCF71VUpPOwP7t_Uv4hLC2-TG75MvLhHxgyVhqjjTlObmZ16lkUGtkZTyOqNIbGbnOLZI1dVMp-pRY5xT1EY1COsrjs3z1ScQdZ9AaOYZ3jrnlzDOA1pauAdL5vp5jXpx6Zm3xPUSR-ur34RviNWeZ4lUykYhm00nBV455moMZ28KDaM01OwGkBbp9IUgFcq9oNrqKNUHWhlAZaCgWvv5Ck4FjtegnLz5FqboC_H6ka9cr7SPVe0iGZGK6OWl0836-qUq2EL6dh501gTxnLgqjzaERTZkg3JaafRC_3zUFJV4zbRN3a2hgm6WjQGyv3G8HABNNiXasAU89aLI_GVEZk0b1TowCJED7g_xKNnaOiHtOSxWs1WtXTYmaj3JV_7oYW6K6cPx8sz1fQdi4t9OJlJiGET5hDw-kPqy_EHEle0QBT38Yfs0tddzGIIaNoGMqNzUqtEhVmpHUEGAXLserxqFdiviR4bQcDdQfYZYaaYl0-6tfdbuFBjOIVjThZHvqIi2-KwubyoFQt2lJOv4XzEwUtP53TM3KQeDwPigZ7QoOpLWHvywB1FvAM2dS-rWR6yCjBjVzcQuja5E1HRGekHU5uXklMbAQkA0lHlkNd49BBpWkuBqhU5YBs3EsY4OjC2-uUKrmpZSrk_izEvCOoGj3403s4sVhLlpfhUYT1_M4RolkNUW3XDF43q0OTun7d6aP16bL7BWQkwghZdiJ1693IIDy0-YtB8oDQo9eG3h5KFaKDqw-u2thJ__jQ0MeKb0myGOu2-idl5ONz3b7vlOCnO8vv3uwqmsHR2JXWA1Gi6zu5l5mUJ6-QkmCulCG4D2cB1D_eewFq10rRH6Ox4sf1hhFjqKyKapJNNv2oqp0UNYus9ImdrrDmc6lhtZLUnMvTLqVCimn8J8FisAv5yShA4Q0BcSdVxENRdW8Lw5UFWdDyC1Klh7MjwPYs69e2m0x5SqMi5JJwsnlhaJEy706Sths5iXk72eaM-Y5EgCemOZrjWQxiJwX0RRPjmrq7OzKHRm0_X-SCQxQCrVkgYNZsHBw3XA0R-5PbQtryFhx6Pd_vvf6e5bwhloYw&cid=CAASEuRoMH0bI7uH1nEycDEz4ee8WQ&rfl=1%2Chttps%253A%252F%252Fwww.grokiskis.lt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7cc64ec2f55ae9d24be2ca2bd4f933dcf99c9be0ae35871489cf235d5cee6af0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9205
x-xss-protection
0
server
cafe
etag
2170525750406684717
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:35:08 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 03C6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIKc6DSZjmv7eAUYFpPJR_T1uImucy6YIxcCRym1pfdbq6Sy6vywRnGnV2pI_Or6qY2Hn8eqPOb-U-PDRIwCLkB046pwJ8rBa1jSFkjOUgkmokY-fMH5SJbx_-xl93oTO7jBTEf9LojmsUsP4BRr2kcaCgmg&cry=1&dbm_d=AKAmf-CfSFVMWsgw76irddnM3VGrVE9C7P3h0Ymi6yamBJI1E2yQwE2vfGRYnararIYa976Sv6fwPgLwwTAS-Yg7EOA3INPR93FjZVr3n25oLds-7-97nTm0PBbwnRPDIPB3BJR2EdPU7kp1nAP9JShuMLiON868onWkomKlHTuM3PEfUUI054GcxIFo6Lw6JlS3fpXpu3Uf9aOPDlv87QyOU-VwHX5XzwiTerCsHgMYKi2KOKvIAeMF_rPwaUP-gIZBSku6-dTqFO2zbL0tX9wqE44KFjK8n2C2y0tl-kOW8Ft9L6XZZrcFi-8REFiYOgVFCjiYngKaiOEUDPzRtcv3arwmHbsWTwIrRD7zRP9GX3CaTzB6uTa7tS8Glw627PKeG4mnLxrwt7O8DvCSSSpOeZJJLiSyPjvgC7WLYeIfcXnpuad2IrhUPu8UmBrxNb_gfTOzr9P4fAGmeUsaEdV2fQ1lYk6LnJsGvUt4HUqZctFU3QE4l7t60nywwXJ_22Qcja57uffFYTOAy2f6VVv9c3ORp6xKQG13v5_7sRuEMdrhhB9t8d14JKDhruDJN48cl0z1lAbDvItXaV2m7HtHPnerpO6NbQH48zwaNJwkefOWzvpzuQrWb3qSC5aputoi7rBDVM_L0b8sDeJcihM2Sua4VkNujZ7KfjbxFRMVwH7268owZ8T2e2sQyQ25Ga5R-Zf-PC4hzKdhAmrJu6NS4IVsSChXQreYEAo50XyVyakJkblEOWcmX6LgcuqEp5k1VhiZki2eokbI7Cq3uzyObLAAUfKRRdlR6b8Mh8rlf3HgdXAvHDALTIlKRrw57ZJKMp1arpUhqRHpkMv2uErd0Y0rX-MNQ5lkXsFHlJBG3zqV17KZldUq3mo2JTvvYlUFNlQrBo30d4Op2tpC-ZbJMKdNs45k3DH5CTMPOL-eIh5N1Yu_6OG6b4wnAZ9YTdb-t2grTSKC7_9Rk2vyEPiWaFwLn3FpYYVK2DHV-8Ci8nnb5nV6bTUJb6tCzOnXXV0W-qOH6u6nEcd11j396rBKu33jsCnErqVpbw_gmKfndpPtZGDnbDczm8NyQII3Mq7QXJhiO-8dJ4wPyeDmvM6mhCwkxuxOQqhT5pwGQagCYLBo-GInPWj5BFESsuIts9YstIlsYMTJFn7_c4VXEzLTUH1RGr0VsRJpDp4QIcrksUWvvQiWLYOlWwZhvt_ealJWVmZ5xffLPcTkaoORzAhVLfvAdWDDqU4SGntXll-xcpTuEeJO1PAzBEznl7QQHwq2kWv-DwxqXPMSOGGidCqxtJlomyziltkMnFk43mOjXRtG4lTRc_aQENi2tLufQ7HdT-FmY5WuPSJeTSO0OD6t8G7rmVC8S64KLmaDgdGGLNitmA6f_-_7Z_sc65gn1xOlw7EHbgdS4BOh-8PDkmKUmcIs0vLptsc3U9tL5X7zw5OAQyhyBzsylcYzrRmVYJZsApQNN5cpST4Us2a5SMUxiF7M0OJntV-8RixLb14VTe79k7XNGlIQbIYQpWjJnwUlfYbgzFDLgLiC1bdcNtCr97-qoZPAliy9XRY7kmY2BDLpJHa76j-fK9DTNtzeLDpfjp6dtUlMYlxfZaKW3ZC885PsNI3RIe4k6tVvw_uoVaVPB2jGHf5XSbKXnCnOnes0L075bpfb5c7RqQ6346XEHWwAsGM0URJPYaAyOEvCt02ULQJo9DBzRASrJgHz4Pb50dlsC2_dbJ4jLLGY2rXOS1eAWDHPrmwUIt7_7o5QWKf0pJPsXhyou-NSAfbMidZNuv4GVfT7MW9aF5-AIQ_EfXm5jUUTbXY69s8q2ZdEfDec3jRiYRJjqoLnJp6wx85M2cqRtQxDk2_FGaT1n5LmFL5v58aa36LA1NQ2fta4OcV8SWa841l6SkUAhg1SMjCt36q6FQSpL4r1kSxUa_-tXoUSFtOFTKtzTDiGBHkSFu7uFQSTqKp0uEKBkZv2hzjthZJaC2RddWslulRUTomvS78Jqa35D7hJIiG_XZkwgiGdK3JuHTqHZON-mp-cnDUCtWkmsz8wNRvFPx-X-q8BWkcaJXWlIZOgqKkm6XsUMnxNUpOJ9LDjrDWm8BWs09SQ6vrjxyGeebXqaeNUYDRILhmp2ZqyDbuAAioIFYOfOWIL1ripqpYcuDluarhi0IOoX-p1jvCBVXGX7pl5HUwgXpZTmaAaWBVk9DqyA7bflMw7NZ-QlERh9iTdCvkhoLKkdoXv_YujGSaOhQctlE8-Ji2R7IPAtHZ5MABQ2ewjvUVTMG6q_mA_v8wtWIr8fshAxYIWEh9HXElWyIsAd0GctTxo6rkI3akpCF71VUpPOwP7t_Uv4hLC2-TG75MvLhHxgyVhqjjTlObmZ16lkUGtkZTyOqNIbGbnOLZI1dVMp-pRY5xT1EY1COsrjs3z1ScQdZ9AaOYZ3jrnlzDOA1pauAdL5vp5jXpx6Zm3xPUSR-ur34RviNWeZ4lUykYhm00nBV455moMZ28KDaM01OwGkBbp9IUgFcq9oNrqKNUHWhlAZaCgWvv5Ck4FjtegnLz5FqboC_H6ka9cr7SPVe0iGZGK6OWl0836-qUq2EL6dh501gTxnLgqjzaERTZkg3JaafRC_3zUFJV4zbRN3a2hgm6WjQGyv3G8HABNNiXasAU89aLI_GVEZk0b1TowCJED7g_xKNnaOiHtOSxWs1WtXTYmaj3JV_7oYW6K6cPx8sz1fQdi4t9OJlJiGET5hDw-kPqy_EHEle0QBT38Yfs0tddzGIIaNoGMqNzUqtEhVmpHUEGAXLserxqFdiviR4bQcDdQfYZYaaYl0-6tfdbuFBjOIVjThZHvqIi2-KwubyoFQt2lJOv4XzEwUtP53TM3KQeDwPigZ7QoOpLWHvywB1FvAM2dS-rWR6yCjBjVzcQuja5E1HRGekHU5uXklMbAQkA0lHlkNd49BBpWkuBqhU5YBs3EsY4OjC2-uUKrmpZSrk_izEvCOoGj3403s4sVhLlpfhUYT1_M4RolkNUW3XDF43q0OTun7d6aP16bL7BWQkwghZdiJ1693IIDy0-YtB8oDQo9eG3h5KFaKDqw-u2thJ__jQ0MeKb0myGOu2-idl5ONz3b7vlOCnO8vv3uwqmsHR2JXWA1Gi6zu5l5mUJ6-QkmCulCG4D2cB1D_eewFq10rRH6Ox4sf1hhFjqKyKapJNNv2oqp0UNYus9ImdrrDmc6lhtZLUnMvTLqVCimn8J8FisAv5yShA4Q0BcSdVxENRdW8Lw5UFWdDyC1Klh7MjwPYs69e2m0x5SqMi5JJwsnlhaJEy706Sths5iXk72eaM-Y5EgCemOZrjWQxiJwX0RRPjmrq7OzKHRm0_X-SCQxQCrVkgYNZsHBw3XA0R-5PbQtryFhx6Pd_vvf6e5bwhloYw&cid=CAASEuRoMH0bI7uH1nEycDEz4ee8WQ&rfl=1%2Chttps%253A%252F%252Fwww.grokiskis.lt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 11:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 01 Oct 2022 11:59:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 1F14 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRUnDsqNN-9wmNWFRm86R8g0nedwx-RuDtooUcNL87PXltjpBZ0NUgoqp4S07hXVEVS-hU8SJmTLfmfXUW6hzjPVyEIsckaVVh6L3b7PQ3s57shpJlKCcjffFHmdas_z7gi4_Un418opDEbZC0qNpnxalqfQ&cry=1&dbm_d=AKAmf-DipAnCOiTGsPqLIWzMWjszl1tjUZc2S-eauOTlzmYhok2gvmwUwZThZktg5Wlpk1HQg8nUEkUYVHFErzGdqipO4BhnLpuyUC2seOQkbiGW0SyDbEp6eruQTdCzjuvL75MSHK5HYUIQmQNHRuqlZ1lhC7MKu37Bj7GHd9aFd59YlFbS0DDyAe-BiV3fY3GdxoDW_TZGHgnWghCaLdKv-G6OUhWidv8bZ69VDnxOLcmotFwWsTi34uFQVFHttHf1aMwJOeMrSqN7yJlG4sTFDVfXrvckEIkfKmPoQI56pp_1iz4JMcaGGrFEnL7HMdOeYgylI2DVeYMgOyZek9Db0SG1P2bjJGBLZrsc6vmt45DZQ3TLvQn4QowOJ8UnL7ipYXaznTFP_iI1AP1Ex7WwbLkMacDEPwv-p8GacuOBgvsP9IlyC7JJM6KEMmmEB-srEfDAqW-mGBvPdo2EgbJOjUdCw8UNu-LAeW0IC_Fgg3iGj7z_hRQ4VVUJYkvKCIJj1wMzMKByyFJgdxJiOGw9_RVeUHOzs_QdEe-dwDc4Uq34OLwGIaEOvAzxNjSABSSN51uMIkHl4N2WY4l-EQndDqV-N_IFF1CKrRjKRt9_ocgjuXnivDFaJS-W85qsfvHycrQ_ENxcQ9Dw22ZpWxI4pHNNulMiJa5HL_-3w_LILCMvPxGSDt1Sl5NxXD9ShFrcXpg0MmnAuY6W71UuX3kEiuPEBgnuMsiskutZxscSoswkCk9LeSZb-FvoKQ7m9iZZ26yTIp-j8VmDrZj48f-WhHwx-PYj7TS9ZMLtyxnOCsM5ZW1baphNOz0KyjuxEA-HK6b-anLXqJH7Leor1Rho8Y_KKtBeC3Vtn11ODMCAtiardTvee0YwRKzShjxqxssyfWYLZ8PeLtp81WSolLfs8ie013_h1fTsTkr-d05s4p48GXvzuOAUdTEmquBM9ef_UaJcF1WonOjymC3B5ane5hZq3ZlpUjA2EMbuWLP2-0u2qLPJxKsCU-HBKZrIGNbaMPU1vxLiUAcEk53ldHpdeE2daA1W2jcV6Z3TtKWjbdyHjl6lcLYCHf_hO2HHe0yD7Nr2b-cIx33yiiKxatFyePI3MUawJJzV-SVb7uRxQf2SBLMRRnTcyZzBpBQl7msF9ij_HsBElYcmn26HnmGMgEaslVkVQ7AnJopCx-QjhU83QNGbqrynA_NUlTm_XKklbSufoWvAhLrISZHah5_CkMljydQi_6_ENlvlUK2rMdJC1Fyp5wLfLNpU2VLsJz3DvD7PJjyjHxiFnzWGay2JWTD2mNmp2j0XJVxy-SJqmCVqTbTqMfjqN81xuASlpUzOTlXcq4j5vBmgu4pwFXZyUdLe35jetCkfl5EQK7GEQ97iFYtYBkXdyWk7Xzy6bPzHh-y7D3nzJNpHCAklhAGFcQyt0m8aU2OVb5pb6kvcCs92AnGoDLAfx7TX1DywHJcKNpUTdGoXn6sKSdcU0wRiimHwCvz8axYFBgTrQ491xjFOK8kxHpUs9dkHsDm0RvCLDIm5kmt0c0hVOsruORJI5pHOsYvp9X13o7j1ASJhR_NKeOEqFTDit5ZgRMAVEwv_fcLVzXGQCEy8bh6HvI2qWhDi2cCuGE1WuSKEYb_TdhDMDQwsQNc0r2mo1Da_AfQhd1pJGcWTDiP4Zic1uqJ_C21J_Fn4N45mbpvexTx_cCpqgMRmLsugy_KHSINGRd5OZgKSOcLqnp8K1dqL11doLGLVHDbICcIjw9m0za5xZHAsod0h0wx5QA7Hm0xZ1wznPES7t5LiJYD-bH7x02cJ33XHDo8rmeYef96RvtK2loi5LBHVkqqYCRTSWKVnhe6JbSHpxjfGvkNxD0VaNC1Blr_kffZM81udcLIMZBM4NgQCZ5zwLJZnQV7iNMkkCmsU9AlezMfHgnxZN41WcisCxizH9UFcaTeJu9x2l1GueIR3oNnzVP8nnMgR9SeZoANqzehgB_ZLhXBJw2CPSVho1gSc5rKMMIW9wMJvhGf_ewoqn7TUYuY91g4HkEsiRbKgiaJDRtZm5PR5IZtdGXKVSXtSTU6tLftFTjFgyksIVJklf6TJZ0sYpJTl1Tx0rrIfb8O5MgeXnF6CeG0kKyXz-ugAYngH7-tb4GrmDB7Gud-mb0VQ4bNMpSPLRy8FKZdp-yqLmQdLmw4lvAoHs-nTcxK1n5irKK2ywtqX8UxtsQ_QJRUfrBGULUG-JG4uksMXSVcbHJAGm5BCqL3nxQDpDEtN1To7PGrOOT0f8zFtY1lGNoGOmTVZTnUz8RRNYHmcLCsXGh5qkR2Z_DtNrES26ukbHlAGXxgyeGwn_4G5CLvE8XTk8joomNi7Ibg8OdrUPD3E9DmfoawR058cR20fPiIkbFS0HF4AB3C3_69b67YiJmLg2GyM5A6DR0OAWtO_OaEjsaCxICq34WbsCvZP--1Di2gStxN43xONz1-8nwQeZs3mmYyJx_apSY0f018tePMMmH80LM3fya3XflOp6WWww1AGOnE0APpGYsJ13ulh0mXMwaijyeCuvmbaoeN3j7DGnnhIaJVHsTZYbL928wt5pDtP0MZHp9pq3___oWeQ7HgwjqfbRHVJo5x81H-o70Yt1jYTgqLAKY4uo0Z7_Xt878sqvCOQymimAXnN0H_r_JQyUOEt-I-U389Eon7hmYsbXQuy6BihxKQ5CxJDmA0OxrAl1Lkovvjewi5lFmJlXFsRSHL07CA3A9ze_feF0b6S4vWdq60cap4SBLiu_vcgF5sQkkAtZVhJaVxFCB9C0GCCY-9s5PzIRdf5iFv298cJIWOHbvapOvaduo5e2UcFzIkves13GD7c3tRDealWtYx6d1wQGPewLw4TjFykdrAn3f-yhP-QFnlnpbrssnyf6wSXTcqBuLBeLv149G0N-iL5y4aDilzjZ8wFml5vBLmAiuf680uN7_WTfDWux8x9J1DAgKt4WyNy5p-_2-vgzXy7AerJHyP14S0Xo0aTCMF-Lj3wphAp4ji6UHdujsEHOZPYxrVW5M4Q2_pyyWRN0LeAwvrNYWmFg6hJyAbG_qA1kef_KH_RaQR71FdCt8ejMA2EmZzcOOliXBUn8tAfYRnTBCbsSSBxMnjnfu4gsy18sgMji3M1F463XtlWJsiULis5K-EZ9YEnYB41jZmkWnGZKqrTKW5tjFP0PSS5EVtrzawK1_6qzcf3VrmbYLQMBnbtyzqJxFr3DxYmwS5vhN1KZLvuF1eph8X-jpnLPr_hPwwI5wUt_aNt_Dan3DDrQM1tonuDMnslxiau0RTzTQY7esyYph8RT67Q8bhW8FjKBZsfyCBnA8SPCSnIgWVnUhA6ITmzfeHYwWnGp8Ha1XfdHqRrSNNFqypPgVcwoElQS38V&cid=CAASEuRoZNHnYKujum-MjClANQHAzg&rfl=1%2Chttps%253A%252F%252Fwww.grokiskis.lt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7cc64ec2f55ae9d24be2ca2bd4f933dcf99c9be0ae35871489cf235d5cee6af0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9205
x-xss-protection
0
server
cafe
etag
2170525750406684717
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:35:08 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1F14 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRUnDsqNN-9wmNWFRm86R8g0nedwx-RuDtooUcNL87PXltjpBZ0NUgoqp4S07hXVEVS-hU8SJmTLfmfXUW6hzjPVyEIsckaVVh6L3b7PQ3s57shpJlKCcjffFHmdas_z7gi4_Un418opDEbZC0qNpnxalqfQ&cry=1&dbm_d=AKAmf-DipAnCOiTGsPqLIWzMWjszl1tjUZc2S-eauOTlzmYhok2gvmwUwZThZktg5Wlpk1HQg8nUEkUYVHFErzGdqipO4BhnLpuyUC2seOQkbiGW0SyDbEp6eruQTdCzjuvL75MSHK5HYUIQmQNHRuqlZ1lhC7MKu37Bj7GHd9aFd59YlFbS0DDyAe-BiV3fY3GdxoDW_TZGHgnWghCaLdKv-G6OUhWidv8bZ69VDnxOLcmotFwWsTi34uFQVFHttHf1aMwJOeMrSqN7yJlG4sTFDVfXrvckEIkfKmPoQI56pp_1iz4JMcaGGrFEnL7HMdOeYgylI2DVeYMgOyZek9Db0SG1P2bjJGBLZrsc6vmt45DZQ3TLvQn4QowOJ8UnL7ipYXaznTFP_iI1AP1Ex7WwbLkMacDEPwv-p8GacuOBgvsP9IlyC7JJM6KEMmmEB-srEfDAqW-mGBvPdo2EgbJOjUdCw8UNu-LAeW0IC_Fgg3iGj7z_hRQ4VVUJYkvKCIJj1wMzMKByyFJgdxJiOGw9_RVeUHOzs_QdEe-dwDc4Uq34OLwGIaEOvAzxNjSABSSN51uMIkHl4N2WY4l-EQndDqV-N_IFF1CKrRjKRt9_ocgjuXnivDFaJS-W85qsfvHycrQ_ENxcQ9Dw22ZpWxI4pHNNulMiJa5HL_-3w_LILCMvPxGSDt1Sl5NxXD9ShFrcXpg0MmnAuY6W71UuX3kEiuPEBgnuMsiskutZxscSoswkCk9LeSZb-FvoKQ7m9iZZ26yTIp-j8VmDrZj48f-WhHwx-PYj7TS9ZMLtyxnOCsM5ZW1baphNOz0KyjuxEA-HK6b-anLXqJH7Leor1Rho8Y_KKtBeC3Vtn11ODMCAtiardTvee0YwRKzShjxqxssyfWYLZ8PeLtp81WSolLfs8ie013_h1fTsTkr-d05s4p48GXvzuOAUdTEmquBM9ef_UaJcF1WonOjymC3B5ane5hZq3ZlpUjA2EMbuWLP2-0u2qLPJxKsCU-HBKZrIGNbaMPU1vxLiUAcEk53ldHpdeE2daA1W2jcV6Z3TtKWjbdyHjl6lcLYCHf_hO2HHe0yD7Nr2b-cIx33yiiKxatFyePI3MUawJJzV-SVb7uRxQf2SBLMRRnTcyZzBpBQl7msF9ij_HsBElYcmn26HnmGMgEaslVkVQ7AnJopCx-QjhU83QNGbqrynA_NUlTm_XKklbSufoWvAhLrISZHah5_CkMljydQi_6_ENlvlUK2rMdJC1Fyp5wLfLNpU2VLsJz3DvD7PJjyjHxiFnzWGay2JWTD2mNmp2j0XJVxy-SJqmCVqTbTqMfjqN81xuASlpUzOTlXcq4j5vBmgu4pwFXZyUdLe35jetCkfl5EQK7GEQ97iFYtYBkXdyWk7Xzy6bPzHh-y7D3nzJNpHCAklhAGFcQyt0m8aU2OVb5pb6kvcCs92AnGoDLAfx7TX1DywHJcKNpUTdGoXn6sKSdcU0wRiimHwCvz8axYFBgTrQ491xjFOK8kxHpUs9dkHsDm0RvCLDIm5kmt0c0hVOsruORJI5pHOsYvp9X13o7j1ASJhR_NKeOEqFTDit5ZgRMAVEwv_fcLVzXGQCEy8bh6HvI2qWhDi2cCuGE1WuSKEYb_TdhDMDQwsQNc0r2mo1Da_AfQhd1pJGcWTDiP4Zic1uqJ_C21J_Fn4N45mbpvexTx_cCpqgMRmLsugy_KHSINGRd5OZgKSOcLqnp8K1dqL11doLGLVHDbICcIjw9m0za5xZHAsod0h0wx5QA7Hm0xZ1wznPES7t5LiJYD-bH7x02cJ33XHDo8rmeYef96RvtK2loi5LBHVkqqYCRTSWKVnhe6JbSHpxjfGvkNxD0VaNC1Blr_kffZM81udcLIMZBM4NgQCZ5zwLJZnQV7iNMkkCmsU9AlezMfHgnxZN41WcisCxizH9UFcaTeJu9x2l1GueIR3oNnzVP8nnMgR9SeZoANqzehgB_ZLhXBJw2CPSVho1gSc5rKMMIW9wMJvhGf_ewoqn7TUYuY91g4HkEsiRbKgiaJDRtZm5PR5IZtdGXKVSXtSTU6tLftFTjFgyksIVJklf6TJZ0sYpJTl1Tx0rrIfb8O5MgeXnF6CeG0kKyXz-ugAYngH7-tb4GrmDB7Gud-mb0VQ4bNMpSPLRy8FKZdp-yqLmQdLmw4lvAoHs-nTcxK1n5irKK2ywtqX8UxtsQ_QJRUfrBGULUG-JG4uksMXSVcbHJAGm5BCqL3nxQDpDEtN1To7PGrOOT0f8zFtY1lGNoGOmTVZTnUz8RRNYHmcLCsXGh5qkR2Z_DtNrES26ukbHlAGXxgyeGwn_4G5CLvE8XTk8joomNi7Ibg8OdrUPD3E9DmfoawR058cR20fPiIkbFS0HF4AB3C3_69b67YiJmLg2GyM5A6DR0OAWtO_OaEjsaCxICq34WbsCvZP--1Di2gStxN43xONz1-8nwQeZs3mmYyJx_apSY0f018tePMMmH80LM3fya3XflOp6WWww1AGOnE0APpGYsJ13ulh0mXMwaijyeCuvmbaoeN3j7DGnnhIaJVHsTZYbL928wt5pDtP0MZHp9pq3___oWeQ7HgwjqfbRHVJo5x81H-o70Yt1jYTgqLAKY4uo0Z7_Xt878sqvCOQymimAXnN0H_r_JQyUOEt-I-U389Eon7hmYsbXQuy6BihxKQ5CxJDmA0OxrAl1Lkovvjewi5lFmJlXFsRSHL07CA3A9ze_feF0b6S4vWdq60cap4SBLiu_vcgF5sQkkAtZVhJaVxFCB9C0GCCY-9s5PzIRdf5iFv298cJIWOHbvapOvaduo5e2UcFzIkves13GD7c3tRDealWtYx6d1wQGPewLw4TjFykdrAn3f-yhP-QFnlnpbrssnyf6wSXTcqBuLBeLv149G0N-iL5y4aDilzjZ8wFml5vBLmAiuf680uN7_WTfDWux8x9J1DAgKt4WyNy5p-_2-vgzXy7AerJHyP14S0Xo0aTCMF-Lj3wphAp4ji6UHdujsEHOZPYxrVW5M4Q2_pyyWRN0LeAwvrNYWmFg6hJyAbG_qA1kef_KH_RaQR71FdCt8ejMA2EmZzcOOliXBUn8tAfYRnTBCbsSSBxMnjnfu4gsy18sgMji3M1F463XtlWJsiULis5K-EZ9YEnYB41jZmkWnGZKqrTKW5tjFP0PSS5EVtrzawK1_6qzcf3VrmbYLQMBnbtyzqJxFr3DxYmwS5vhN1KZLvuF1eph8X-jpnLPr_hPwwI5wUt_aNt_Dan3DDrQM1tonuDMnslxiau0RTzTQY7esyYph8RT67Q8bhW8FjKBZsfyCBnA8SPCSnIgWVnUhA6ITmzfeHYwWnGp8Ha1XfdHqRrSNNFqypPgVcwoElQS38V&cid=CAASEuRoZNHnYKujum-MjClANQHAzg&rfl=1%2Chttps%253A%252F%252Fwww.grokiskis.lt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 11:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 01 Oct 2022 11:59:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 2A43 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcV-Wh9HVrmhbnjUpLjrPX83FKLQv2oNgkJatSbNnUNjWzi80-QPgETURvadLZH7kJ-4_mn0MwSWmCPxuckhrnEECy4zWQloELfac8fdAlNtGCDSnMcfCONzDO7ziV53Bm2qoKlpi9xXxW3gLQeVUT2BAW1w&cry=1&dbm_d=AKAmf-C6TsXz819-kuzq2EuJTBT63DzBA9142V0EK_cvp5iDDZLNS3bfABys349fdk9yD8PmOp4d_Lq3pMxgz1jAg4LRHlgse4v3WFbcYqvPbCt85rk7vVyii-jlMA6MYG3WXcD8981svJ2WS6qQ70RUOd_gXyL1O9eVPpbKhAs8IJcfXm8njk8p77Pi2kiYCH7T_egTVO78wnKVqjJ2_TrYWl-IIsP4hAbDFcs6QLU7YPUoH8Nwz4ker2PMUi7k4BVVAJXd0-wBfH3NhKznkZLI9YWwpnfXeMoEckMK1eEAsmWHBLlmK-DzT64CgVl-hlhi2Hg3iUqMOavf4zA9u8zLOSHCfP2LapH-lK-UgFxhvAFuy3kyMzZAkeIkuMNOQb1VtB8rhgOdslcy2qnSnRHdrf2ooZOXfr_-y3R6QksZ7HNqvydqxWd1cwOhgctRhZCPaU90zy9fZ3Lu1feeUqK3i8YF0QcaOew7055nEjLSpT9PHG0GPfAwjmZGkvpMoDv8xc9Wiz13--ABh72_qxsjhFFl-jQJwBRQaAC50Tn-22qJN7F_w_oRd3Z9R3syuWLy-dP19AySsBFxccsHkQb_ufSVDhiinWlXb9ug5LPDVM5NEjEO4k4_U1xLP9tMitWBBRA2J4kG_6jS2W74qA4Rm6G9G9qW34imDnmXX3WpwaosscmxoG4AeGodPp1hHb0gbRuuuOw7L-K2szjKipvgDtAnFNmhwyql6L-dAJnfHRHxD19qLV-8WcjJByLOpiAccWzq4GHtPtPKyOnbWa8r-AxtEzlkp6Q8CQLQVCJWP9crSRFoDPDyREZN2T02KUB-oHe15S3KejSJo1te20gU1llrEICjIALVRBHtICTfg1irF6G9OIHTMTKwhvGYJsZC4c68GHUAhXgUVO75V4jT4fU6Hiu4lXSvZ1OA_KuEn9A6OFfrqJO4OLgIMOMq8S3-teP5dsRT6sOCCK8iy7tt7SNYX_EOpMmO9v8QtAT8VeqdQ_hcXnSDac0fXWfVwMIc_vDQoNTzIaXvAjh68-kQ-X1O_7cDvLexJgBgPOXERj19zOVQ9_1C7v8e2lzTtEgJgRbJQqLZwUoYHYfMU0q5GACScqOZS6Q5-42sLxxA3GaSqWc6uC74J8MGXs4beiSRybMqavknRYF-B-qx7U8CjuW-3SY03UmqahW1zAzJCO60oLR3JU6JFt4NodRZVUho3LmSeeZkluqx9AOZFk1npmNHtRvafmvbrGe7yuAQQQ9a1GqqlDEIeLue83dwAYy2r-Rs89Qifddelq7V9D9EMc5xADGW188eTzT-mV0ghl-_zS1uzZwR9vsa4Ob8rHf_CiijkGeg4kKS6JIA4FLnKr6wMpYAsWWNPa4t-eKWLK0z7OnAC13fIIbnid7hMtBH6ei6O_PxYWBXLhl0V12-XXFmEs28r90RnDD9yqhuhadwYcB1M6qU4WjWzNqXYDFHYW9RLkzL1PJo9DEN52CnxRazRndJHDB6DTcdyo6zaESN_BKXOwqy1sGQtlyCxQ2R6s6gDJ4jNa0NaShPrcZTA2TeloyHLOxHd2bX8enxu5RDEKK13CTGL_32Xg3mwxNq5RjMRm-zKObSm0Xa3FzqQEVIbKw9PR99gmxqMvcs1eXhsin4TfCcQsMrNbP46WncUiyZD52IjreRYfGsXKu9Fvv9UR7SxjRoqZf_s9ZPNoT2oUpSvxFhiLEwwp2gvVkL4a9s5pKFHGvLJKNiEyI8Gh4Shy6wy5Y8sZ3wRcsTa8VPKjW9N_pz-7yThxWHWvlUUv9kfHJFBYLcDZGYtrXFP4U26uK4N9AIsOEE8IcD4J-D2z--M4zEKhr85rSg0SO_AVnhONKH__bgSW_mG5FMygAt541z2tfBM3uzmNANphyWpmsx1EDD-8hnyGNhApgxZRLzI2TrwHwq6OI1OOj0yfVPaJ6sLFPXfWO6m9yfwv3eI7O376T8ZH_pH8oENLjyyYULRtOvW7tLLnBSGBvihPflfULRppN3I0JHgEIJB5ALjmDkbEo8iculQb5dEtlW4uLnP8H5S57WPVd5YtmECsPg63bs_OFs6eZ6QUG7FR9d9RwpYe3c1yrH8vXZuz99N-ueAjyNtJ8z21QYRRpMcImjOYLeyoPMCMcTw6lh5x37W5XVBzmUoT8jkZ-TrqZo9EJSAuurPbZYW-CIiGzJlCWpO1Msk508ZgJFiTN-ur3-j1W0YFcSi2MtNKc3M10fyLt4n0yvRBKRknjm1K8U3SA8C_25yK1TtmvB5slud1IIPZrUTsPXdESOE8OeUjOjp3SOTiLD6BkKOKiSdugd9qD_j-89gn4Mi7u5MiIx8-gFIXldVaeiS7kHv1RNiYv0_mqU9KyzSR2CQSagkpD2eGEleXwavAnDQ8bgL7pIklw_YwY8tVH_27mfbMfzgTETIlPX3KrqxcCSUTPUxRDaKLo840AyYgeMOpP1iiK9d4cYX_QqOo0m1VdTYjnypCaWeRdxqxokSBDzqeRxfMLQbg3AybwAXW8fzfru99snSPQ__TrsZO8SjkXHX4T_lFLeoo6nN8zO41rcs7vaskU_pFN7ADIAI4X9di4QYGkOOKg8830zg_onlgtUtyi9CWtAo83lpFkUcqOvNYd8y-QAm9p6GybpuO2q-qILHAf8M7Fcfja8OPNXIKYLbieysFPuI4K1m5yMDoda9tTrmD4AFWOon4leKcbddpMvRS24-j6qS6AYppzAI6yEZT6XJPqBtXk27KfTLiZJLpeomGBUdZnEi5Ae0idORnB_QOrF3Tnn-pceqeDd_JW4jFCqNkLF9iYn_R7HxoJK5H4e2p4dq-JECwvgrEINugheW_3jeDUkfMBE8iz5exXLDQyFpb4XJWhVw_Hyum2U7sS6ECoKLEUwFdxJ5UHifqKKGYcw1izWiwSmSoF9wggFaMDsQTIJlzSbXBvseW9_AYgEew991n6tlpuhoUD6jaFBQpUc9Tkxlc4e7bMd9J5X1g5XIlXwtpEknsIAjRtMA6ahuJJcjvZ92jEmD9hcEPFJ1yhnQ2Vj2n--hhXzvRr1CDcAfmJPW5mW0Z5KWcXfvaufLKCm7PO5QzkHvVtkUeNlInzbzRuOu2qv2V7L3RxzzBpoj6INnAukmb9TfL5mlajF4nFDMh09URs38lKa_YW9_us_JI62wYkiOc3irwQfufZ-sw6e9_vbI28WYln7694mJ9b7pco5SqkpheL1fnA0oGjSzA0YlbYMoQRbsp0k3NAOjAqEdL0XuNx4t-KbCNe9DkGzCBWDq04PwI8ZNVPNKv6kZz6jEwbpmgNZBmN-Nk5zwCL9qnRfsrlJQpcFTm3ExAWGpA_PdqrnC65jKef9pV8JLAT1N8_ZVpDazoKVrMmk_izp0cJzx0OC&cid=CAASEuRolX1QOdXtQZ2OL5UN-3v8gQ&rfl=1%2Chttps%253A%252F%252Fwww.grokiskis.lt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
