urlscan.io logo urlscan.io
SecurityTrails logo

www.15min.lt Open in urlscan Pro
185.11.24.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.15min.lt/
Effective URL: https://www.15min.lt/
Submission: On October 09 via manual from LT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 14 countries across 78 domains to perform 262 HTTP transactions. The main IP is 185.11.24.36, located in Lithuania and belongs to PLIUS-AS, LT. The main domain is www.15min.lt.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 21st 2020. Valid for: 2 years.
This is the only time www.15min.lt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 30 185.11.24.36 61091 (PLIUS-AS)
10 185.11.24.37 61091 (PLIUS-AS)
10 142.250.181.226 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 5 79.137.68.72 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
2 46.105.202.39 16276 (OVH)
7 92.62.138.182 15440 (BALTNETA ...)
1 146.59.30.96 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 213.226.139.106 13194 (BITE Bite...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 149.202.80.197 16276 (OVH)
2 2600:9000:205... 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 34.199.149.82 14618 (AMAZON-AES)
2 4 54.38.133.137 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 51.77.53.76 16276 (OVH)
1 31.148.200.7 56965 (GOTHAMADS-AS)
1 2606:4700:310... 13335 (CLOUDFLAR...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
4 13.32.21.201 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 178.250.0.157 44788 (ASN-CRITE...)
1 141.95.34.104 16276 (OVH)
1 1 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
2 6 185.33.221.14 29990 (ASN-APPNEX)
1 37.157.3.29 198622 (ADFORM)
2 104.16.190.66 13335 (CLOUDFLAR...)
1 184.31.84.150 16625 (AKAMAI-AS)
1 3.120.57.46 16509 (AMAZON-02)
1 185.184.8.65 204995 (RTB-HOUSE...)
1 2602:803:c004... 26667 (RUBICONPR...)
1 198.148.27.134 19189 (PULSEPOINT)
1 178.250.0.165 44788 (ASN-CRITE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 52.95.126.160 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 16 142.250.186.98 15169 (GOOGLE)
2 11 2.18.234.21 16625 (AKAMAI-AS)
13 2a00:1450:400... 15169 (GOOGLE)
1 2.18.233.67 16625 (AKAMAI-AS)
2 142.250.185.98 15169 (GOOGLE)
1 2 159.253.128.188 36351 (SOFTLAYER)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
1 1 35.190.0.66 15169 (GOOGLE)
1 1 172.105.221.240 63949 (LINODE-AP...)
1 52.30.39.253 16509 (AMAZON-02)
1 1 185.86.139.104 201081 (SMARTADSE...)
3 3 3.126.56.137 16509 (AMAZON-02)
1 136.243.43.220 24940 (HETZNER-AS)
1 136.243.13.5 24940 (HETZNER-AS)
5 148.251.195.97 24940 (HETZNER-AS)
1 159.89.25.223 14061 (DIGITALOC...)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 2.18.233.180 16625 (AKAMAI-AS)
1 104.17.120.107 13335 (CLOUDFLAR...)
1 151.101.129.108 54113 (FASTLY)
1 2 198.148.27.139 ()
1 185.64.189.115 62713 (AS-PUBMATIC)
1 2 52.46.154.242 ()
4 5 13.248.242.197 ()
1 2 185.33.221.13 29990 (ASN-APPNEX)
1 35.241.40.233 ()
2 2 3.125.99.7 16509 (AMAZON-02)
1 1 34.236.212.156 ()
2 2 2001:678:cb4:... 56396 (AMOBEE)
3 4 37.157.5.142 198622 (ADFORM)
2 2 213.155.156.181 ()
7 185.64.190.80 ()
1 1 178.250.0.163 44788 (ASN-CRITE...)
11 185.64.189.110 ()
4 4 52.215.67.80 ()
1 185.86.137.133 ()
1 1 162.55.6.213 24940 (HETZNER-AS)
3 3 213.19.147.44 3356 (LEVEL3)
1 1 87.98.242.60 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 63.251.232.170 ()
1 2 2606:4700::68... ()
1 1 2a04:4e42:600... 54113 (FASTLY)
1 151.101.129.44 ()
1 169.197.150.8 ()
2 2 185.29.132.245 ()
2 185.64.189.114 ()
1 2 146.59.148.16 16276 (OVH)
2 2 34.254.143.3 ()
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1288:110... ()
3 3 18.184.28.154 16509 (AMAZON-02)
2 2 54.194.211.3 ()
2 2 151.101.66.49 ()
1 2a02:fa8:8806... ()
1 1 66.155.71.25 ()
1 1 34.98.107.212 ()
1 52.48.175.241 ()
262 86
30    185.11.24.36 (Lithuania)