7cc64ec2f55ae9d24be2ca2bd4f933dcf99c9be0ae35871489cf235d5cee6af0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9205
x-xss-protection
0
server
cafe
etag
2170525750406684717
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:35:08 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2A43 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcV-Wh9HVrmhbnjUpLjrPX83FKLQv2oNgkJatSbNnUNjWzi80-QPgETURvadLZH7kJ-4_mn0MwSWmCPxuckhrnEECy4zWQloELfac8fdAlNtGCDSnMcfCONzDO7ziV53Bm2qoKlpi9xXxW3gLQeVUT2BAW1w&cry=1&dbm_d=AKAmf-C6TsXz819-kuzq2EuJTBT63DzBA9142V0EK_cvp5iDDZLNS3bfABys349fdk9yD8PmOp4d_Lq3pMxgz1jAg4LRHlgse4v3WFbcYqvPbCt85rk7vVyii-jlMA6MYG3WXcD8981svJ2WS6qQ70RUOd_gXyL1O9eVPpbKhAs8IJcfXm8njk8p77Pi2kiYCH7T_egTVO78wnKVqjJ2_TrYWl-IIsP4hAbDFcs6QLU7YPUoH8Nwz4ker2PMUi7k4BVVAJXd0-wBfH3NhKznkZLI9YWwpnfXeMoEckMK1eEAsmWHBLlmK-DzT64CgVl-hlhi2Hg3iUqMOavf4zA9u8zLOSHCfP2LapH-lK-UgFxhvAFuy3kyMzZAkeIkuMNOQb1VtB8rhgOdslcy2qnSnRHdrf2ooZOXfr_-y3R6QksZ7HNqvydqxWd1cwOhgctRhZCPaU90zy9fZ3Lu1feeUqK3i8YF0QcaOew7055nEjLSpT9PHG0GPfAwjmZGkvpMoDv8xc9Wiz13--ABh72_qxsjhFFl-jQJwBRQaAC50Tn-22qJN7F_w_oRd3Z9R3syuWLy-dP19AySsBFxccsHkQb_ufSVDhiinWlXb9ug5LPDVM5NEjEO4k4_U1xLP9tMitWBBRA2J4kG_6jS2W74qA4Rm6G9G9qW34imDnmXX3WpwaosscmxoG4AeGodPp1hHb0gbRuuuOw7L-K2szjKipvgDtAnFNmhwyql6L-dAJnfHRHxD19qLV-8WcjJByLOpiAccWzq4GHtPtPKyOnbWa8r-AxtEzlkp6Q8CQLQVCJWP9crSRFoDPDyREZN2T02KUB-oHe15S3KejSJo1te20gU1llrEICjIALVRBHtICTfg1irF6G9OIHTMTKwhvGYJsZC4c68GHUAhXgUVO75V4jT4fU6Hiu4lXSvZ1OA_KuEn9A6OFfrqJO4OLgIMOMq8S3-teP5dsRT6sOCCK8iy7tt7SNYX_EOpMmO9v8QtAT8VeqdQ_hcXnSDac0fXWfVwMIc_vDQoNTzIaXvAjh68-kQ-X1O_7cDvLexJgBgPOXERj19zOVQ9_1C7v8e2lzTtEgJgRbJQqLZwUoYHYfMU0q5GACScqOZS6Q5-42sLxxA3GaSqWc6uC74J8MGXs4beiSRybMqavknRYF-B-qx7U8CjuW-3SY03UmqahW1zAzJCO60oLR3JU6JFt4NodRZVUho3LmSeeZkluqx9AOZFk1npmNHtRvafmvbrGe7yuAQQQ9a1GqqlDEIeLue83dwAYy2r-Rs89Qifddelq7V9D9EMc5xADGW188eTzT-mV0ghl-_zS1uzZwR9vsa4Ob8rHf_CiijkGeg4kKS6JIA4FLnKr6wMpYAsWWNPa4t-eKWLK0z7OnAC13fIIbnid7hMtBH6ei6O_PxYWBXLhl0V12-XXFmEs28r90RnDD9yqhuhadwYcB1M6qU4WjWzNqXYDFHYW9RLkzL1PJo9DEN52CnxRazRndJHDB6DTcdyo6zaESN_BKXOwqy1sGQtlyCxQ2R6s6gDJ4jNa0NaShPrcZTA2TeloyHLOxHd2bX8enxu5RDEKK13CTGL_32Xg3mwxNq5RjMRm-zKObSm0Xa3FzqQEVIbKw9PR99gmxqMvcs1eXhsin4TfCcQsMrNbP46WncUiyZD52IjreRYfGsXKu9Fvv9UR7SxjRoqZf_s9ZPNoT2oUpSvxFhiLEwwp2gvVkL4a9s5pKFHGvLJKNiEyI8Gh4Shy6wy5Y8sZ3wRcsTa8VPKjW9N_pz-7yThxWHWvlUUv9kfHJFBYLcDZGYtrXFP4U26uK4N9AIsOEE8IcD4J-D2z--M4zEKhr85rSg0SO_AVnhONKH__bgSW_mG5FMygAt541z2tfBM3uzmNANphyWpmsx1EDD-8hnyGNhApgxZRLzI2TrwHwq6OI1OOj0yfVPaJ6sLFPXfWO6m9yfwv3eI7O376T8ZH_pH8oENLjyyYULRtOvW7tLLnBSGBvihPflfULRppN3I0JHgEIJB5ALjmDkbEo8iculQb5dEtlW4uLnP8H5S57WPVd5YtmECsPg63bs_OFs6eZ6QUG7FR9d9RwpYe3c1yrH8vXZuz99N-ueAjyNtJ8z21QYRRpMcImjOYLeyoPMCMcTw6lh5x37W5XVBzmUoT8jkZ-TrqZo9EJSAuurPbZYW-CIiGzJlCWpO1Msk508ZgJFiTN-ur3-j1W0YFcSi2MtNKc3M10fyLt4n0yvRBKRknjm1K8U3SA8C_25yK1TtmvB5slud1IIPZrUTsPXdESOE8OeUjOjp3SOTiLD6BkKOKiSdugd9qD_j-89gn4Mi7u5MiIx8-gFIXldVaeiS7kHv1RNiYv0_mqU9KyzSR2CQSagkpD2eGEleXwavAnDQ8bgL7pIklw_YwY8tVH_27mfbMfzgTETIlPX3KrqxcCSUTPUxRDaKLo840AyYgeMOpP1iiK9d4cYX_QqOo0m1VdTYjnypCaWeRdxqxokSBDzqeRxfMLQbg3AybwAXW8fzfru99snSPQ__TrsZO8SjkXHX4T_lFLeoo6nN8zO41rcs7vaskU_pFN7ADIAI4X9di4QYGkOOKg8830zg_onlgtUtyi9CWtAo83lpFkUcqOvNYd8y-QAm9p6GybpuO2q-qILHAf8M7Fcfja8OPNXIKYLbieysFPuI4K1m5yMDoda9tTrmD4AFWOon4leKcbddpMvRS24-j6qS6AYppzAI6yEZT6XJPqBtXk27KfTLiZJLpeomGBUdZnEi5Ae0idORnB_QOrF3Tnn-pceqeDd_JW4jFCqNkLF9iYn_R7HxoJK5H4e2p4dq-JECwvgrEINugheW_3jeDUkfMBE8iz5exXLDQyFpb4XJWhVw_Hyum2U7sS6ECoKLEUwFdxJ5UHifqKKGYcw1izWiwSmSoF9wggFaMDsQTIJlzSbXBvseW9_AYgEew991n6tlpuhoUD6jaFBQpUc9Tkxlc4e7bMd9J5X1g5XIlXwtpEknsIAjRtMA6ahuJJcjvZ92jEmD9hcEPFJ1yhnQ2Vj2n--hhXzvRr1CDcAfmJPW5mW0Z5KWcXfvaufLKCm7PO5QzkHvVtkUeNlInzbzRuOu2qv2V7L3RxzzBpoj6INnAukmb9TfL5mlajF4nFDMh09URs38lKa_YW9_us_JI62wYkiOc3irwQfufZ-sw6e9_vbI28WYln7694mJ9b7pco5SqkpheL1fnA0oGjSzA0YlbYMoQRbsp0k3NAOjAqEdL0XuNx4t-KbCNe9DkGzCBWDq04PwI8ZNVPNKv6kZz6jEwbpmgNZBmN-Nk5zwCL9qnRfsrlJQpcFTm3ExAWGpA_PdqrnC65jKef9pV8JLAT1N8_ZVpDazoKVrMmk_izp0cJzx0OC&cid=CAASEuRolX1QOdXtQZ2OL5UN-3v8gQ&rfl=1%2Chttps%253A%252F%252Fwww.grokiskis.lt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 11:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88914
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 01 Oct 2022 11:59:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DE1C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=4006835641361368&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 2B6E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 17:43:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
68306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 01 Oct 2022 17:43:24 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 2A5D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:38:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:38:19 GMT
css
fonts.googleapis.com/ Frame 2A5D 		8 KB
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 12:00:30 GMT
server
ESF
date
Sat, 02 Oct 2021 12:41:50 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 12:41:50 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210927_RC00/ Frame 2A5D 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210927_RC00/outstream.min.css
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 14:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:37:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Tue, 27 Sep 2022 14:08:39 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210927_RC00/ Frame 2A5D 		352 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210927_RC00/outstream.min.js
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
sffe /
Resource Hash
7a01223686d9e945a34f29b471baf9217e17332755b4536b03525cb5a9c39e5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 01:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124792
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:37:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sun, 02 Oct 2022 01:10:05 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 2A5D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Oct 2021 12:37:36 GMT
rum
dsum-sec.casalemedia.com/ Frame 2C9C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNU92vIJv6K5uk6vP-Nz1yO2jRJsWXffF3LZQzKEDQJzsCpBy4wlv1WrfEr7i3bwegrk-jDilevvZLWJRvJwXgJEbX8KKswx1sobYcvZCgzJv5_fNtI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 02 Oct 2021 12:41:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2C9C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVhTj7DDsACPtxUdvJtxxwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNU92vIJv6K5uk6vP-Nz1yO2jRJsWXffF3LZQzKEDQJzsCpBy4wlv1WrfEr7i3bwegrk-jDilevvZLWJRvJwXgJEbX8KKswx1sobYcvZCgzJv5_fNtI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 02 Oct 2021 12:41:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2C9C 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNU92vIJv6K5uk6vP-Nz1yO2jRJsWXffF3LZQzKEDQJzsCpBy4wlv1WrfEr7i3bwegrk-jDilevvZLWJRvJwXgJEbX8KKswx1sobYcvZCgzJv5_fNtI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2C9C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNU92vIJv6K5uk6vP-Nz1yO2jRJsWXffF3LZQzKEDQJzsCpBy4wlv1WrfEr7i3bwegrk-jDilevvZLWJRvJwXgJEbX8KKswx1sobYcvZCgzJv5_fNtI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
X-Proxy-Origin
216.131.114.132; 216.131.114.132; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b91a2f60-9e10-4962-9cf5-6cb9d77f7ab6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B51C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNXdFZAE-sEQmBV3njIkq5n6j3oOsK3DtIpnTMxrZsHvXbM21End6FguC1Odkr2pIc2gP9-aaxfiP6RKDUW5ISQbSK1uwV0hufWdPT4Bv0sNOKsM8LY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 02 Oct 2021 12:41:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B51C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVhTj7DDsACPtxUdvJtxxwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNXdFZAE-sEQmBV3njIkq5n6j3oOsK3DtIpnTMxrZsHvXbM21End6FguC1Odkr2pIc2gP9-aaxfiP6RKDUW5ISQbSK1uwV0hufWdPT4Bv0sNOKsM8LY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 02 Oct 2021 12:41:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B51C 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNXdFZAE-sEQmBV3njIkq5n6j3oOsK3DtIpnTMxrZsHvXbM21End6FguC1Odkr2pIc2gP9-aaxfiP6RKDUW5ISQbSK1uwV0hufWdPT4Bv0sNOKsM8LY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B51C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNXdFZAE-sEQmBV3njIkq5n6j3oOsK3DtIpnTMxrZsHvXbM21End6FguC1Odkr2pIc2gP9-aaxfiP6RKDUW5ISQbSK1uwV0hufWdPT4Bv0sNOKsM8LY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:50 GMT
X-Proxy-Origin
216.131.114.132; 216.131.114.132; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4fd23462-8ec8-42d9-b7eb-ad8b84617f5c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9BF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNWe36q919XGADoKrB8mIIKLZhqaPsvhZ-vD4t3FSuoH6HM-rapxC-7yXvau24lSDmcZeH1pUgWve0KVKDceatgNKEh13KVw-rdZrS7h62KqsuWk_a8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 02 Oct 2021 12:41:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9BF4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVhTj7DDsACPtxUdvJtxxwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNWe36q919XGADoKrB8mIIKLZhqaPsvhZ-vD4t3FSuoH6HM-rapxC-7yXvau24lSDmcZeH1pUgWve0KVKDceatgNKEh13KVw-rdZrS7h62KqsuWk_a8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 02 Oct 2021 12:41:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9BF4 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNWe36q919XGADoKrB8mIIKLZhqaPsvhZ-vD4t3FSuoH6HM-rapxC-7yXvau24lSDmcZeH1pUgWve0KVKDceatgNKEh13KVw-rdZrS7h62KqsuWk_a8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9BF4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-L8QIQu9zxAhiw1u6iATAB&v=APEucNWe36q919XGADoKrB8mIIKLZhqaPsvhZ-vD4t3FSuoH6HM-rapxC-7yXvau24lSDmcZeH1pUgWve0KVKDceatgNKEh13KVw-rdZrS7h62KqsuWk_a8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:50 GMT
X-Proxy-Origin
216.131.114.132; 216.131.114.132; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
28ceeb77-7e10-44b3-876b-0b88de6af6f7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg1ODgxNzk4ODU4Mjg0MDM1OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AGSKWxXy_1HUFVcguV4KxQc2V1hg__z_-jGOlNOeu5E1Bg_CAJCTbE2K97fQz1W-_nlijuPeGW-XeiBZSNzx0qiOyBmcNHrA_MSoq5CugGWuZugluaSvjFGmexuqQzq0xoVsc_Q522asmJEYxh-DGICeIcE07u-e3Bql9lhA8LMS7t15_YtcjYApWiplNDZm
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXy_1HUFVcguV4KxQc2V1hg__z_-jGOlNOeu5E1Bg_CAJCTbE2K97fQz1W-_nlijuPeGW-XeiBZSNzx0qiOyBmcNHrA_MSoq5CugGWuZugluaSvjFGmexuqQzq0xoVsc_Q522asmJEYxh-DGICeIcE07u-e3Bql9lhA8LMS7t15_YtcjYApWiplNDZm
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.Isp_WzBNmgo.es5.O/d=1/rs=AJlcJMw4vqQI_eYyP64ZIR4dyw7gSCbTtg/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DulPWd//X06qYt/8GvHtlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DulPWd//X06qYt/8GvHtlg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 12:41:51 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-DulPWd//X06qYt/8GvHtlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DulPWd//X06qYt/8GvHtlg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXy_1HUFVcguV4KxQc2V1hg__z_-jGOlNOeu5E1Bg_CAJCTbE2K97fQz1W-_nlijuPeGW-XeiBZSNzx0qiOyBmcNHrA_MSoq5CugGWuZugluaSvjFGmexuqQzq0xoVsc_Q522asmJEYxh-DGICeIcE07u-e3Bql9lhA8LMS7t15_YtcjYApWiplNDZm
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXy_1HUFVcguV4KxQc2V1hg__z_-jGOlNOeu5E1Bg_CAJCTbE2K97fQz1W-_nlijuPeGW-XeiBZSNzx0qiOyBmcNHrA_MSoq5CugGWuZugluaSvjFGmexuqQzq0xoVsc_Q522asmJEYxh-DGICeIcE07u-e3Bql9lhA8LMS7t15_YtcjYApWiplNDZm
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.Isp_WzBNmgo.es5.O/d=1/rs=AJlcJMw4vqQI_eYyP64ZIR4dyw7gSCbTtg/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hyj3Ck991a6HzE9JVkVDmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hyj3Ck991a6HzE9JVkVDmg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Oct 2021 12:41:51 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.grokiskis.lt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-hyj3Ck991a6HzE9JVkVDmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-hyj3Ck991a6HzE9JVkVDmg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D063 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 01 Oct 2021 11:59:56 GMT
expires
Sat, 01 Oct 2022 11:59:56 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
88915
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AA07 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 01 Oct 2021 11:59:56 GMT
expires
Sat, 01 Oct 2022 11:59:56 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
88915
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8529 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 01 Oct 2021 11:59:56 GMT
expires
Sat, 01 Oct 2022 11:59:56 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
88915
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame 03C6 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=16221812&cmp=25595871&plc=298923361&sid=1461433&dvregion=0&unit=300x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:42 GMT
Server
Microsoft-IIS/10.0
ETag
"08bf9811a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame 1F14 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=16221812&cmp=25595871&plc=298923361&sid=1461433&dvregion=0&unit=300x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:42 GMT
Server
Microsoft-IIS/10.0
ETag
"08bf9811a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame 2A43 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=16221812&cmp=25595871&plc=298923361&sid=1461433&dvregion=0&unit=300x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:42 GMT
Server
Microsoft-IIS/10.0
ETag
"08bf9811a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
bst2tv3.html
cdn3.doubleverify.com/ Frame 17F8 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=48453
Date
Sat, 02 Oct 2021 12:41:51 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 03C6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_27096859837&jsTagObjCallback=__tagObject_callback_27096859837&num=6&ctx=16221812&cmp=25595871&plc=298923361&sid=1461433&advid=&adsrv=&unit=300x600&isdvvid=&uid=27096859837&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=89&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8C%40%3C%3AD%3C%3AD%5D%3DETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8C%40%3C%3AD%3C%3AD%5D%3DETar9EEADTbpTauTau63c6_gga6ba3ab2d3_6e6e2342_g%60h6_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D8C%40%3C%3AD%3C%3AD%5D%3DETauG6CD%3D2DTauA%40AF%3D%3A2C%3A2FD%3A%40D%5C5%40G2%3F%40D%5CGJC2%3ED%5CA282%3D%5C%3BF%5C%3D2%3ADG2%3D2%3A%3C%3A%5C%3C2%5CA2D%3AC%3A%3F%3CE%3A&dvp_exetime=13.50&callbackName=__verify_callback_27096859837
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
bfdb35a623951253b712ee71c8889cccb1f4c003f41e13079ec9c66c2d8ef8ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Sat, 02 Oct 2021 12:41:51 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
10/1/2021 12:41:51 PM
dv-match6.js
cdn.doubleverify.com/ Frame 9979 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=51963
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
bst2tv3.html
cdn3.doubleverify.com/ Frame B008 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=48453
Date
Sat, 02 Oct 2021 12:41:51 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 1F14 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_597488797801&jsTagObjCallback=__tagObject_callback_597488797801&num=6&ctx=16221812&cmp=25595871&plc=298923361&sid=1461433&advid=&adsrv=&unit=300x600&isdvvid=&uid=597488797801&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=89&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8C%40%3C%3AD%3C%3AD%5D%3DETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8C%40%3C%3AD%3C%3AD%5D%3DETar9EEADTbpTauTau63c6_gga6ba3ab2d3_6e6e2342_g%60h6_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D8C%40%3C%3AD%3C%3AD%5D%3DETauG6CD%3D2DTauA%40AF%3D%3A2C%3A2FD%3A%40D%5C5%40G2%3F%40D%5CGJC2%3ED%5CA282%3D%5C%3BF%5C%3D2%3ADG2%3D2%3A%3C%3A%5C%3C2%5CA2D%3AC%3A%3F%3CE%3A&dvp_exetime=8.00&callbackName=__verify_callback_597488797801
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
2fbecaaf94c2ff9ac22a68451e3717f55d76010427ac7b78291c13a7fbd61195

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Sat, 02 Oct 2021 12:41:51 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
10/1/2021 12:41:51 PM
dv-match6.js
cdn.doubleverify.com/ Frame FB40 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=51963
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
bst2tv3.html
cdn3.doubleverify.com/ Frame FDA8 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=48453
Date
Sat, 02 Oct 2021 12:41:51 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 2A43 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_430499070174&jsTagObjCallback=__tagObject_callback_430499070174&num=6&ctx=16221812&cmp=25595871&plc=298923361&sid=1461433&advid=&adsrv=&unit=300x600&isdvvid=&uid=430499070174&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=89&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&aUrlD=-1&m1=13&noc=4&fcifrms=18&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8C%40%3C%3AD%3C%3AD%5D%3DETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8C%40%3C%3AD%3C%3AD%5D%3DETar9EEADTbpTauTau63c6_gga6ba3ab2d3_6e6e2342_g%60h6_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D8C%40%3C%3AD%3C%3AD%5D%3DETauG6CD%3D2DTauA%40AF%3D%3A2C%3A2FD%3A%40D%5C5%40G2%3F%40D%5CGJC2%3ED%5CA282%3D%5C%3BF%5C%3D2%3ADG2%3D2%3A%3C%3A%5C%3C2%5CA2D%3AC%3A%3F%3CE%3A&dvp_exetime=5.80&callbackName=__verify_callback_430499070174
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
788124f08b23062e8ff36028cb5f58db02f9be01b4ff73cdffa9ba40faadcb7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Sat, 02 Oct 2021 12:41:51 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
10/1/2021 12:41:51 PM
dv-match6.js
cdn.doubleverify.com/ Frame 6BDF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: www.grokiskis.lt
URL: https://www.grokiskis.lt/verslas/populiariausios-dovanos-vyrams-pagal-ju-laisvalaiki-ka-pasirinkti
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-187.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=51963
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
csi
csi.gstatic.com/ Frame 2A5D 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ku9sbgap&c=85691533627&slotId=42845766813.5&qqid=COT80Ifgq_MCFQS4dwodWjMFnA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210927_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s30-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2A5D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
245411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:31:40 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2A5D 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 16:33:20 GMT
x-content-type-options
nosniff
age
245311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 16:33:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2A5D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:27:37 GMT
x-content-type-options
nosniff
age
414854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 27 Sep 2022 17:27:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A5D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C70_ljlNYYeT9CoTw3gPa5pTgCf2Tr_hkp7vJ0bUO8C4QASCN5L0pYMkGoAH-7ra5AsgBBagDAcgDmwSqBPsBT9Bqe4TeoC0ZciKTQ96S3oPqg7EHgN1SamYDxLmv8FPY_9OSfdkqKQb2QLwzsAjuPFaU7Guk9CIkF_HmGygT1F0s2_3BQxvBN-EfyQqnO6A7fF0j01dHvLr6Pk520DqrjeoXX_9j5UlB3k72axvjKxdMi0LXnVGhSy2JW8WuxbCcfp9HMlR663TaJbOXLOWjKNxgx4vysKDK4UdY1vq4roX4ro-F9sOZdyH0QvMfvMV-rwwkfQzNrBTaiP_BhTVXd4RRxbvgMGexNqWwJOZtHELuo2IXCmoVgvVIz4kzjH7gtB2ArzCCwARp-ZFZhjVMXwum0pLgucKBpEjABJz6--naA-AEA5AGAaAGToAH6pDJxgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTE4MDkwOTc0MzM1ODcyNDWACgOYCwHICwGADAGwE6-t1AzIE9HSid4D2BMKiBQE2BQB0BUBgBcB&eventType=clickstring&clientTime=1633178511179&ai=C70_ljlNYYeT9CoTw3gPa5pTgCf2Tr_hkp7vJ0bUO8C4QASCN5L0pYMkGoAH-7ra5AsgBBagDAcgDmwSqBPsBT9Bqe4TeoC0ZciKTQ96S3oPqg7EHgN1SamYDxLmv8FPY_9OSfdkqKQb2QLwzsAjuPFaU7Guk9CIkF_HmGygT1F0s2_3BQxvBN-EfyQqnO6A7fF0j01dHvLr6Pk520DqrjeoXX_9j5UlB3k72axvjKxdMi0LXnVGhSy2JW8WuxbCcfp9HMlR663TaJbOXLOWjKNxgx4vysKDK4UdY1vq4roX4ro-F9sOZdyH0QvMfvMV-rwwkfQzNrBTaiP_BhTVXd4RRxbvgMGexNqWwJOZtHELuo2IXCmoVgvVIz4kzjH7gtB2ArzCCwARp-ZFZhjVMXwum0pLgucKBpEjABJz6--naA-AEA5AGAaAGToAH6pDJxgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTE4MDkwOTc0MzM1ODcyNDWACgOYCwHICwGADAGwE6-t1AzIE9HSid4D2BMKiBQE2BQB0BUBgBcB
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 2A5D 		29 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C5GREctqYXB6v34pR_So0U_Tsw7cOeQ6of8LmMI1bUVOqdBlXmJyQ98_p5V04PLTgu0-EOZvmLcvfDoW9mbDXXSZQ7NQ&dbm_d=AKAmf-Cqkj3SOXk1uRUwg99ZZsmOysl6jT6NAsvzNpus3BGLqojzEq7zSlVmL586e8H6OZ22b6ozVKvMztrMKwlOJfnTLZpSD7Jr9NktjQsN_q14yF322NtNkpCy57B92KbhW4HSHjfWRYtUOPGS7-g_dF7f9T7NGWj0TeDYAkjkl2JBtf91Q7dHi257fSoBGaW4q8dUeqWYOF1HsMSh970iRLmAC1UiLQUE_J-9VUT1amsv8YLeTtxfHimddwUT8uVQYLE4iCxmc22yhTjigQZ1mZq1nqpJP9qh8qcTNWJkQw-_w_VGjHPDDTJA5cS8myluWj5iZjwq_XZUvb7am0gTY9JmE59sZR-uflavjySoH0kg3xWf34sYiHax0-J9ldtM-cCGo2kkz1SrPngSQiOGSM9l9el4EUUTaP06ex4R1_vtxhw0W9gMbvczxg-blCWLuGDrK5IPjbeT-vxh0DBtgJFGvOj0gGDxdQNLL5HYh_fPdDWP30hpCHRmxPCNl-o2wGQTLrN6vUYqv8CJJ08DhmBaTb5GPs6NYbl5EzbK1s_3fJww3a0nOD01UzU62uKRMGl_1GV0f2L4-gE0jX05WaynylhvL3l2zivVrDKAdthE1OFHkHpK8I3gYGQrE3mqU1HzmtxsKoJtKOJjwMK74ZH-EsPgE5ZAaiZnG_mYs21radgbaqKlBBuuKJ69UZ-N2cO9IkVTWAkCoMvyIU3FAmvLC_WDS0X0QnhX3XItaSth7HO2UJmoGx9EVGd7brWjMLksqOkTv17HNL04TCZyIXV98Y-MGfevkdLawvkiOePHkDlYS7Z5lQCTHNr3ejZwf7k7bUI4vb93_tNmBkzMfu17jp8dkh2rdsUL2A5Rj4YDcX64wvGnK0Y7Cw09IePAWOayiOPU5gDpeD6xhOYgC9j-y3x8zKDyuOjdIjyDyNhL5rfOPqOUggjnaWf6VGvkPxeGqjVsiP5dVImiW9KpjA785piUTH3KV_-XStOeKeyyiKwVSV36S5WyeTBGBjAIncMI_Q_du1E7nVsv3N7oAQKZlj7KhSV0umv_yzY7RFO8sHoo42buohtCMBqVUkHlwHSAfnUSnX5dc_rmXZDeRviRlsiB8Q-dWByQyWO0r2R0PTj9S8ECbKuAR--3Awp2klXr6tv9wn1RMKo1hlqEqYedKFzTmMzIGtSUJuUQ3shetYG1VDMEZTd8S7ABdbI6ufXe6P8uOzyihrZ_2bIOPmJpTW1inmHAj6KauPFUtYIo2ZJd1ljIfdaA35xiZAPnBPTRbAh3a09VpQudSJ-b_5x7aGlYQXNdp87MpPsE64l61MsD4re8oaaEsZbkWSQN4PBNbU1B-EgMYFaerJ_2rt8t69oD0_Y9TTLdNPo8mSgKPuO9aIkm5-BGCCtGgOGSNPLJ_xSY57QULVjX9gYTw8orhRV6LkGog3-2REmsbEl2nOjQgBmID7hPIcihOtWthfe9ypsZacvr3wChToh26Vq3NEmfq_k0tEuODexxrnw5l1A3vCrsyFCNkMTPft-MwUukJTkYAbHFz47HhVpK_2_6HEecLdJIPImifC55BNT5NWHFJkUOmZziQhcyuCLM9po5mandu7EuksX5w8zm60CmTB81rgDMuVLei7SzMW5UEjyyy_WG7uL81F93OKcCiKEu6dRC0vz4SiGW7fW5T-j6RL0QwqXioZ0bxf5EQa1drOTsP69yf2NPnPx9WoovuZewfUHop4c_dgHLBAPgCJupEXPwg3xXogrlSiUEMV19-g0JdhMeXjWeqF0dk-7zrHCGfwWb178z9H4l7_8A4uQJ7zCFnSEqTWF0aicx3WlqB_FAwBmXeV8FlVgmoH3dVPcUSFBpSzWlEZ6CcGdf99xXvi3VAKllM5Z_9lcaoTP8O88iN5JS9sWlSzYTamHcLkPa1cc6oCS2kWTE6h1utGLAHGZqwNBoF6j_-9srhLpsCaEMOTV8PXx-7RcGt5ppzMuQbb39_KX64aMI5PvRmQIK74LhcgTydfhvcR33kYMDrBehjfiiBc_-vTJeGhMDbZd3_Ne8gACYTPDNMObZUka-XMpZBxOmMWfmCk4I5XQDYdLxDz3DAyPPWRv1eoGkeKyXtrqPjPCb4bkdZ1EDH65YpjvPXmN4pYCk9tZGHVHPQDcF8zxHFSmKg7B6l3LOWgEcRxnx-KhpsMLnCwJdek8MKCyxzJ22oR61SZgmu2k-UBGvn4IYBPqMjfuNO327xtR7pvK-8xvPN5G3HicQ7MxKhhVeW2vLUxhl3YMAcOCugvf3wsyoqo35SivYkFcHKZNoFwhPUSzwcUc0_ES2LSG78GObdjp02GAhwGSal_AkjAGdsxig7VcQlFwSTT2_B2rtKxwLGJ-1di-ODqZEw9YQ9P1jUigIdH7ZA3LBfUDjzQHSySZuJrCYNvI07sGTah5NovoNZH-RxdcoTsjRxCt80Y-bPGiUhR5_4v_JVTK9BSncYT-uPPt_XIohpjtmG84R-ZlO8TFYZdE58HCsBj1mRekgTLUiekrf_NROqHhW53l8tAlF1U5-O4GR84tZOY_tjPUIE0GrWLuvV3iuBc4w-hDj6kQaMvz3yCFhL-5Wrv0nP5HDHYrqD7Mt4H9AltUep9cDRh8-O59uA1eBAvKB-zLkKTUNE3zpmNI7l0bIuwXyEL1FvITFm3YWsQsM7aoYOT4NGjJQQ-Z39Cu1Hc3TgLp8h9pCntuWx-xg1Y70wwmc0xavuzfY5ogss-CVZTUFRAzY78v8XWMU3Xsf9jqLLCVuZDU6l-rtMIQH8KPUMugvhm2IvEgJtycMXupIX1Ex10UfgX4BM5q7DYpSUaUKfCQ2WfvVjpoN9fXyCtV2meGb183RfIkD0bOCpxCwFz6FJAMjrP7ELRcIykZaOxAkzOWI11TqP0-6LNXgF0apgVvpfYfiAHeP_VOXcMewpT0C-0MJ5I4x_JXgMkAvG21ykMn-xvUqlCs74twp4nIGcdS4bXOqNEOhMu0njfZ1lYBduyBhedgEmfSsAhfwXPKseS88xSFXyRuASVton-aL8cru5_Q8AjoBau2dw58ve3hIQVfdXHYpH1HHD6OS95JdG0DskXHhbgLbjeLtToBTbKGq12gTqlowjni1BtZd3l8d--_oKTmMFjjCDKB1cNZZb58D1pd7XkNC45Jhcr_u3GaKxkcvVYwdVHjgIKQiQF9a_Ef1c91j0sBvuxP4F-6QP2cZ2C_PwzeGBsmnzgIwrLJO1MAXzgEjoEcUsBCxnenXmn5RNNApT1wPvAVvsFzoVpeTMDfwWQ3dlYeAMhl9TRpVSdwhsVA_ptfYbK0HA_V1B-Xh7Cax9E_IfmkPlTGIpsN-KesvVxOl21bRFqb21qPMst8ioXXvzjGsRv0zwfr7GPvgCVdVSxJR7iKMp_mJwyDAODRZ-ZX3xFj_JBcIg8JGosgLIX9GrJ_jW82-DJCiorwElQKin71IwGGUwIimA_zOg6Ur89ka5LnomkF3x_Pw0V5bEvCE0CCnikedMyOAPwVQ&cid=CAASEuRoQ0zeLZbv8CsoAf5PuqnB3A&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210927_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
cafe /
Resource Hash
a4dc3a7d23d1a2207db8206f535a8ddbd379cdc9c0395cb1f366687742aac9de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14260
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2A5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqn2gjlNYYeT9CoTw3gPa5pTgCf2Tr_hkp7vJ0bUO8C4QASCN5L0pYMkGoAH-7ra5AsgBBagDAaoE-AFP0Gp7hN6gLRlyIpND3pLeg-qDsQeA3VJqZgPEua_wU9j_05J92SopBvZAvDOwCO48VpTsa6T0IiQX8eYbKBPUXSzb_cFDG8E34R_JCqc7oDt8XSPTV0e8uvo-TnbQOquN6hdf_2PlSUHeTvZrG-MrF0yLQtedUaFLLYlbxa7FsJx-n0cyVHrrdNols5cs5aMo3GDHi_KwoMrhR1jW-riuhfiuj4X2w5l3IfRC8x-8xX6vDCR9DM2sFNqI_8HdNOUdjHsliXK3jXwKan1KF4URvgbbg6dJi43n70JLgBqU3BkcXmE90ZHuHL4aYVR6_5ZMJ75XTTWFDcAEnPr76doD4AQDiAX28L3-NZIFBggDEAEYAZIFBggbEAEYAZIFCwgiEAEYAUiJ-ZkBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAfqkMnGAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwoQ358jGJvt2bMB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tMTgwOTA5NzQzMzU4NzI0NYAKA8gLAbATr63UDMgT0dKJ3gPYEwqIFATYFAHQFQGAFwGyFx4KHAgAEhRwdWItNzM4MzE3MTgzMDYxNDIxNhiV4h8&sigh=RIP1FyaRSRg&cid=CAQSOwCNIrLMWOHz0vYk3q3-nooXm-j5xVBcv2K6Q8szY0XEFo3A0Jq7WAJPlJJ7ngteh1955KMcP6tgO1I7&vt=10
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DAB7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 02 Oct 2021 08:58:57 GMT
expires
Sun, 03 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
13374
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2A5D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7dc69a5a47ffe3a98d4b1b3fe08d177b8d135318aded51bf7e560123c6143eae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame D063 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 17:43:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
68307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 01 Oct 2022 17:43:24 GMT
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame AA07 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 17:43:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
68307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 01 Oct 2022 17:43:24 GMT
bsevent.gif
tps20519.doubleverify.com/ Frame 1F14 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20519.doubleverify.com/bsevent.gif?impid=a56498af68744a818193788f34ca4e89&dvp_or2=1&cbust=1633178511342903
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/1/2021 12:41:51 PM
bsevent.gif
tps20519.doubleverify.com/ Frame 1F14 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20519.doubleverify.com/bsevent.gif?impid=a56498af68744a818193788f34ca4e89&vfdur=174&cbust=1633178511343645
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/1/2021 12:41:51 PM
dcmads.js
www.googletagservices.com/dcm/ Frame 1F14 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b2db7373b4a646a326952fa386be6fde1ce4c93f101258d840c91e42af13d47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4403
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 16:41:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-dcm-tag"
expires
Sat, 02 Oct 2021 13:22:25 GMT
bsevent.gif
tps20513.doubleverify.com/ Frame 2A43 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20513.doubleverify.com/bsevent.gif?impid=79ff9653c4eb4fe2ab8bdfc572d5b370&dvp_or2=1&cbust=1633178511344977
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/1/2021 12:41:51 PM
bsevent.gif
tps20513.doubleverify.com/ Frame 2A43 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20513.doubleverify.com/bsevent.gif?impid=79ff9653c4eb4fe2ab8bdfc572d5b370&vfdur=158&cbust=1633178511345911
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/1/2021 12:41:51 PM
dcmads.js
www.googletagservices.com/dcm/ Frame 2A43 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b2db7373b4a646a326952fa386be6fde1ce4c93f101258d840c91e42af13d47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4403
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 16:41:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-dcm-tag"
expires
Sat, 02 Oct 2021 13:22:25 GMT
bsevent.gif
tps20519.doubleverify.com/ Frame 03C6 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20519.doubleverify.com/bsevent.gif?impid=cd8faacd29c840efb6e42c04fd80af27&dvp_or2=1&cbust=1633178511346824
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/1/2021 12:41:51 PM
bsevent.gif
tps20519.doubleverify.com/ Frame 03C6 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20519.doubleverify.com/bsevent.gif?impid=cd8faacd29c840efb6e42c04fd80af27&vfdur=196&cbust=1633178511347784
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/1/2021 12:41:51 PM
dcmads.js
www.googletagservices.com/dcm/ Frame 03C6 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
b2db7373b4a646a326952fa386be6fde1ce4c93f101258d840c91e42af13d47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:22:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4403
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 16:41:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-dcm-tag"
expires
Sat, 02 Oct 2021 13:22:25 GMT
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 8529 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 17:43:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
68307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 01 Oct 2022 17:43:24 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 2A5D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210927_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 00:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 02 Oct 2022 00:47:51 GMT
file.mp4
r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/5b443c75f29a4b7e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3775070506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 2A5D
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/5b443c75f29a4b7e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3775070506/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/5b443c75f29a4b7e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3775070506/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/5b443c75f29a4b7e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3775070506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/12527374689BDA39269858982D92C68C51759FA7.3F2F36866577EE87074010EBDAF556FC482ED23A/key/cms1/cms_redirect/yes/mh/on/mip/216.131.114.132/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1633177947/mv/m/mvi/2/pl/24/file/file.mp4
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.160.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s15-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 12:41:51 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4457250
Last-Modified
Thu, 02 Sep 2021 22:41:45 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sat, 02 Oct 2021 12:41:51 GMT

Redirect headers

date
Sat, 02 Oct 2021 12:41:51 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/5b443c75f29a4b7e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3775070506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/12527374689BDA39269858982D92C68C51759FA7.3F2F36866577EE87074010EBDAF556FC482ED23A/key/cms1/cms_redirect/yes/mh/on/mip/216.131.114.132/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1633177947/mv/m/mvi/2/pl/24/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2A5D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ku9sbgb1&c=85691533627&slotId=42845766813.5&qqid=COT80Ifgq_MCFQS4dwodWjMFnA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=991&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&met.4=videopreviewvisible.z3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210927_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s30-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame DAB7 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJrtyjztRG-bz9O3E5Griss&google_cver=1&google_push=AYg5qPLy-9g8phdfY2sHsu8TsfpD07yeD58OTonUBt-rlJuCUqADiT4qD0TiRQGTO-x44tIFH8dmD2LOAKWehOtkDyu_Fezrw1c
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame DAB7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAuUUGmD-I801wjoTPVj9BU&google_cver=1&google_push=AYg5qPLDmnpEEBHcGo-bf0WdG9GztYfpH4cO4atspcV5O9WYh-79TRxpGnWaO5dabxlY9B0gt1dOMfR...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEAuUUGmD-I801wjoTPVj9BU&google_cver=1&google_push=AYg5qPLDmnpEEBHcGo-bf0WdG9GztYfpH4cO4atspcV5O9WYh-79TRxpGnWaO5dabxlY9...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=iqYzdncqRbiN1YVejaYO-mFYU48
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=iqYzdncqRbiN1YVejaYO-mFYU48
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=iqYzdncqRbiN1YVejaYO-mFYU48
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame DAB7
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOJ87C3NhIzgOoxrlCLCWQY&google_cver=1&google_push=AYg5qPL4dSU8sL35jMi1umpJ8-7UEH1wxJRNfouFNdjJS195Op5MTJ_tfVSbkrxOTPAowHCmGqqFANFuzCJQl92i...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL4dSU8sL35jMi1umpJ8-7UEH1wxJRNfouFNdjJS195Op5MTJ_tfVSbkrxOTPAowHCmGqqFANFuzCJQl92igOiD-j_A_fU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL4dSU8sL35jMi1umpJ8-7UEH1wxJRNfouFNdjJS195Op5MTJ_tfVSbkrxOTPAowHCmGqqFANFuzCJQl92igOiD-j_A_fU
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 02 Oct 2021 12:41:51 GMT
via
1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL4dSU8sL35jMi1umpJ8-7UEH1wxJRNfouFNdjJS195Op5MTJ_tfVSbkrxOTPAowHCmGqqFANFuzCJQl92igOiD-j_A_fU
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
-Sg4RRUuxeo1vbGUI98cBbQ0F5ehzQ95QVKCmskqNxg3PgvJXWT44Q==
exptsync
ads.yieldmo.com/ Frame DAB7 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEOIPixYaG7GWPgt4mWxBSWY&google_cver=1&google_push=AYg5qPJNBAJNWuwSXdGFGv9sfbK1ia76inHZ-hMGBQvQSl2FE9EJVFoRovY4dGsO38mJfdOuS-t9kcO_lW2ax4P7o5f70McofEc
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.50.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-50-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:51 GMT
pixel
cm.g.doubleclick.net/ Frame DAB7
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEC97ZTc8G4ydSqPthoeC_oU&google_cver=1&google_push=AYg5qPKJ30GQWxAmshwl7UbilmQ6Gr_rvlUFpP7shM4QqxC-MC8-hJQ6DGAJco4p41BVa26Dl0C5VMxQG_k44UaDfqbJTlJugfk
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&mn_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKJ30GQWxAmshwl7UbilmQ6Gr_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&mn_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKJ30GQWxAmshwl7UbilmQ6Gr_rvlUFpP7shM4QqxC-MC8-hJQ6DGAJco4p41BVa26Dl0C5VMxQG_k44UaDfqbJTlJugfk&gdpr=&gdpr_consent=
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&mn_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKJ30GQWxAmshwl7UbilmQ6Gr_rvlUFpP7shM4QqxC-MC8-hJQ6DGAJco4p41BVa26Dl0C5VMxQG_k44UaDfqbJTlJugfk&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sat, 02 Oct 2021 12:41:51 GMT
sync
rtb2-useast.torchad.com/ Frame DAB7 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.torchad.com/sync?exchange=309&google_gid=CAESEDFniLWsTNlAGK_RP3zsRNQ&google_cver=1&google_push=AYg5qPL50645mf3vCieYTEnStX2VEODje3fzPy2fQ17wob9WZGdUh9QvbcbGekJhVVMTLJcBivPfqMa1EBrgp1JnTnJEc6HM3v0
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
dot.gif
s0.2mdn.net/ Frame DAB7 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEI1nnSsdY6zXIwgezQjOmm0&google_cver=1&google_push=AYg5qPLRKwqIcnFnmhkfzKDpg7ZRcRCzMsa4hLBrdOM9ATv_DlygE1QfgnB0WfY07lQc700JU2ILxOI0wYCgm-3N7V-aVPI5kUf_
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Oct 2021 12:41:51 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DAB7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IhJ59_vqQm8ZDSnAt4-w1ahWyFSoDbjRt4jIRztFXNaEIMxTDj7OUyvlQYJ9sFERKE7Ufe4A
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
impl_v80.js
www.googletagservices.com/dcm/ Frame 1F14 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v80.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
7a3e1fa68b2ed9b3c641299d3129d7439377b2f2f21a4f13d17435967ecb00a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 10:03:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15821
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 14:32:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-dcm-tag"
expires
Fri, 30 Sep 2022 10:03:42 GMT
impl_v80.js
www.googletagservices.com/dcm/ Frame 2A43 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v80.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
7a3e1fa68b2ed9b3c641299d3129d7439377b2f2f21a4f13d17435967ecb00a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 10:03:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15821
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 14:32:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-dcm-tag"
expires
Fri, 30 Sep 2022 10:03:42 GMT
impl_v80.js
www.googletagservices.com/dcm/ Frame 03C6 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v80.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
7a3e1fa68b2ed9b3c641299d3129d7439377b2f2f21a4f13d17435967ecb00a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 10:03:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15821
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 14:32:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-dcm-tag"
expires
Fri, 30 Sep 2022 10:03:42 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 70FD 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Tue, 28 Sep 2021 07:40:06 GMT
expires
Wed, 28 Sep 2022 07:40:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
363705
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 68CD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 02 Oct 2021 08:58:57 GMT
expires
Sun, 03 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
13374
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1F14 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5a38e77f04b610271b24596f342c80dcfc1b56f64d1316096b08f02330a8cd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0977 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 02 Oct 2021 08:58:57 GMT
expires
Sun, 03 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
13374
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2A43 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cb5bd6de06a4791bce5de63f5311994c5bf683db36d9463c2365e3d77c4f7c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4929 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 02 Oct 2021 08:58:57 GMT
expires
Sun, 03 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
13374
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 03C6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1f817325e203b6bbc600303dbff26828f93eeb8da0c0dcf2966dcc3ff95a463

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
file.mp4
r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/5b443c75f29a4b7e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3775070506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 2A5D 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-4g5lzne6.c.2mdn.net/videoplayback/id/5b443c75f29a4b7e/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3775070506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/12527374689BDA39269858982D92C68C51759FA7.3F2F36866577EE87074010EBDAF556FC482ED23A/key/cms1/cms_redirect/yes/mh/on/mip/216.131.114.132/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1633177947/mv/m/mvi/2/pl/24/file/file.mp4
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.231 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s15-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 02 Oct 2021 12:41:51 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4457249/4457250
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4457250
expires
Sat, 02 Oct 2021 12:41:51 GMT
last-modified
Thu, 02 Sep 2021 22:41:45 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame 2A5D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ku9sbggd&c=85691533627&slotId=42845766813.5&qqid=COT80Ifgq_MCFQS4dwodWjMFnA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=991&mt=video%2Fmp4&vs=640x360&ple=0&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F5b443c75f29a4b7e%252Fitag%252F343%252Fsource%252Fdoubleclick_dmm%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F3775070506%252Fsparams%252Fid%252Citag%252Csource%252Cctier%252Cacao%252Cip%252Cipbits%252Cexpire%252Fsignature%252F6BBF3A77EEFBC5D73CA109263E8FEF25C79CD044.8F79885F911C2FAC40A96E067975DB3E58941389%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210927_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.191.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s30-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
node.php
node.setupad.com/node/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 02 Oct 2021 12:41:51 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 70FD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 17:43:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
68307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 01 Oct 2022 17:43:24 GMT
pixel
cm.g.doubleclick.net/ Frame 68CD
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEPeVcTqtoXtiiHQo2wEAyik&google_cver=1&google_push=AYg5qPIIcYMFLWX9zUIUPnyNchH0HSacsphQcScUotK1h6ImZQFPKQ8TJ98NEniXbA3xBplEeyrq7houI1pT530OglLa9AUGPw
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEPeVcTqtoXtiiHQo2wEAyik&google_cver=1&google_push=AYg5qPIIcYMFLWX9zUIUPnyNchH0HSacsphQcScUotK1h6ImZQFPKQ8TJ98NEniXbA3xBplEeyrq7houI1pT530OglLa9AUGPw&bo...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIIcYMFLWX9zUIUPnyNchH0HSacsphQcScUotK1h6ImZQFPKQ8TJ98NEniXbA3xBplEeyrq7houI1pT530OglLa9AUGPw&google_hm=bBPwopj_D0EAAikABlF8QQZrH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIIcYMFLWX9zUIUPnyNchH0HSacsphQcScUotK1h6ImZQFPKQ8TJ98NEniXbA3xBplEeyrq7houI1pT530OglLa9AUGPw&google_hm=bBPwopj_D0EAAikABlF8QQZrHQ%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f12-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPIIcYMFLWX9zUIUPnyNchH0HSacsphQcScUotK1h6ImZQFPKQ8TJ98NEniXbA3xBplEeyrq7houI1pT530OglLa9AUGPw&google_hm=bBPwopj_D0EAAikABlF8QQZrHQ%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 68CD
Redirect Chain
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEJwk7XBn9oDlv6zrTFih_C8&google_cver=1&google_push=AYg5qPIk4yVYBmk8GSM0tFVT10Al0RK--o-DzcVXo4vOOcHH6swMEzbgn4H5qRzBnIYhz7wEi_OuthAzlViWhBuf2dXv...
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPIk4yVYBmk8GSM0tFVT10Al0RK--o-DzcVXo4vOOcHH6swMEzbgn4H5qRzBnIYhz7wEi_OuthAzlViWhBuf2dXvS_p08CA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPIk4yVYBmk8GSM0tFVT10Al0RK--o-DzcVXo4vOOcHH6swMEzbgn4H5qRzBnIYhz7wEi_OuthAzlViWhBuf2dXvS_p08CA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 02 Oct 2021 12:41:52 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AYg5qPIk4yVYBmk8GSM0tFVT10Al0RK--o-DzcVXo4vOOcHH6swMEzbgn4H5qRzBnIYhz7wEi_OuthAzlViWhBuf2dXvS_p08CA
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 68CD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcE...
0
0
pixel
cm.g.doubleclick.net/ Frame 68CD
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIVOJJHqt9vjdhlQ4pBjg-k&google_cver=1&google_push=AYg5qPLwGpV3KFrn7-yVphpHFZig6nmX8AL1UyxvpZEjp0M8CCQlh1tb121yesFiJKqbVn9s7LZKWT_ARQbetaUT...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLwGpV3KFrn7-yVphpHFZig6nmX8AL1UyxvpZEjp0M8CCQlh1tb121yesFiJKqbVn9s7LZKWT_ARQbetaUTXU_8MjbKLCc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLwGpV3KFrn7-yVphpHFZig6nmX8AL1UyxvpZEjp0M8CCQlh1tb121yesFiJKqbVn9s7LZKWT_ARQbetaUTXU_8MjbKLCc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 02 Oct 2021 12:41:52 GMT
via
1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLwGpV3KFrn7-yVphpHFZig6nmX8AL1UyxvpZEjp0M8CCQlh1tb121yesFiJKqbVn9s7LZKWT_ARQbetaUTXU_8MjbKLCc
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ogFRlFuli1IHluF0EkxB1beH74d1GXVs5kb5mw47OXPHJwlHIgTb-w==
pixel
cm.g.doubleclick.net/ Frame 68CD
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEDBN2CY7wt5quAL-pXsHIKY&google_cver=1&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7R...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDBN2CY7wt5quAL-pXsHIKY&google_cver=1&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkY...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKk...
0
0
pixel
cm.g.doubleclick.net/ Frame 68CD
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEECJTqgEHvV-McEIA6uM8h0&google_cver=1&google_push=AYg5qPKkXHnu3FX61C0gLe5OHVGjiD0jgZA6vWmIl9_tP-9Od4MekZc8uS-ZhQbIJNaxrVj2LeP9K...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPKkXHnu3FX61C0gLe5OHVGjiD0jgZA6vWmIl9_tP-9Od4MekZc8uS-ZhQbIJNaxrVj2LeP9K2ki-BfdVdg1GTUXuAn5REQ&google_hm=WVZoVGtNQ284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPKkXHnu3FX61C0gLe5OHVGjiD0jgZA6vWmIl9_tP-9Od4MekZc8uS-ZhQbIJNaxrVj2LeP9K2ki-BfdVdg1GTUXuAn5REQ&google_hm=WVZoVGtNQ284WUFBQU1XN0pBQUFBQUFB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
42
Date
Sat, 02 Oct 2021 12:41:52 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEECJTqgEHvV-McEIA6uM8h0&google_push=AYg5qPKkXHnu3FX61C0gLe5OHVGjiD0jgZA6vWmIl9_tP-9Od4MekZc8uS-ZhQbIJNaxrVj2LeP9K2ki-BfdVdg1GTUXuAn5REQ&proto=google_ebda","cluster_id":42,"gdpr":true,"ipv4":"0.0.0.0","key":"YVhTkMCo8YAAAMW7JAAAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad98"}
X-SO-Ads-Time
7
X-SO-Key
YVhTkMCo8YAAAMW7JAAAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad98
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPKkXHnu3FX61C0gLe5OHVGjiD0jgZA6vWmIl9_tP-9Od4MekZc8uS-ZhQbIJNaxrVj2LeP9K2ki-BfdVdg1GTUXuAn5REQ&google_hm=WVZoVGtNQ284WUFBQU1XN0pBQUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad98.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng28.dc4p.scaleout.jp
X-SO-IP
216.131.114.132
pixel
cm.g.doubleclick.net/ Frame 68CD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDXg8-iJGhdM3ZBO67ylJIc&google_cver=1&google_push=AYg5qPLYMbnTqzKUNjuk9EEsozmrVVrWLikSzdN3hgtHFJEuwrD4MhycBUsL9dIEWKGsM9hZ8g...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDXg8-iJGhdM3ZBO67ylJIc&google_cver=1&google_push=AYg5qPLYMbnTqzKUNjuk9EEsozmrVVrWLikSzdN3hgtHFJEuwrD4MhycBUsL9dIEWKGsM9hZ8g...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GaDZoNDF4RTJ1R3pHUnM3dmRRNlJUN2FQMVNnWHhwc35B&google_push=AYg5qPLYMbnTqzKUNjuk9EEsozmrVVrWLikSzdN3hgtHFJEuwrD4MhycB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GaDZoNDF4RTJ1R3pHUnM3dmRRNlJUN2FQMVNnWHhwc35B&google_push=AYg5qPLYMbnTqzKUNjuk9EEsozmrVVrWLikSzdN3hgtHFJEuwrD4MhycBUsL9dIEWKGsM9hZ8g-sn-9keDiPSiDdhvMpFq7qAU4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 02 Oct 2021 12:41:52 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GaDZoNDF4RTJ1R3pHUnM3dmRRNlJUN2FQMVNnWHhwc35B&google_push=AYg5qPLYMbnTqzKUNjuk9EEsozmrVVrWLikSzdN3hgtHFJEuwrD4MhycBUsL9dIEWKGsM9hZ8g-sn-9keDiPSiDdhvMpFq7qAU4
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 68CD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeQP0qftUppyHVr5X1e9cJaxtSjPgLNest87HEUWe8lZopO7AO4wUyH0hzUwSI4_Nf2VMOPw
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
node.php
node.setupad.com/node/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 02 Oct 2021 12:41:52 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0977
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEAFkJdFD_oQY9ZajaT4pJS0&google_cver=1&google_push=AYg5qPIqdIJid6dLIp_mtjaEwoTjOC6dYGe0kiS4teWrgY0sLTzAoHUhFy1kkERCvJOjVc1YNA_wlXob8UNGoeVhpvwIOX4b6d09
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bjdRMWY3MnhDdENvOUM2NWtGTllZUQ%3D%3D&google_push=AYg5qPIqdIJid6dLIp_mtjaEwoTjOC6dYGe0kiS4teWrgY0sLTzAoHUhFy1kkERCvJOjVc1YNA_wlXob8UNGo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bjdRMWY3MnhDdENvOUM2NWtGTllZUQ%3D%3D&google_push=AYg5qPIqdIJid6dLIp_mtjaEwoTjOC6dYGe0kiS4teWrgY0sLTzAoHUhFy1kkERCvJOjVc1YNA_wlXob8UNGoeVhpvwIOX4b6d09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bjdRMWY3MnhDdENvOUM2NWtGTllZUQ%3D%3D&google_push=AYg5qPIqdIJid6dLIp_mtjaEwoTjOC6dYGe0kiS4teWrgY0sLTzAoHUhFy1kkERCvJOjVc1YNA_wlXob8UNGoeVhpvwIOX4b6d09
date
Sat, 02 Oct 2021 12:41:52 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
match
um.wbtrk.net/doubleclick/user/ Frame 0977 		0
0
pixel
cm.g.doubleclick.net/ Frame 0977
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESENXA9SNtNEgENptofxNKQRM&google_cver=1&google_push=AYg5qPKvxRRo2H8jbtOSgc4tMqO7jGr584jErETwN2zEIf-rLTuAfOVYXWVBm0ly2twg61RpO2ZP_Hm1Wib_24xv2frKoHJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=TjRhWmJfMnNkQmhB&google_ula=2046794&google_push=AYg5qPKvxRRo2H8jbtOSgc4tMqO7jGr584jErETwN2zEIf-rLTuAfOVYXWVBm0ly2twg61RpO2ZP_Hm1Wi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=TjRhWmJfMnNkQmhB&google_ula=2046794&google_push=AYg5qPKvxRRo2H8jbtOSgc4tMqO7jGr584jErETwN2zEIf-rLTuAfOVYXWVBm0ly2twg61RpO2ZP_Hm1Wib_24xv2frKoHJPPeTG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=TjRhWmJfMnNkQmhB&google_ula=2046794&google_push=AYg5qPKvxRRo2H8jbtOSgc4tMqO7jGr584jErETwN2zEIf-rLTuAfOVYXWVBm0ly2twg61RpO2ZP_Hm1Wib_24xv2frKoHJPPeTG
Date
Sat, 02 Oct 2021 12:41:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
us
sync.go.sonobi.com/ Frame 0977 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJ25UEAh3YGr5v11xuEQLkTm8_wILh2t7uTqfmOlV8nVX4lQ9InhBMpgcQl8_RGT1veaZFqNGyiMKHiYFKYptP40DBJQ-oC%26google_hm%3D%5BUID%5D&google_gid=CAESEHWmJYZmRT_Ni6VKwKB20Ck&google_cver=1
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:52 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
exptsync
ads.yieldmo.com/ Frame 0977 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEBykSC2P_mYpB41_AGpzBAs&google_cver=1&google_push=AYg5qPKVS-go0BpgL1BUP4jwq895mVpwaIE87CENHR6dm8boI_htnCRn3kUpFjcZFBokaf3j2VsqCHHQ2zRiJDiKBjsWQ7_MdiJq
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.50.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-50-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:52 GMT
pixel
cm.g.doubleclick.net/ Frame 0977
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEAaFf_bo_m4zbcjqY2t3LHU&google_cver=1&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncO...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYm...
0
0
pixel
cm.g.doubleclick.net/ Frame 0977
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEB88Ggh-yTmbin7y0_Yrp70&google_cver=1&google_push=AYg5qPJtjCyFUh76ZNP0ARk0m9lG8VPR2MFky2qNhIiAPgv59aABhUA7luNKLBdY_mhnW02owDQRhXhso5xVoN9AQ...
  • https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D798df4eb-c683-47b1-a959-bcc60ba50425%26google_push%3DAYg5qPJtjCyFUh76ZNP0ARk0m9lG8...
  • https://tech.rtb.mts.ru/?dsp_uid=798df4eb-c683-47b1-a959-bcc60ba50425&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3D798df4eb-c683-47b1-a959-bcc60ba50425%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=798df4eb-c683-47b1-a959-bcc60ba50425&google_push=AYg5qPJtjCyFUh76ZNP0ARk0m9lG8VPR2MFky2qNhIiAPgv59aABhUA7luNKLBdY_mhnW02owDQRhXhso5xVoN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=798df4eb-c683-47b1-a959-bcc60ba50425&google_push=AYg5qPJtjCyFUh76ZNP0ARk0m9lG8VPR2MFky2qNhIiAPgv59aABhUA7luNKLBdY_mhnW02owDQRhXhso5xVoN9AQTuXGCcCmlURLw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 02 Oct 2021 12:41:52 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=798df4eb-c683-47b1-a959-bcc60ba50425&google_push=AYg5qPJtjCyFUh76ZNP0ARk0m9lG8VPR2MFky2qNhIiAPgv59aABhUA7luNKLBdY_mhnW02owDQRhXhso5xVoN9AQTuXGCcCmlURLw
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
attr
cm.g.doubleclick.net/pixel/ Frame 0977 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlkjE0sBOY6nDIP2GWkMCFjs7wJevpYKNpmNET9EEdPmlWDlmy3GN71S9aBjon_I7ZQaprfw
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
node.php
node.setupad.com/node/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 02 Oct 2021 12:41:52 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4929
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGrcyUDGOevun-ArXV6LiWs&google_cver=1&google_push=AYg5qPLMVQQpvk-VDQiJr-Z5whUEdGBnrm-wvK8KlCG6VUh4N6prCHX9GvZkBlYBs0Z5SzTMk_9EKa21sTQGcN...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNDQ0ODI5NzU3MTUxNDUxNQ%3D%3D&google_push=AYg5qPLMVQQpvk-VDQiJr-Z5whUEdGBnrm-wvK8KlCG6VUh4N6prCHX9GvZkBlYBs0Z5SzTMk_9EKa21sTQGcNTpyl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNDQ0ODI5NzU3MTUxNDUxNQ%3D%3D&google_push=AYg5qPLMVQQpvk-VDQiJr-Z5whUEdGBnrm-wvK8KlCG6VUh4N6prCHX9GvZkBlYBs0Z5SzTMk_9EKa21sTQGcNTpylPigisbIpA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNDQ0ODI5NzU3MTUxNDUxNQ%3D%3D&google_push=AYg5qPLMVQQpvk-VDQiJr-Z5whUEdGBnrm-wvK8KlCG6VUh4N6prCHX9GvZkBlYBs0Z5SzTMk_9EKa21sTQGcNTpylPigisbIpA
Date
Sat, 02 Oct 2021 12:41:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 4929
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESENC6yk4kTFcrLPYA5F6ypkM&google_cver=1&google_push=AYg5qPJDGE5IiC0qLQzL32WsWN-xvMh-pe-KmMfM6UwQ6NFTOFYMz4yeQSxm9UbDxZIAxP1Hjn6F4_PQbsdxdW_vs3unrxeTiA
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZTNFclJLOG5EczZWcVZ5TWtGTllZUQ%3D%3D&google_push=AYg5qPJDGE5IiC0qLQzL32WsWN-xvMh-pe-KmMfM6UwQ6NFTOFYMz4yeQSxm9UbDxZIAxP1Hjn6F4_PQbsdxd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZTNFclJLOG5EczZWcVZ5TWtGTllZUQ%3D%3D&google_push=AYg5qPJDGE5IiC0qLQzL32WsWN-xvMh-pe-KmMfM6UwQ6NFTOFYMz4yeQSxm9UbDxZIAxP1Hjn6F4_PQbsdxdW_vs3unrxeTiA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZTNFclJLOG5EczZWcVZ5TWtGTllZUQ%3D%3D&google_push=AYg5qPJDGE5IiC0qLQzL32WsWN-xvMh-pe-KmMfM6UwQ6NFTOFYMz4yeQSxm9UbDxZIAxP1Hjn6F4_PQbsdxdW_vs3unrxeTiA
date
Sat, 02 Oct 2021 12:41:52 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
241
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 4929
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9xQHkyKVSNCBTe2HnvGlvQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9xQHkyKVSNCBTe2HnvGlvQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKPdY2FR0m44tuRFohKfCcgDi-f605M6gcBXkHfUjXRb-vvguZFqP4-rhrHEf8BjmlW_wcJ3OL-CY-YMPsx3hMMYJ7wBIY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=9xQHkyKVSNCBTe2HnvGlvQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKPdY2FR0m44tuRFohKfCcgDi-f605M6gcBXkHfUjXRb-vvguZFqP4-rhrHEf8BjmlW_wcJ3OL-CY-YMPsx3hMMYJ7wBIY
date
Sat, 02 Oct 2021 12:41:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4929
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESECO_wjkgMC_3wkuMgO1gx-c&google_cver=1&google_push=AYg5qPK7KBec1aubP4SRzxzfOaKJN9bvoofMsonSK3yjbxIqG5h07SlE3N891-WtR-kLvf0ZyL1K1BB4w2XPbwAOmu-a9zLmea4
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&mn_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK7KBec1aubP4SRzxzfOaKJN9b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&mn_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK7KBec1aubP4SRzxzfOaKJN9bvoofMsonSK3yjbxIqG5h07SlE3N891-WtR-kLvf0ZyL1K1BB4w2XPbwAOmu-a9zLmea4&gdpr=&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:52 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&mn_hm=Mjc2MTgwMTExOTMxODgwMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK7KBec1aubP4SRzxzfOaKJN9bvoofMsonSK3yjbxIqG5h07SlE3N891-WtR-kLvf0ZyL1K1BB4w2XPbwAOmu-a9zLmea4&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sat, 02 Oct 2021 12:41:52 GMT
pixel
cm.g.doubleclick.net/ Frame 4929
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDkuIqCLqAiyZsS_3aBh6wo&google_cver=1&google_push=AYg5qPL5a8f0UYqd_Gtl6ywT3SNkRNSX5vx_Hpt2R6eRdPL47_aOPNx4Xgd7G0yRS90NjxAb1S3C_...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPL5a8f0UYqd_Gtl6ywT3SNkRNSX5vx_Hpt2R6eRdPL47_aOPNx4Xgd7G0yRS90NjxAb1S3C_RILPWWG42CJWd_2NM-uGA&google_hm=WVZoVGtNQ284W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPL5a8f0UYqd_Gtl6ywT3SNkRNSX5vx_Hpt2R6eRdPL47_aOPNx4Xgd7G0yRS90NjxAb1S3C_RILPWWG42CJWd_2NM-uGA&google_hm=WVZoVGtNQ284WHNBQUtaREdjVUFBQUFB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
42
Date
Sat, 02 Oct 2021 12:41:52 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEDkuIqCLqAiyZsS_3aBh6wo&google_push=AYg5qPL5a8f0UYqd_Gtl6ywT3SNkRNSX5vx_Hpt2R6eRdPL47_aOPNx4Xgd7G0yRS90NjxAb1S3C_RILPWWG42CJWd_2NM-uGA&proto=google_ebda","cluster_id":42,"gdpr":true,"ipv4":"0.0.0.0","key":"YVhTkMCo8XsAAKZDGcUAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad98"}
X-SO-Ads-Time
10
X-SO-Key
YVhTkMCo8XsAAKZDGcUAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad98
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPL5a8f0UYqd_Gtl6ywT3SNkRNSX5vx_Hpt2R6eRdPL47_aOPNx4Xgd7G0yRS90NjxAb1S3C_RILPWWG42CJWd_2NM-uGA&google_hm=WVZoVGtNQ284WHNBQUtaREdjVUFBQUFB
Cache-Control
private
X-SO-HostName
m-ad98.dc4p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-IP
216.131.114.132
pixel
cm.g.doubleclick.net/ Frame 4929
Redirect Chain
  • https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESENPqxTTngjMEtU578H9tJvY&google_cver=1&google_push=AYg5qPL0zcSpJomggJDARmyltQeMVxsbR0EfXbMAUgDYpZFDqqyrEgmB-bOp5_OZCkgkKQ0rnQVClLiAeJPYd_PlCxWqy...
  • https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=M2I4MzNlYzctMDdiYS00OGQxLTg5OWEtZTg0YWUwZjZhMDY2&google_push=AYg5qPL0zcSpJomggJDARmyltQeMVxsbR0EfXbMAUgDYpZFDqqyrEgmB-bOp5_OZC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=M2I4MzNlYzctMDdiYS00OGQxLTg5OWEtZTg0YWUwZjZhMDY2&google_push=AYg5qPL0zcSpJomggJDARmyltQeMVxsbR0EfXbMAUgDYpZFDqqyrEgmB-bOp5_OZCkgkKQ0rnQVClLiAeJPYd_PlCxWqyCI5FslX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 02 Oct 2021 12:41:52 GMT
x-route
http://upstream_cookiesync
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=M2I4MzNlYzctMDdiYS00OGQxLTg5OWEtZTg0YWUwZjZhMDY2&google_push=AYg5qPL0zcSpJomggJDARmyltQeMVxsbR0EfXbMAUgDYpZFDqqyrEgmB-bOp5_OZCkgkKQ0rnQVClLiAeJPYd_PlCxWqyCI5FslX
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.30
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 4929 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEL_Zyw-hyBgdAHITBvEnDts&google_cver=1&google_push=AYg5qPKnQM6vYUH_5pFkbeX_P2OJyLl8hMteKUEJoPrncQiL1224JXyK8xaGlE-wEWICB9UXGVYOEFpOz25KM9i3xFlCh64mZ0OY
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Oct 2021 12:41:52 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4929 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrXiYppQpME8SfyhIycITZThhTpsNnxiNobxFWSuxD3Nv3jKVJyHd1ckGa7WSam1vIVGzwo8c
Requested by
Host: eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
URL: https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
node.php
node.setupad.com/node/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grokiskis.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 02 Oct 2021 12:41:52 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
dc_oe=ChMIseqUiOCr8wIVMzHTCh16ywGGEAAYACCXxvRKOhoI-I_4xgEQnPr76doDGNHSid4DIKe7ydG1DkITCOT80Ifgq_MCFQS4dwodWjMFnA;dc_rmcid=CAASEuRoQ0zeLZbv8CsoAf5PuqnB3A;eps=CIBhEAEYHQ;met=1;acvw=sv%3D20210927%26cb...
ade.googlesyndication.com/ddm/activity/ Frame 2A5D 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIseqUiOCr8wIVMzHTCh16ywGGEAAYACCXxvRKOhoI-I_4xgEQnPr76doDGNHSid4DIKe7ydG1DkITCOT80Ifgq_MCFQS4dwodWjMFnA;dc_rmcid=CAASEuRoQ0zeLZbv8CsoAf5PuqnB3A;eps=CIBhEAEYHQ;met=1;acvw=sv%3D20210927%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30037%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D137753715%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1633178512050;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2A5D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C70_ljlNYYeT9CoTw3gPa5pTgCf2Tr_hkp7vJ0bUO8C4QASCN5L0pYMkGoAH-7ra5AsgBBagDAcgDmwSqBPsBT9Bqe4TeoC0ZciKTQ96S3oPqg7EHgN1SamYDxLmv8FPY_9OSfdkqKQb2QLwzsAjuPFaU7Guk9CIkF_HmGygT1F0s2_3BQxvBN-EfyQqnO6A7fF0j01dHvLr6Pk520DqrjeoXX_9j5UlB3k72axvjKxdMi0LXnVGhSy2JW8WuxbCcfp9HMlR663TaJbOXLOWjKNxgx4vysKDK4UdY1vq4roX4ro-F9sOZdyH0QvMfvMV-rwwkfQzNrBTaiP_BhTVXd4RRxbvgMGexNqWwJOZtHELuo2IXCmoVgvVIz4kzjH7gtB2ArzCCwARp-ZFZhjVMXwum0pLgucKBpEjABJz6--naA-AEA5AGAaAGToAH6pDJxgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTE4MDkwOTc0MzM1ODcyNDWACgOYCwHICwGADAGwE6-t1AzIE9HSid4D2BMKiBQE2BQB0BUBgBcB&sigh=FIJutMxIz3o&label=part2viewed&ad_mt=12&acvw=sv%3D20210927%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30037%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D137753715%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1633178512050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2A5D 		0
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXX6JQWfqLjxaTVCB41Jld_bBQsyNup2aW9Y3TPeweSw9jfrnXFOZzi1UqohK4wN_sD8EOJ7Az6xcEo3G4Gv0XhyOYHsRJ1uA-oH4ioJKuVYv8bo4W9eHGSMfe8jUzAErN59VTgeo2-790UI6UaCcxVdwudoHJXXxpm1CCkbIj0N5DqaGT_U9KPFn-r7A6glJJ0z8XHaQDOrpjjBNSGCSHnjRS-9Qs9QX27MBtNg31B6fKS9-WdsiuVkK1c5n2ga6Ye5yMpUNTMDBc4izwpviQfNqxBU3CQ8XGvwnSMWu-riAvTOw4TUyADnsZXxuGNOpYzJyOR6XHfeSimBqmvd-61TVWl6TyWGjez2IPAmisCTnlWkCwXN33FiMZpa6dEBTTE8LQhhbCbn7BjeDXkAYzP5012IbHj_1EBJMGYMvK_bD3hSiVHPglU4cBatOf_9OVLK-wrdAK-Me99DB3qedaskK8FWxCncLM_SJ_j8l5CXhg1GvDsZv7jAOr_RJ6yQwNKNvM_QunAjHTxZ-NnL9tCPFbzdZPMBX4aIbk1uTmoWHGum7X5RnKgi_MSNz7j-217aadCqMjowrX2dYhkfI2BBh6EgrSKwXRm32iksSEoRsOJ6-EjXRlEkICDEpskqO-qcp1QmiS7FSRnE17OjgwgGC0evDM7dVldEfpiPZWyT_e7J7LjW39WPUAj8ww7l05ZjWrd0hCKtoDczCPB0yQjDNJj2tD5-v-B8VcV0fewctsRknm0k3JMJVFHFldaRgNELx62MKcOgm6ZSGkESVp0pvjcTRcw1Xhcnj3Pi53tS8YIxySqNdBlHNXCeZGH4YSIZRAxb7dqvWRMtrSIvlo-7Ewl80nKYwBoVKWlkY8q-FjRIVXUFTvYsItq-vLBmqnubqz324BKyZ0Gf2rn8FO3e7c_yPbji4gMq1Plbg-u0wx5IcXv3MJDEMIcXd29M1zwuWUU9sOY-uwwlh8QAete8CIYshlDEovv-nChlnd3HnVO1tH_WourVBvMjkOb4XMj61UA9bQkbfyyZtO4vDysx-3CXK69Exa0mZwCU3ztBJaU8DF8tOipBwq6U3zqkcCruWNlwV5YVLQ85Rqm-zYo0ELJLn-kab4sBh8sQ7yqYUfEqHimmyLD7ZBdiztoICZTd1b0WQ6-lp-33RVT2ICyIk3LSGgY0c172P9ziL_YRfmkmE6XmVS1l8-CieUxnDp9FXUC9xaa5MDvY5Cud8RyqWfQb5WIzdJ2JO8LXmZ1l3MqmVTtp0k43_Ks1aL&sai=AMfl-YS7auRoG9xwvXTYMHR03KOgVA2Sz5LyjdEFTkynV1DjIzFOUTpO26-uclZQt-vzGo0jB_VnsodBQungPfAwzxE5utLzgtMSBbH9DecCCYdbsRqYH6vh4ihDUqbpMUChojfeXNUDF0wuZ15rwmxdl4kJywqU6RlTiM5MnAJutMLzVeWfCgbXTA&sig=Cg0ArKJSzKo-zwYnCG-3EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 02 Oct 2021 12:41:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
d.agkn.com/pixel/2387/ Frame 2A5D 		43 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2387/?ct=US&st=&city=0&dma=0&zp=&bw=3&che=2736026106&col=26390492,6031710,312919317,505739953,157098775
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.155.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-155-173.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:51 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2A5D
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CP651wIQprvuAhib7dmzASABMAE&v=APEucNW5a6vNtX89DrGv8tWotUhQE638ZuGf3YX8o5JL5yW56bypPAgyhR4OuXMYAnXpnn7ZpeQH2UJdL-TH7blvTjXMvbv558ciuF5rFmhYp8sk-F7JHWs
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjY2NTZmYTctYzVjYy0yMGRjLWZjMWItNDllNmY1MGQ2OWRh
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjY2NTZmYTctYzVjYy0yMGRjLWZjMWItNDllNmY1MGQ2OWRh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 02 Oct 2021 12:41:52 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MjY2NTZmYTctYzVjYy0yMGRjLWZjMWItNDllNmY1MGQ2OWRh
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A5D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIseqUiOCr8wIVMzHTCh16ywGGEAAYACCXxvRKOhoI-I_4xgEQnPr76doDGNHSid4DIKe7ydG1DkITCOT80Ifgq_MCFQS4dwodWjMFnA;dc_rmcid=CAASEuRoQ0zeLZbv8CsoAf5PuqnB3A;eps=CIBhEAEYHQ;met=1;acvw=sv%3D20210927%26cb...
ade.googlesyndication.com/ddm/activity/ Frame 2A5D 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIseqUiOCr8wIVMzHTCh16ywGGEAAYACCXxvRKOhoI-I_4xgEQnPr76doDGNHSid4DIKe7ydG1DkITCOT80Ifgq_MCFQS4dwodWjMFnA;dc_rmcid=CAASEuRoQ0zeLZbv8CsoAf5PuqnB3A;eps=CIBhEAEYHQ;met=1;acvw=sv%3D20210927%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30037%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D137753715%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1633178512050;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2A5D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8Nx4MktI7qd_mEbmsBej3lGLLDHtO3doNgZoFCdOx7gtQpJO2ycSVi6Xs0Rmutx_SS8RNhRqX6ZR5yeUniNpoyYF8j0grZsfVu8DIJN326Yp45Ss&sai=AMfl-YSuzNYFfpA0Nfed8kxRDxR1IyBTPvGEycvhBKXkz9D1ZW-hSA4yTnnxPf84ccXHNIcENBgQL51Aas9XyFfRYCmq45o6TLEZRlBdBvLoFf-HmPcuHGi45nx5sEI&sig=Cg0ArKJSzGOwBiQsCQDlEAE&cid=CAASEuRoQ0zeLZbv8CsoAf5PuqnB3A&id=lidarv&acvw=sv%3D20210927%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30037%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D137753715%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1633178512050&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 2A5D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C70_ljlNYYeT9CoTw3gPa5pTgCf2Tr_hkp7vJ0bUO8C4QASCN5L0pYMkGoAH-7ra5AsgBBagDAcgDmwSqBPsBT9Bqe4TeoC0ZciKTQ96S3oPqg7EHgN1SamYDxLmv8FPY_9OSfdkqKQb2QLwzsAjuPFaU7Guk9CIkF_HmGygT1F0s2_3BQxvBN-EfyQqnO6A7fF0j01dHvLr6Pk520DqrjeoXX_9j5UlB3k72axvjKxdMi0LXnVGhSy2JW8WuxbCcfp9HMlR663TaJbOXLOWjKNxgx4vysKDK4UdY1vq4roX4ro-F9sOZdyH0QvMfvMV-rwwkfQzNrBTaiP_BhTVXd4RRxbvgMGexNqWwJOZtHELuo2IXCmoVgvVIz4kzjH7gtB2ArzCCwARp-ZFZhjVMXwum0pLgucKBpEjABJz6--naA-AEA5AGAaAGToAH6pDJxgGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTE4MDkwOTc0MzM1ODcyNDWACgOYCwHICwGADAGwE6-t1AzIE9HSid4D2BMKiBQE2BQB0BUBgBcB&sigh=FIJutMxIz3o&label=vast_creativeview&ad_mt=12&acvw=sv%3D20210927%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30037%26vmtime%3D11%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D137753715%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1633178512050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2A5D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ku9sbgt9&c=85691533627&slotId=42845766813.5&qqid=COT80Ifgq_MCFQS4dwodWjMFnA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=991&mt=video%2Fmp4&vs=640x360&dm=30000&event_name=first_play&asset_bytes=219120&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=12&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=videopreviewstarted.1iu
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210927_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.191.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s30-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=4006835641361368&bg=!Xl2lXRnNAAZE-GIIRPg7ACkAdvg8Whp5Y1IkmxoDW_GiOCFKLiVpJiX9hQyWU4M0nylLtuHO1chuXAIAAAOmUgAAAHVoAQeZAosqW-ffCT35nCDlmBkKfqzsXaPvM6ZAu-xhoKveQr7aaqM2og69kuSmJP548UntCGJclwjLg3hJK0f9ObaIT1mHdUrCUAy3jULcXw69o64M5uLKJI8FVYskJ5H1MNMdmDt0OYC83T1oAEGlRAZ7Y-Hc89ooOSa7B1OSpiey4AP7q_yd2IHAMdEvLsAW4qOYLP5Xsl__JMkBf031CSqrzRY_-bY8YHrG7Av6CDCuuyKhtxhuAnnkbXC3b1kjPbJu_3tLnkEPokmO-7UR8fovbPc7UC3GZ-Z0AccYyzXe59aCE6MozAg3GWG50KnQlltoSc9_YIZbBi_vAl32uTTUDiEPlEXtJXxaBxtGrPKstSgrBCAFuWf2wQhWtcQXgYuG6AISwtIYzHNQz1UMORyibZrQmENu-VgpGoV-wrJ2kKQdsSIc9w0DwfQtpR-40samOf439bcF4ptnV8kQVXzBjaoNCDeE2-Efbx3BO6bK09dBisTd1TUm-D8qf1xte8HjGdJS49uhirzkHJ2jmgZMyO3ROWR6Mj-Cum63KMtwXXxkz3pUWrrLoeqa_k99u82cietj_J14UNon2xI91z7oPHmloaT0BBKVnN-mQl6DC6sNW7JrfNai3mUrvd9lBcy2z5mxniHQUjam8uOgJg77sc1O8qlohri5aLmUbFshUD3U2nF6P_1Tb17AHWPjywihGigec_u1-HRipydL7qvaC9HotWh6SktXefOZd_-XdRfW-AHM_Mf_ucyJ1ttw47d4rC3U5AR9b9Vumw7YL1AGBrSvTDXVQLw1tmmT60hUl5Qk1pnRZNTurEF8z_A_SchR9jFqWl773qF-vzW3t63cXHL0THYAwNLucugvfnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA07 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIp7ijlNYYdb9LdmPgAfM26-wCwAAAAA4AeAEAg&bg=!MjGlMXXNAAZE-GIIRPg7ACkAdvg8WgjMUz78aF1lgwz7BXm7vlOP5_Uyv9cfos_zSCq6sa0ySldFTAIAAAM8UgAAABxoAQcKAFXvmHsTt2rNj4td-3P5tyK_OnsTJQNkChsP79vZh07T4IvLZH5MWPmAdcg8wUxRyfy2jWVmd3CAq_mEmfsZd3YOP9CpsBI9-R0ZTdi62HFTOsBBjwmPmQLBS3F8Vh8EATI-Zi4ZsNyl4A6yeTB9q7K0ePuG0hb5plQccNkhT_ROZzdoilVYVScWCse8p2SlruwAKiygRmWXvucfVopGklhZWxo4GjQs9kgtnz8UKfrh6MLO8kUoTev5OUWqN__wR9YHe42n2pPubeXD2tMfFJYLj9IDR3MQtJG8iPpFeJKP-HLOmRKDesCmVuNfuXiWsonSa9HwiotqlE784EMJwRTfpDpHkbm71LU3ti-pJLdY_2VrjfdK_EiWYvozAVjFufr4hsnKuSPmdSOqJ3xRZtUUw0Ut9-0PtTILzE-Nwn71f0zNq2kimPkQSrMbp44OUJLpGppYfPkLCDPJBUrujFRCXKbl4qu535Ovm10UZvxwNDcR3uOBMHg8fe3MiDl1eQkWhiO0yZdpelaDpBNZ5BfX1UIilaCT22u_h4bsCL_ITqwnpr70RR49R-5ltvsLdUIUMpdxuX67_VAAzPUaz9cSEu4p3CfTv0WHOYvULAozR3y3OA7lc_Zoffkjc11dN9a3Z5l9dDbsNB1R2i5XQxueQeQiGUsI94R2UREf2JuI3GCuO4BmLY76DdaqH29awhwRpzytwX-E_jrJmmeMLgBz5yTVrdf-2wirXmGS3KiHML4DdUeOswT3j_KDGWGjJsMPUW9YZLPxr-lIR5g7mEmDBI_a4zhqDKg26DF1249O-3F71O_YfIs7pSNk_oFUu_3jxSYsCu_mlbOY_BbztHmeiIB0aVUdecRwB6M_NNXvuv6T4_bhmLEpO16CsaWhd8f854ITXkPLcyNmaJlVs1drW06VrxUFyhnqsFkaG0o9ztDJ-szlAMOor80d_eAD-xGKDx1Dj3M0qZmwej_iGWzIANk5oNhJ8vDp1c5Ntj4S2ub0KrYWiEd3EdQc8NsgNvB_GsBeg-8KfWtiq-mFjZ1n-dbee0K3vBwo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8529 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8I5ujlNYYbqaK4iB3wOB9qXYBQAAAAA4AeAEAg&bg=!gYKlgsbNAAZE-GIIRPg7ACkAdvg8WlYQLtOnR2Nz_PE8bIZebV5Xi4oqehBD98xPCYvnEirQgtwiUgIAAAMuUgAAABxoAQeZAtPiwU7DvHhnb6yEjYPDDJAFWiUJ9GA-HkUYzwa0ucr_DNKdYKIH3Z2m6VYZuxbRNj4tzO4GVlnMLTH60NSIh2HMefA-TQXcqpMUxIE2uKPBKmd25pdz2i8YInFMUJsmMCIxMHSq1HCq7YufdbUsfhFXzn0Z6UoPIku5PD8yaW_oWDBz7viLx5UICIuwaU-XqZQmPeuFhCNoPLEeN_ZO48u18kdZK60U7AFqT28xp6WWgAPx9jjpPSddLRv5naeMFkwU02xM4Ss9Sk67KARisoGmdRfLOf8EUHaKJCyrUnoFARFoMb5hY6EAKXudVVHY26hgOMTpXbNdyhhG_lFVWarJsz8Lss19q7irGLsV-ryLz0go-5A3sN1dI22NQRqOxhiZtPaayH2_xbjPRYujX9-sWS8Lg9XfvKHvPQzgl3LpCm94h-ZtALplWk1TvdwZktdvsCnUSAvk4tSu7v4PMSVoQ4G1tYqRIPBdATwxTuPDSbaM5KXHXiaCfVa0ihWPW6SjUdFyBg8WEB5T8a2hOqiUj-GtkAGjHkGZCdQ-xRVCzsCz5OIwO7UJChRqiz2QjJDjfuqhX6nxLbLGCDr9b4fXYwJpXZa3J5lzSYsZCUsXvpMCQ0VbA4hzQNszMIXoiRX7FhOTs3L8XiRmTDbk6M9WjpMfSSQ5BxRmhcVjVXPx-dYhQLQIV0np6ui8JfVpfuMM9OClZJ02pRSi98rUNs23cI9Eyvc8z1i9IN1PBWcrdF-b39BBYjKRK17kDeGd4Kk6FTA1hEW6DORyz-IFAVuNEBx8XVuam8oeh3Y2wTQF2DLHmEfC3i5IGH7HkSnGCaNummocI0ez2GPVRMSXh21qrbXfUtxqaOE02FmRzOE0OeOJtel_wd3v9MbIvaj5logi3eSwJSYYw6mfkMQ6_6rMs25u2AgBzuv5n5IvBzzD_-7RWd6WxT42sw417nKwHM2D-b0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D063 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BswrCjlNYYZ_NLeKMjuwP7rWUwAgAAAAAOAHgBAI&bg=!ubqluv7NAAZE-GIIRPg7ACkAdvg8WsUuF4YAJQCzoSwKHYOy7RYc31ZSCVfWbx7hnBQq55zK6WNxqQIAAAN4UgAAAB1oAQeZAsXokhWjN9COErE5jGG2UuOshxVVCs3YZq9zOBHtcGysjyi06nElmEtpi-UE3U1c8QCxDHwIgbbZswL0ef1WJuQe-QAYx0ePFRlI_kpeFks4cgLOPHc0HaYcX9GVz-W8GdcLjz9fsYe5tAG3CdJIWL_Sb1YWGdYZ0aYW6PeZGjK2AamBPHude5SS70PR793mFznfj9q4MD79KqnCdFygF4Kg5hz5UzLu-93hLlDzsMr2YY_o_QBI2aDM-6oxF5POZyGjfXKYU3iFKp8-H4r7PsG94oKdoXs5s4VdOGoZhOPWzhdIb0knYLThfGo1r_lsuZAnhxgNmAMS0XcKyVwmo331HbFIUmL0KuxDJsLPIUueZQVIlbKUh5APCkU6FYudDSty333Enblq7FJMVMwTp7hLX55l681L-7EW_PMGNyS1TKx4PzbdZUXHiqVaV7bYI25-QsmS0gTYcBFVCYeEDgSAvaHUNgtj4qiSiQS88K6Npny60sdnrkTKi-nGyeh9sc_q1uvrXl6-c2ESYo3e4d6CMblgke46usVRLKZY86uCHqt8V4TJNzgcLgtTcgXeBXPUxvEJDk5zBgEnf6sCMbcr_6UfH7d1HYN0uN152ZwKwWFE93k8CTxxahMgboPTrL6Hr1PftLcRW3GFFqXGz2zkRWx9gptOd51r3VRWvf_yKhcYShi5SUT9eorvQZ7Xx-ZaCxtx3xYJHX616BSQ-Rz8KvF5d0B0t9Q-T2pSoZ3Hicv6IjytNcPi-4fKlW7ZfjnAhzkQfv_SnfDq5rOIqK91E0VEHeGeCgRL912Xz1RVuSS1H3pvhnYpnraPyQkb_Ub4KStNCiX6eyn3_tRioDO8DLXHrTKYRxiR5lwuqgJcC9Li4uRnq5uaazCxAc1EwfzoImyugY2mtlwlQ2fW2Zcy2mD3Do01iiuWYZ4DWCcYFteIqz-g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 70FD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BKknpj1NYYfHmEbPizAb6loewCAAAAAA4AeAEAg&bg=!KCulK2_NAAZE-GIIRPg7ACkAdvg8WujPqM0NY5i37i-W7Px3-4gG0k_EuL6ONpO2_K8V_WOr3k6aIAIAAAEZUgAAAAtoAQeZAry9EOqVQJO3xSJC_MpZ4xcnYiugY-CvyuKQ_XnsHSybAvs9HJ1to-EmpA8xq6qGxbEBrG2ulczpe3gcz52Id08GIaROvjzK9zIFqXv8JoGQN0vEl2yntNK1wq1_WQbvFBPIGbKKaAsPjIktXgdcX9s7x06nEAe7lv809-duEpwHbmEE4lTgdY4gyjIdE1sXPCgWT8Yi9z_2ZoOZdAY-hWLzWfcap4GXp8frkUYjQVhfofIJioShx5M0qye9RxKr93tYLQT6Zlq67FCWsfp0hZ_lD4Jp2EWb6PI_WoQp3KSeyV1FZBnwuVGx_FjOWUT64seG6DCyIDkOHWud46IBONMKNoAl6KuNLL2OpGoB5u1mnaeyZjHiDW6mg2cd-s0scq_yrd8tnPLgiUjNg8ORwWEQ_FGoUaGQwQ6sAQIz9YHvaNg218foRlVqHVVsV1F8FlrGPBD32M65sYKqr0oMr5MNLABq4-FF47QPN5rWKUyPM7MHOgaftuLT5ZozJUmVb3oZlcF3cdCplP7Hj_nlQWNjKulaMYGAFwO1ew5Q4R44ueooOh05aKnXcT5WIx3p6dTJntRV4C1zFGxOYl0l6m4Ni3UngWgLQ4y_mpEtheHQhbibuyS19uoy7-hw8CSYy7qgZn68GGeB0hznknDPzk4Kgz3-bPsOg3LL2lOSFH_DoBqqNN0DOIsjozCLs_sO3Yx1Eqd1YdIx83W1Gb9k6QX615hJxzRHt85-9Bx-ZGlGzlDOEZiEiIN61jGTae58Q6qYQiCQavgN4jratOX5azNftg-i8ZLWFyzGMuWeVdl2UCruPRrYWcuP4STNZ9H341a6X5EsTsTfyh_7IpH3DqSvbMEy-dC3-IWVrFmyMmtszgJH0D7ByXMcB5IiTpDiaoCttZDZr-7UFUDaK5pHDoq4Eg4Qkqrvy3Tck5J5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1F14 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxRAv_e8q8xSkt6vFwVCJXm8ycIRqklfGH9vUeacBwrP0kTCZZclbpa6wofc0n94bdCN7y3JGXyF0gJdJjyuXJFkCwiHKXnq_raOuj9uogeEf68NY&sai=AMfl-YSIvK5_lenZEgiacw_0ZlFO6f0X2WVz9sd350UKH7MaeaJjlYrCIPQoDpxlqELJ2pvL8WNFXxebMHr9HWhzWca9cCVbnuikuollYVi0zjrUDXj5OeYGAuY65ZU&sig=Cg0ArKJSzG14bPlIotwnEAE&cid=CAASEuRoZNHnYKujum-MjClANQHAzg&id=lidar2&mcvt=1000&p=0,0,604,300&asp=562,990,1166,1290&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3933956134&rs=4&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633178510564&rpt=1116&isd=0&lsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame A31A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.grokiskis.lt/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 02 Oct 2021 12:41:52 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame D5C8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-148.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.grokiskis.lt/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3858817988582840359; icu=ChgIp4N5EAoYAiACKAIwjafhigY4AkACSAIQjafhigYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sun, 03 Oct 2021 12:41:54 GMT
Date
Sat, 02 Oct 2021 12:41:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8D92 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-148.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.grokiskis.lt/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3858817988582840359; icu=ChgIp4N5EAoYAiACKAIwjafhigY4AkACSAIQjafhigYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sun, 03 Oct 2021 12:41:54 GMT
Date
Sat, 02 Oct 2021 12:41:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame DAC4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.grokiskis.lt/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 02 Oct 2021 12:41:52 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 2187 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.grokiskis.lt/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 02 Oct 2021 12:41:52 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3534 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/hb/grokiskislt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-148.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.grokiskis.lt/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3858817988582840359; icu=ChgIp4N5EAoYAiACKAIwjafhigY4AkACSAIQjafhigYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.grokiskis.lt/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sun, 03 Oct 2021 12:41:54 GMT
Date
Sat, 02 Oct 2021 12:41:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 5265 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.grokiskis.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMPS=3173; CMID=YVhTj7DDsACPtxUdvJtxxwAA; CMPRO=1214; CMRUM3=2d6158538f2760; CMST=YVhTj2FYU5AA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 02 Oct 2021 12:41:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:53 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame 2827 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.grokiskis.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMPS=3173; CMID=YVhTj7DDsACPtxUdvJtxxwAA; CMPRO=1214; CMRUM3=2d6158538f2760; CMST=YVhTj2FYU5AA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 02 Oct 2021 12:41:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:53 GMT
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame D5C8 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:53 GMT
X-Proxy-Origin
216.131.114.132; 216.131.114.132; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
665aefcc-a28c-450b-b68d-9580686eca3a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8D92 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:53 GMT
X-Proxy-Origin
216.131.114.132; 216.131.114.132; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
12aa5c56-0435-4355-8b20-dbfdc49c05bf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C5D2 		54 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=0&gdpr_consent=undefined&d=https://www.grokiskis.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMPS=3173; CMID=YVhTj7DDsACPtxUdvJtxxwAA; CMPRO=1214; CMRUM3=2d6158538f2760; CMST=YVhTj2FYU5AA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Vary
Is-Traffic-Usersync
Content-Length
54
Expires
Sat, 02 Oct 2021 12:41:53 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:53 GMT
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame 3534 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:53 GMT
X-Proxy-Origin
216.131.114.132; 216.131.114.132; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
96bd2e5f-17b3-4df6-b2bb-1b76b0c91cb0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bsevent.gif
tps20519.doubleverify.com/ Frame 1F14 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20519.doubleverify.com/bsevent.gif?impid=a56498af68744a818193788f34ca4e89&pltfrm=Linux%20x86_64&cbust=1633178513344774
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/1/2021 12:41:53 PM
bsevent.gif
tps20513.doubleverify.com/ Frame 2A43 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20513.doubleverify.com/bsevent.gif?impid=79ff9653c4eb4fe2ab8bdfc572d5b370&pltfrm=Linux%20x86_64&cbust=1633178513346872
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/1/2021 12:41:53 PM
bsevent.gif
tps20519.doubleverify.com/ Frame 03C6 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20519.doubleverify.com/bsevent.gif?impid=cd8faacd29c840efb6e42c04fd80af27&pltfrm=Linux%20x86_64&cbust=1633178513347625
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 12:41:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/1/2021 12:41:53 PM
dc_oe=ChMIseqUiOCr8wIVMzHTCh16ywGGEAAYACCXxvRKOhoI-I_4xgEQnPr76doDGNHSid4DIKe7ydG1DkITCOT80Ifgq_MCFQS4dwodWjMFnA;dc_rmcid=CAASEuRoQ0zeLZbv8CsoAf5PuqnB3A;eps=CIBhEAEYHQ;met=1;acvw=sv%3D20210927%26cb...
ade.googlesyndication.com/ddm/activity/ Frame 2A5D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIseqUiOCr8wIVMzHTCh16ywGGEAAYACCXxvRKOhoI-I_4xgEQnPr76doDGNHSid4DIKe7ydG1DkITCOT80Ifgq_MCFQS4dwodWjMFnA;dc_rmcid=CAASEuRoQ0zeLZbv8CsoAf5PuqnB3A;eps=CIBhEAEYHQ;met=1;acvw=sv%3D20210927%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D0,0,2145,0,0%26mtos%3D0,0,2145,2145,2145%26amtos%3D0,0,0,0,0%26mcvt%3D2145%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2391%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D1%26dur%3D30037%26vmtime%3D2405%26dtos%3D2145%26dtoss%3D1%26dvs%3D2145%26dfvs%3D0%26dvpt%3D2391%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D275%26c%3D0.57%26mc%3D0.57%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D137753715%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2145;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1633178512050;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2A5D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8Nx4MktI7qd_mEbmsBej3lGLLDHtO3doNgZoFCdOx7gtQpJO2ycSVi6Xs0Rmutx_SS8RNhRqX6ZR5yeUniNpoyYF8j0grZsfVu8DIJN326Yp45Ss&sai=AMfl-YSuzNYFfpA0Nfed8kxRDxR1IyBTPvGEycvhBKXkz9D1ZW-hSA4yTnnxPf84ccXHNIcENBgQL51Aas9XyFfRYCmq45o6TLEZRlBdBvLoFf-HmPcuHGi45nx5sEI&sig=Cg0ArKJSzGOwBiQsCQDlEAE&cid=CAASEuRoQ0zeLZbv8CsoAf5PuqnB3A&id=lidarv&acvw=sv%3D20210927%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D0,0,2145,0,0%26mtos%3D0,0,2145,2145,2145%26amtos%3D0,0,0,0,0%26mcvt%3D2145%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2391%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D1%26dur%3D30037%26vmtime%3D2405%26dtos%3D2145%26dtoss%3D1%26dvs%3D2145%26dfvs%3D0%26dvpt%3D2391%26is%3D275%26i0%3D18%26ic%3D257%26cs%3D275%26c%3D0.57%26mc%3D0.57%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D137753715%26psm%3D7%26psv%3D6%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2145&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1633178512050
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 12:41:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8
Domain
um.wbtrk.net
URL
https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEOG7xmixsGU9nkf_RrlC3Ss&google_cver=1&google_push=AYg5qPK7P5atKSQWXXqKjkJcKeGYBmMeWrhveRyaD_1hkkVmqq9eEH3Tz6ZuFxvlILNwMfZ5rkv7unIYitdvZRPvMQjGyWASb4bW
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY

Verdicts & Comments Add Verdict or Comment

327 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforexrselect boolean| originAgentCluster object| CloudflareApps object| dataLayer string| GoogleAnalyticsObject function| wppas_ga undefined| $ function| jQuery function| ClipboardJS boolean| MXI_DEBUG object| moxie object| mOxie object| o object| plupload function| _ object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| pluploadL10n undefined| uploader function| uploader_init object| topWin function| fileQueued function| uploadStart function| uploadProgress function| fileUploading function| updateMediaForm function| uploadSuccess function| setResize function| prepareMediaItem function| prepareMediaItemInit function| wpQueueError function| wpFileError function| itemAjaxError function| deleteSuccess function| deleteError function| uploadComplete function| switchUploader function| uploadError function| uploadSizeError function| wpFileExtensionError function| copyAttachmentUploadURLClipboard object| wppas_vbc_upload function| wppas_vbc_load_ajax_upload boolean| wpproads_no_adblock function| gtag string| userpro_ajax_url string| dateformat function| inView object| googletag function| __d3lUW8vwsKlB__ object| tdwGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| ga object| Wpfcll function| wpfci object| block_tdi_1_112 object| block_tdi_2_844 object| originalsizes object| block_tdi_3_084 object| block_tdi_4_694 object| ggeac object| google_js_reporting_queue object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| block_tdi_5_a5b object| default_ContributorServingLoaderClientJs object| googlefc function| __Y9uNstf385Zx__ object| __fcInternalApiManager string| ZjI1MDVkOGQ4NDQ1YTA4YWxvYWRlcl9qcw== string| ZjI1MDVkOGQ4NDQ1YTA4YWNhY2hlZF9qcw== string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady number| google_srt object| google_logging_queue object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| FB object| block_tdi_6_498 string| google_user_agent_client_hint function| findCMP function| getRoxotGroupId function| getRoxotSectorId function| getRoxotDeep function| getRoxotEvent function| stpdPassback object| stpd function| stpdChunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO string| nobidVersion object| nobid object| block_tdi_7_451 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| aax object| default_ContributorIabTcfV2SignalJs function| __m0F0sJOg2G__ object| block_tdi_9_445 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages object| Criteo object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| wpcf7 object| up_values object| wpdiscuzAjaxObj object| wpdiscuzUCObj object| wpdiscuzEditorOptions function| _typeof function| _instanceof function| _get function| _superPropBase function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| wpdEditorCounter function| Link function| wpdEditorLink function| WpdEditor object| wpDiscuzEditor number| wpdiscuzLoadRichEditor function| wpdMessagesOnInit function| onloadCallback function| wpcShareCommentFB function| Cookies function| Quill function| lity function| postscribe object| domtoimage object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack object| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr function| $f function| onYouTubeIframeAPIReady object| addComment object| q2w3_sidebar_options function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar object| wppas_ajax_script function| PASfunctions function| loadPASPopup function| delayPASPopup function| showPASPopup function| disablePASPopup function| closePASPopup function| loadPASFlyIn function| disablePASFlyIn function| checkAdStatus number| paspopupStatus undefined| clickable_paszone string| ajaxurl string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| widget_obj boolean| q2w3Refresh object| sas object| apntag object| _ADAGIO object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113 object| GoogleGcLKhOms boolean| 9c22408b-5f7c-46d4-8b83-235f93a4bd02 object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ object| google_image_requests

60 Cookies

Domain/Path Name / Value
.grokiskis.lt/ Name: _ga
Value: GA1.2.59639036.1633178509
.grokiskis.lt/ Name: _gid
Value: GA1.2.536711134.1633178509
.grokiskis.lt/ Name: _gat
Value: 1
.grokiskis.lt/ Name: _gat_gtag_UA_74776351_1
Value: 1
www.grokiskis.lt/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.grokiskis.lt/ Name: _pubcid
Value: 80cb55db-4149-4601-95e5-74f2dd8ae5fb
www.grokiskis.lt/ Name: cto_bidid
Value: PmCIvl9kR1dmSVBZMWJLVWklMkYlMkJ5N1dwYzhQVE1uODdnRGJnU1A1aHBmM2xGcVRPNDUzZHNoMWROeWRhY1RuajU2eWVnWHVYZEphaTJOMUZPVzMwajcwVmdQMEElM0QlM0Q
www.grokiskis.lt/ Name: cto_bundle
Value: 6w88CF9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWaDc2TUVJblJGJTJGQzhBSXRjMGRhd1RqcExtbnU4anVVZVJrWTdNcXJHRmVXRDVIeSUyQk53STZ5SFJsYjJnJTJCUXRnRnJFaDNYMFNBMzYlMkJ3OU1DNmR0bWNmTXpwNiUyRm9jUENpc01OdXlHNUg1SGw
.adnxs.com/ Name: uuid2
Value: 3858817988582840359
www.grokiskis.lt/ Name: cf_use_ob
Value: 0
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 413363=4603001
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1309657985%3B%24ql%3DHigh%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1309657985%3B%24ql%3DHigh%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=1881784456&lo=-721590141&lt=637687825097080745&o=1
.adnxs.com/ Name: icu
Value: ChgIp4N5EAoYAiACKAIwjafhigY4AkACSAIQjafhigYYAQ..
.smartadserver.com/ Name: pid
Value: 8890469220762188172
.smartadserver.com/ Name: pdomid
Value: 25
.grokiskis.lt/ Name: __gfp_64b
Value: qEdhPsCRrduhiDuZsaIV6cGkC9IIaK1wwERdg2DSC5H.b7|1633178510
.hit.gemius.pl/ Name: Gtest
Value: KlSh1RaGQMGGU1COtWGfSR9issGMXP8c25nSGhcsF8SWM5aSU5WpIvsiMG..
.hit.gemius.pl/ Name: Gdyn
Value: KlGktMaGQMGGU1COtWGfSR9issGMXP8c25nSGhcsF8SWM5aSU5WpIvLaojQGmsRGxRShrRhrGQFPyGKGfZxXqSRxSG8.
.criteo.com/ Name: uid
Value: cf5e4c44-c1ec-49d7-a819-6b1df376a770
.grokiskis.lt/ Name: __gads
Value: ID=26d3c398197e5796:T=1633178509:S=ALNI_Mbi1HK4Oh_QsPVj1vZiUAiOWXpVRg
.doubleclick.net/ Name: IDE
Value: AHWqTUkWuFsFflTFrzsWnA8ew2ei5CgmlRh4_1kgVYBvsneymJet3w_0CKLXXP2C7jo
.grokiskis.lt/ Name: cto_bundle
Value: O2LRXV9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWWU1aNkFjdWs2eTdsWkhCdmFHMWtJNTZhQ284aUpqalFQOWFWMWIycEdVSEFwa0NGNDk3Tk13VHJ2aVFtMERaTFZDbG9xSzF6TVhqVExsRUlvVkNNbldjYmxVMFF2eTJ2dmw2cWFMRlFoWDlveW5jUHFseWptb1Q5c05NTHFPVnclM0QlM0Q
.www.grokiskis.lt/ Name: cto_bundle
Value: O2LRXV9mb3ZNNlR6OFhHT2xmVGlQcHptTXdWWU1aNkFjdWs2eTdsWkhCdmFHMWtJNTZhQ284aUpqalFQOWFWMWIycEdVSEFwa0NGNDk3Tk13VHJ2aVFtMERaTFZDbG9xSzF6TVhqVExsRUlvVkNNbldjYmxVMFF2eTJ2dmw2cWFMRlFoWDlveW5jUHFseWptb1Q5c05NTHFPVnclM0QlM0Q
.grokiskis.lt/ Name: FCCDCF
Value: [["AKsRol-KubF_cGivFo4wsQAeG3vme8lUDymAov5I65xAjKrydq05O8DGF30vUqEtWxqOi_kuScmcWBW4nQmJWKJz4vg66DRbS3jJ-lRdWKuOjWhWcvCst0M4OrPrmxDdfXbhzLUFkBAChdV2YZd9N4CAIXILnQAAxg=="],null,["[[],[],[],[],null,null,true]",1633178509211],null]
.grokiskis.lt/ Name: FCNEC
Value: [["AKsRol-KubF_cGivFo4wsQAeG3vme8lUDymAov5I65xAjKrydq05O8DGF30vUqEtWxqOi_kuScmcWBW4nQmJWKJz4vg66DRbS3jJ-lRdWKuOjWhWcvCst0M4OrPrmxDdfXbhzLUFkBAChdV2YZd9N4CAIXILnQAAxg=="]]
.casalemedia.com/ Name: CMPS
Value: 3173
.casalemedia.com/ Name: CMID
Value: YVhTj7DDsACPtxUdvJtxxwAA
.casalemedia.com/ Name: CMPRO
Value: 1214
.casalemedia.com/ Name: CMRUM3
Value: 2d6158538f2760
.media.net/ Name: visitor-id
Value: 2761801119318801000V10
.media.net/ Name: gdpr_status
Value: 1
.sitescout.com/ Name: ssi
Value: 8aa63376-772a-45b8-8dd5-855e8da60efa#1633178511462
.sitescout.com/ Name: _ssuma
Value: e30
www.grokiskis.lt/ Name: PHPSESSID
Value: m7h5514fhe9ut0eh0mv2hgcnsb
.casalemedia.com/ Name: CMST
Value: YVhTj2FYU5AA
.sniperlog.ru/ Name: guid
Value: A68E34CAF376044B
.media.net/ Name: data-g
Value: CAESECO_wjkgMC_3wkuMgO1gx-c~~3
.adfarm1.adition.com/ Name: UserID1
Value: 7014448297571514515
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.360yield.com/ Name: tuuid
Value: f451fad3-020a-4805-a740-3c8c8501a2ed
.360yield.com/ Name: tuuid_lu
Value: 1633178512
.yahoo.com/ Name: A3
Value: d=AQABBJBTWGECECo_gEaQwQxb4XQvSYFKJPwFEgEBAQGlWWFiYQAAAAAA_eMAAA&S=AQAAAuqY1LUyTN81r-bB2sDOVNQ
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F7140793-2295-48D0-814D-ED879EF1A5BD
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~20qc
.mts.ru/ Name: dspid
Value: 798df4eb-c683-47b1-a959-bcc60ba50425
.agkn.com/ Name: ab
Value: 0001%3AoJUxMX3X91gOnWfRmg8%2FlHhgoh90sCjp
.agkn.com/ Name: u
Value: C|0EAgo6xAQKOsQEAAAAAAAAQAtAQfoGAIAAQAHAAAAAAGSr9z__x4AAAAAAFwJXgAAAAASpsUVAAAAAAldIxcAAAAAHiT6sQA
.adhigh.net/ Name: gi_u
Value: 0rQNrqwL35y.AikABlF8QQZrHQ
.ops.beeline.ru/ Name: BeeAID
Value: 3b833ec7-07ba-48d1-899a-e84ae0f6a066
.openx.net/ Name: i
Value: d9a68334-a53c-418f-b32d-dbb75bc89447|1633178512
.rutarget.ru/ Name: userId
Value: N4aZb_2sdBhA
.mts.ru/ Name: mts_id
Value: 7bd92fb3-64b6-42ae-b9b1-c43720e3ce7f
.mts.ru/ Name: mts_id_last_sync
Value: 1633178512
cs.chocolateplatform.com/ Name: choco_cookie
Value: cp-7a27e71af54a4f3b421c89f9b241ab5e
.c.appier.net/ Name: _auid
Value: e3ErRK8nDs6VqVyMkFNYYQ
.c.appier.net/ Name: _gu
Value: CAESENC6yk4kTFcrLPYA5F6ypkM

10 Console Messages

Source Level URL
Text
network error URL: https://www.grokiskis.lt/wp-content/uploads/2021/10/243689063_1766862813508234_6451485876487999405_n-681x511.jpg
Message:
Failed to load resource: the server responded with a status of 520 ()
network error URL: https://www.grokiskis.lt/wp-content/uploads/2021/10/Untitled-v-681x454.jpg
Message:
Failed to load resource: the server responded with a status of 520 ()
network error URL: https://www.grokiskis.lt/wp-content/uploads/2021/09/image0-1-e1627976383500-681x454-1.jpg
Message:
Failed to load resource: the server responded with a status of 520 ()
network error URL: https://www.grokiskis.lt/wp-content/uploads/2021/09/sveikatai-uzs-1-511x681.jpg
Message:
Failed to load resource: the server responded with a status of 520 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEOG7xmixsGU9nkf_RrlC3Ss&google_cver=1&google_push=AYg5qPK7P5atKSQWXXqKjkJcKeGYBmMeWrhveRyaD_1hkkVmqq9eEH3Tz6ZuFxvlILNwMfZ5rkv7unIYitdvZRPvMQjGyWASb4bW
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVhTj7DDsACPtxUdvJtxxwAABL4AAAAB&google_push=AYg5qPIExbpqrhKPifk5CHZUYaYPrhaOdMO_wmcNdSMGwav87A5_MzDE3GIW1-gT7WJ-6JLgnUkOdBnnzKO0L9zOcEARJZAnNg&google_cver=1&google_gid=CAESEOEmrG9ZLwoG5H-OPTNQF2g
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=9FH60wIKSAWnQDyMhQGi7Q&google_push=AYg5qPKMHq0Bi6BmDDQaqGoiVvG73DqulJcHWr6RfqCJjL_YGy2ZikGBvEcKt0bcmRgNQoM8vswagVOwL1k0jKkYI5ys7Rco8z8
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtN2EyN2U3MWFmNTRhNGYzYjQyMWM4OWY5YjI0MWFiNWU=&google_push=AYg5qPIdi9VId4Cuc9VumH9VG7REGLEE8kpfJilTEM33UwoPWTP12Wv0ji2PYmFUDbkpE6xLY0JaZip683wncOM72opxudP1BBfY
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
acdn.adnxs.com
ade.googlesyndication.com
ads.yieldmo.com
adservice.google.com
adx.adform.net
bid.g.doubleclick.net
bidder.criteo.com
cdn.doubleverify.com
cdn3.doubleverify.com
cm.g.doubleclick.net
connect.facebook.net
cs.media.net
csi.gstatic.com
d.agkn.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb4e0882e32b23a5b0e6e6abca0819e0.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
galt.hit.gemius.pl
gcdn.2mdn.net
google-sync.rutarget.ru
google.ops.beeline.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grokiskis.lt
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
ls.hit.gemius.pl
match.adsrvr.org
node.setupad.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prg.smartadserver.com
px.adhigh.net
r2---sn-4g5lzne6.c.2mdn.net
rtb0.doubleverify.com
rtb2-useast.torchad.com
s.ad.smaato.net
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
sm.rtb.mts.ru
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stpd.cloud
sync.go.sonobi.com
sync3.sniperlog.ru
tech.rtb.mts.ru
tg.socdm.com
tpc.googlesyndication.com
tps20513.doubleverify.com
tps20519.doubleverify.com
um.wbtrk.net
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.grokiskis.lt
cm.g.doubleclick.net
um.wbtrk.net
104.18.15.161
104.26.8.178
124.146.215.47
13.248.242.197
139.162.78.222
142.250.181.226
142.250.181.230
142.250.181.232
142.250.184.194
142.250.184.226
142.250.185.162
142.250.185.194
142.250.185.206
142.250.185.65
142.250.185.67
142.250.186.100
142.250.186.130
142.250.186.66
142.250.186.97
142.250.191.163
146.59.30.108
159.89.25.223
172.217.18.106
172.217.18.110
172.217.23.106
172.66.43.3
172.67.128.141
173.194.76.157
174.137.133.49
178.162.133.149
178.250.0.130
178.250.0.157
178.250.0.165
18.192.155.173
18.66.112.34
185.184.8.65
185.60.216.19
185.60.216.35
185.64.189.115
185.86.138.122
193.232.148.151
2.18.234.21
2.18.235.93
2.21.111.28
2.21.141.148
2.21.143.187
213.254.244.22
213.87.44.187
217.66.147.170
3.126.56.137
31.172.81.159
34.255.50.161
35.244.159.8
37.157.6.252
37.252.173.215
37.9.245.57
54.36.109.49
66.155.71.150
74.125.160.231
74.125.206.157
79.137.68.143
80.64.106.147
85.114.159.93
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
06818a46a6caa4efae4f00ce156f9e0fabbcce98ffadb3f5672bcc1438be4ebf
06f6d108b26471371ba5d0d2850df31f6c62f37fba7b61a73f08e2d2f834ac1a
08d8abc3366f7cba64ca61ff6c7cb593866699acb0adeef1b9684bdf24fab1b7
0b85884b0f1e28f6553f3e223066df3af307ffc7ec51007635e84064bf273aad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b910dfff8e26606ba1618454ab57de193b2919b3655ffcc08929ac30b3c4d84
0bbdc81d578bbd0f77eebba79113d5f31e001a899472db7bee02405d09939a32
0c05becaf948243f8426c8c072fc0bf1de88e64cef7a383c092b2a356c0a1116
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0e0b6b065b4bc6e798f16174a0ae9e260ea89cde06ece454e23b9b4769855933
0e0ce5296bf59b136dafbb48f74aad84ed968cc3c89153ac715318757c609fcd
0e691e8f0165da611ca039205a7aee6677cb893a82e22f981d56474020855053
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f94f262142bd783259bfd6292bd3f2691b725489e5c5aea82903dc1c4e75f17
10508b41163f3f8ccdcc61874c616db4a957683fa30a37f3055701199cb17056
11d5e1186d325c697cea58cabe9a08a31528ce6a73a337f7a70a16db5dde7bef
11e4ed1d1f60d33b428991a033612e8437d8d13e02e8210a2d38b93204a153fe
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13985a3f55e5182391346d2cd0c08fa63127ed407d457be5ddb2d63aac371905
13b556349e5b51c79fc255aaff074b79d89fb2d26a27233fe86f79eeb6dfa0e2
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
187c87df2a8792385f1ac2c2ddd3c2c9023e5d9e94faa82fed5756a3257d4e98
1883d6ead1d5a94750c0f28d962ca6d8794a8a45158e4fa9c34dd74a397a37b6
1a51ffc84a86d20107a380d46785c1554d99f0afeb79503b29ae22e1cbb3c890
1ba65cb5bed8a2e4e62db02ecb55e9c941a2d2b167356e968cd6c4d7b947d6bb
1bcc8894fbb9808055c41dcf76dc0c7838f58e3ae7b7102a621fbcc581c64fb1
1c8dd4466fb9ec44a07be02416ed059d8848a2f29c242d8a80ef534c8855c890
1cb5bd6de06a4791bce5de63f5311994c5bf683db36d9463c2365e3d77c4f7c9
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fda9e64057963e0da5b44de0621f6dab58cd0c5672643c72f1f547070799967
2195385bdfc2517da91d7c226168c0e6195ff11b72375c586ed88675600c5d0b
22dcd692874ca981306de1f5aea9ded0f77f2debba2c447ba36585867c26be68
2515c5d8ee09ea4169f4434b739cba7a79188c31162615082cb8d1d9ecc27b70
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2645a17ec73ba130f541305cf03b954dc4b12e2de6145128f67445b1a0dd4809
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
2bd32618a02827b29aa1c6c427d0193e80109c529d7de6af6de92c19a8cf06be
2f520ecf143086a008eece260bb19e268fbb76635c4fddad9b6b74021b599083
2fbecaaf94c2ff9ac22a68451e3717f55d76010427ac7b78291c13a7fbd61195
3068ff642720bbe008b966164a5608ad25c25a3d2e1bfb4055e95c2dff5872c6
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
372ac6ffeed2bf8f5bc36aaf8d4baf5265811f125b146fe33ab9dc599f3ea470
374912dd918446f01485c7cc03f547f4de5dfa6af75fbb1295b17e04c548ac88
375bbb6d581fda6202117a9c4c2891605e3933ec354eef5676587dab3367824d
39479efae0025b91536959aba2d0f85c545cadbdd095c3be98fd9fa895f32e24
3ab76bdae22de0e7b48f53ef986b987bece2970e38e5540a4865907909af00f6
3ab9160829fadbd81bb1d6a869a34ef0786c32e5cbc49786598f144ed4f5c653
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f73bf1ceeed5124abdb938edb25db5e212a997a7716295a724c6fd61d353ca9
416211f730a5a0ff81eb5a9a80c7f22ff932478e0024a3bfd30d685019176c39
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
432bb2ae2a45d83aa8aab7a551a42cf266061f86a1a416696027f13ae4fd05fa
447c7efd257a057a8e8470a34deb9ddf7aafca1ef5efcda21db410dc25fa8da3
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4691398530c0dee4792e6323b8030373c599d722cc99a3a95fc1fc6b631c4e4b
47496f72f870a670162d5593c59f17e440171da04a5a8167beccf1b8eda4a528
476eca3b24f635baf6664a6ef7a2748694ac5b33b553ae7e259ead3e07859ad8
4832f1b61af3e5755661749291d9830d7d582c6a799b5eace1253099c08d38c3
48aa32edeb26220ed2f2b362345c54ed30f1853eab4592f74b1792e70d69fce1
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
496daa9464e65e81897432d67e47f73ba5438a65afb2471f53ce22ba1d92b05e
4db0e0a3a8c36214b489e004d5d77427aca983d46020b3ae33b73463ccf254d0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
538ac18972f09dd2cd6f278e00967e8e965a668eba811a30b290af23e4dccd96
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
554f0efec6dee3c0e3b0715bb52087ec7f531bf89a180961f4c7a4d6b2180819
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
5a4934fe889bc2f975cd69f0c35adc72107079ef0d36a139fa141b5219e0e6b0
5ad7430e4a1a9b59a8862f11ec312f980335052776bb27387ed7cf1ad53be39b
5ae347b7dc1c7dbc2d96943265f9e22b223e03fddf90bc4b03b9ff26fbb278ce
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d28789bcc260a66ab6fb721d5ae5acebbab52f41eec01e6b18784cf479a8774
5d6ba53a88a88478bb05786eddac9110755cf8e8d8eaa2c0a83e9dd1c3ccac2c
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5df8b754f183c4dc64a23436b21f6a4e363ac95dcd497aa6913e0aec3ee55e12
5f4967b92670635fc7e4b9d57f938ad6b5ae4f8b8cf27ef1ec6e88ac7641eb5e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
62016ee99dc0705dc119be912b1142cbcac0a3f22e630b853739c8eeb106566d
64bf902b06a5cf69c37f0026efe2f33e3ac644d8237cff3acd7a4e18ee167add
655a58b7c0d247255d5668aeb42387bf54640fad5b6b2ae6fee0357f9997af2a
66818fbdd574f73e73d1eaf6b23ff6338adacedd6167fe31f72f6fae648966ea
68bfbd9557fa7b16edbebfa2c46dc82a8a35625ded91f882f5b6ac30466d5c67
6911fddd3edd78506ebac0b5ba7c8cc3fd9bd0ffd80b644bb9bf7679acf8c415
6a20979d104a372e82fb1621d63961ccd233305cd5d7726e47b2c6518d1acc88
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6bec14c2e87d5fa2bb1a0ab7fb202eda53045737f9c764a6da8e1b1b6f789b1a
6bf6705013803751aeca656a2770b283c8ba14b56047006f1dce94263d86023c
6f5e6678cbe5efd13de0860118411c04fd151eafa923b81ad018a12652cf34ad
702098ff29ed3b7bdb1c89e14312394d60b7ae2a33a6f259c02da214c4db52c8
70ff7b90020a2b75866a03f2cfaa5d57f9b3610b7d91a8bcc78694c73f082747
7167102d24e43d5c95dcfadc9f1e2e6469ec09e0125853ab68fa013eb668ab05
742e335a28425d636567483fb1dc524ccc55e7cf4d0399103894a663e6169697
74cc6a206326b8229276585c91ff2029af2061b89ffbadb4e5873353cf6e93ae
780a7c8a6535a28a8c37900625c05b2c1e5be0b8b35bc417d27b1fbc5b101c38
78557e84e47b8f87536df3dfc0a62aa3e304b1933ad6df93faa3430b43c62a3a
788124f08b23062e8ff36028cb5f58db02f9be01b4ff73cdffa9ba40faadcb7d
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7a01223686d9e945a34f29b471baf9217e17332755b4536b03525cb5a9c39e5b
7a3e1fa68b2ed9b3c641299d3129d7439377b2f2f21a4f13d17435967ecb00a5
7cc64ec2f55ae9d24be2ca2bd4f933dcf99c9be0ae35871489cf235d5cee6af0
7d7ddf617c63da9bd588428601e0f8ad67395a39a44c1f014577ac0f2bbb5f9c
7dc69a5a47ffe3a98d4b1b3fe08d177b8d135318aded51bf7e560123c6143eae
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7f9f4009092d95137c7056d0e37530f54f780967dbb0cc6145d33b6885640b22
8231e1d644e755e0c3153fda10db7a627713b88677086920531f10d4636bb7a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
86b48a905f0b3dec6d7849cc7dfa4bb7bdcd0f746d367a1c6a86e6fec4d59ba4
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
886e0879b599211865a10eaba3e23347370bd0acb83b11f7bb5bcdd26990104a
8b116b6b54187cf95c28c610af8a4b902c4b9a0ef589f1943d2ce8ca553a4c65
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e146f3f271846198b9e124359c46d8981e1b644326b2e67b80ec120ff0659c5
90f97d5674a1b276d53c93139427991e717bbf04870eede80281ee6cbd80d7fd
918fe0d8e006ba68228038e73c1afba11d63a9cfaa91e1ac027214a882d67086
94cfe0e7f05a53a4381439225e7467af76d1b3e3c7969c04f2fd0756e4b69209
97dd405edccde8f0171941d1cd209ebd48e64b47bedadd221a37640483c19b1e
99a8ca772d8b6a161ab3b21a361110e22bfbd86b168d180977a555391f753f4d
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cc94a022ccb0f7150c13016f045ff1ae8f21217ec58dae64f3dc479337aac89
9cddc4e1c7049c1e45ebb678a8a47bb3b67dfa86009c877de6a9e6da0cfae474
9edbb3274b9458f32863ad429285de7318f1a6c9e2f36a9d18728f3b05658e75
9f247618c9b0011652cfdc3e7e360646c5693c8ef9ea3452f9226fa4bd97f0cf
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c
a076373353cb3020df988f2a782b575bed07ac0650e443de90f3092b0dc2f722
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dc3a7d23d1a2207db8206f535a8ddbd379cdc9c0395cb1f366687742aac9de
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a733829c63f059d94d91dde8f4b021aec70d1e3575b06b1d135bb43b1620e16a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74103e38e9100725602e7787a2c49fde1be6ed403db86151329352e648300c5
a7687a8fc3bea2ddf266c3072c40e6ff388f0838bb5663f2d2cc4b02bcc1341c
a80515e9ff9cf794e1e85f93895dece25724bb787a0b4664a037d395a6c5eccf
a8346a2e1f5e9152c6d1a96fc3fdbe8d2dd1a603677a75d12090ad32adaf88c2
aa047bd57fab9d34962cf867f2f7df6025429e0a13a04d16c5269bd381022a57
acf4d48991ea48232f18187c0f6892f5ce33d73a32d32489d03e6d50327e60d9
ad26ac45854433ed70dff18b311c7aefe1e5493461f7e5c778cbc578924fc5c0
ad806661f0b8196c3990925a86a255a34c44112c25138bbf519a58b962d5be0d
ad9c68ffb2f72b4ebd74bc3bbbeedaaf4cfd8a9acb1a330d9f6cedc3a64bbabd
ae6f863ccc4408cc01f91eb4e5cb3c9a0f571f18cf0c10ee128da15ff258594f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af397f326eb4c9052dc17e54762cc0d1669ea67ceac7222f3a02e5de555e1536
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2db7373b4a646a326952fa386be6fde1ce4c93f101258d840c91e42af13d47d
b538a230fb05e8ebd0f4793edba8e06ffea9fbd37d29280c453285a4254a905f
b7d1c42257d4146bc0d7a845c51edd7cc7d1544b86cd5a5981ed423199d60db2
b8139654317bd038b36ccfcb3c28c5de407e68b8bf6f90b4307443d6099faffb
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bae35cb0bf7206cd7044a916e1764ae10fa9957b57b64ee220df5cf571dc6bad
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be5d0c88c043e11e4d0346defe44d44423d7dfc791f2151420968327411c7adb
bf3b3826f55b517d5634fcc936d6b6c36bbc7b9154cca94af5cf485217c67b5b
bfdb35a623951253b712ee71c8889cccb1f4c003f41e13079ec9c66c2d8ef8ca
bfead86602806c825f9918b0fd6d84238c30d5e7d17e880f73afd1fda99f3c20
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c17baaf34dd02f1e89998020b750d907c7280c4c58fcedacf696370c3bd977dc
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c5a38e77f04b610271b24596f342c80dcfc1b56f64d1316096b08f02330a8cd5
c65b68799a66f02cb0da6dca10ca277ac2929e5caf4ddd2e24a6e5d1726734c0
cb94cafd1967748fdc2efce59720f202e1216d8fa5d8ddfd7ee8d5006ff9ec9c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce717e2474d97d8890bb3a71b7cb54c9deb5c192c070db68e34d7a963bdab95d
ce9ea6c38e8e6aff4ad099f2bf9c801ffae7699cc858cbe126517b43665c4195
cf34c41118af0e84df8a1d8536a15825937068ffc4290c4a2087c0b848caa36f
cf45fd887386f78ea2a2ba3aaebea9a7dc894e851e686f3d195f7e62ea8d38c3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d004db3b4ccbd1be28d42295d1da41acfbe35043f157579214c97a3ed4e2746e
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d1f817325e203b6bbc600303dbff26828f93eeb8da0c0dcf2966dcc3ff95a463
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d34592887ed8049b3ff66cfec4e26de808bd92d6a7cc3e6f19458726aea84bd1
d45fdcd9f085cacfa8611f78837c728a8d055dc3d4eb3a630c63684ddcfad871
d49512430277dac2fc4182539094c15672302805f63f7ef3757d1b17b8dc2b73
d4dc0b43a043e48cbbd47551b3ea57a8169851d9503b3ce9f15fd7b7c4b692d8
d59feeec37062affacfdcb5efbd8662df48c2c6b38361b5c6241b735a86bcb23
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
dd8d56b47974079bae9bd46456c03983882bef27c1548fbdce14d5827b8fc7c1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df87908a15f667e4362a981f1dec9067c4252ecb87958375be0a77c7ee78ccc3
e11faafce785ce27d576232a8cf2e17d979f19faf40cda6fe641239d33c4647e
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41e8464c8b1b487da7d473860e4c8424042b2a2fcb555e80a82dd55a84cd8eb
e44f709face9013da1e9679c6b316b4b59280bdcba01ad65c1e87bf4bd889e35
e5c24f10649dec8916503604c3ee96e69c68a633b441fc5aef824441b2bff212
e64565ccebb71b1a700c4ebbdab79e2b6e43161ed5c1a5e08b7fd55e8a6ce41a
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e6fc8e20bcd0cbbf0d1a529829a7c292d1d2ad1e8210a6b429ff2b6619fbfed7
e734c3bb4b067bebafc986038da41e1a398971f634fb1abc8380980a9c42a13a
e74af5f9b66a6e6ab6ac2bdd18111578293e52bfde1826d6ccc8d3e2c46ac6cd
e7cd58b23f25b4a857b01f04c962f4ba4b3d68f9b62dd16bbeb042f38d16db48
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9db9941c3262a26370f65d1af3f9ba960ca8c11751eee5933fc0947fae3b4ff
eb14a0dad6941230774daba24a989249a45674fd3afc175c2cc99741f46462e9
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
eed5bdb5b6ef894a5c3560be7719e78098aa08b06a015d06725bd73e140c4bfd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd7a75d456fd8a3177c45486414cf5041a6901ebc56021e0c866e722fe65a8f
f065d32d7b0b81c0dd9888f80fd04fd8cce90254a7086286c77a4a8edcf4b3df
f1437110bbca03f1ec813a0e193f40678110470fd271de5c69c74b8e8c0c8484
f292824b95430557ee966854a25d81c17cb4e2de4309d5b6b21fd5ad4833a23f
f4f6b9ba73bf8965170f34cd055a71fdfe9f336192f4a0ccdfd4959495f329fb
f9b722be20733f8d8f6c26f21f81042527d88b79252cdb80b5bdf0e6ba66ade1
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd99d496a024f3936f204dc73b052d85d5bb656258f586525dd363fca33e1f69
fea6e05826ec32c3a615a2b530f9544b15c0992dfdce055c42e34dfdc2876bc8
ff3b605752a246fbfc52fff6d98ca04eec2c1d0cdbd46c54c244733b301b6ac8