ASN61091 (PLIUS-AS, LT)
PTR: ip-185-11-24-36.bnk.lt
www.15min.lt
s1.15min.lt
10    185.11.24.37 (Lithuania)

ASN61091 (PLIUS-AS, LT)
PTR: ip-185-11-24-37.bnk.lt
s1.15min.lt
10    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
5    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    79.137.68.72 (France)

ASN16276 (OVH, FR)
PTR: ltx1.host.hit.gemius.pl
galt.hit.gemius.pl
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    46.105.202.39 (France)

ASN16276 (OVH, FR)
u.heatmap.it
7    92.62.138.182 (Kaunas, Lithuania)

ASN15440 (BALTNETA Customers AS, LT)
lisource.panel.kantartns.lt
lijuke.panel.kantartns.lt
lisslpagestat.panel.kantartns.lt
1    146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu
ls.hit.gemius.pl
2    2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
58895eb4f37174a5ac5a935d2763ba5c.safeframe.googlesyndication.com
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
5    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
www.gstatic.com
1    213.226.139.106 (Riga, Latvia)

ASN13194 (BITE Bite IP Network, LT)
freep.bite.lt
4    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    149.202.80.197 (France)

ASN16276 (OVH, FR)
PTR: eu4.heatmap.it
eu4.heatmap.it
2    2600:9000:2057:ce00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.199.149.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-149-82.compute-1.amazonaws.com
ping.chartbeat.net
4    54.38.133.137 (France)

ASN16276 (OVH, FR)
PTR: ip137.ip-54-38-133.eu
lv.adocean.pl
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    51.77.53.76 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: ns31075284.ip-51-77-53.eu
adlv.hit.gemius.pl
1    31.148.200.7 (Czech Republic)

ASN56965 (GOTHAMADS-AS, NL)
eu.ck-ie.com
1    2606:4700:3108::ac42:2b03 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    13.32.21.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-201.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    141.95.34.104 (France)

ASN16276 (OVH, FR)
PTR: p33.id5-sync.com
id5-sync.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    3.120.57.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
1    2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    198.148.27.134 (New York, United States)

ASN19189 (PULSEPOINT, US)
bid.contextweb.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
16    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
16    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
11    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
13    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2.18.233.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-67.deploy.static.akamaitechnologies.com
s79.mxcdn.net
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
2    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    172.105.221.240 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-240.members.linode.com
a.c.appier.net
1    52.30.39.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-39-253.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    136.243.43.220 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h478.meetrics.de
stat.meetrics.net
1    136.243.13.5 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h325.meetrics.de
s79.research.de.com
5    148.251.195.97 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h353.meetrics.de
b187.s79.research.de.com
1    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    198.148.27.139 (None, )

ASN- ()
bh.contextweb.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    52.46.154.242 (None, )

ASN- ()
s.amazon-adsystem.com
5    13.248.242.197 (None, )

ASN- ()
match.adsrvr.org
2    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    35.241.40.233 (None, )

ASN- ()
dmp.brand-display.com
2    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-99-7.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.236.212.156 (None, )

ASN- ()
nep.advangelists.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.181 (None, )

ASN- ()
d5p.de17a.com
7    185.64.190.80 (None, )

ASN- ()
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
11    185.64.189.110 (None, )

ASN- ()
simage2.pubmatic.com
4    52.215.67.80 (None, )

ASN- ()
match.prod.bidr.io
1    185.86.137.133 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de
csync.loopme.me
3    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    87.98.242.60 (Saarbrücken, Germany)

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu
green.erne.co
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    63.251.232.170 (None, )

ASN- ()
cm.adgrx.com
2    2606:4700::6812:c05 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (None, )

ASN- ()
match.taboola.com
1    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
2    185.29.132.245 (None, )

ASN- ()
sync.mathtag.com
2    185.64.189.114 (None, )

ASN- ()
image4.pubmatic.com
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (None, )

ASN- ()
loada.exelator.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2a00:1288:110:c305::8000 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
3    18.184.28.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-28-154.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.194.211.3 (None, )

ASN- ()
ads.avct.cloud
2    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    2a02:fa8:8806:13::1400 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    66.155.71.25 (None, )

ASN- ()
pixel-sync.sitescout.com
1    34.98.107.212 (None, )

ASN- ()
ads.playground.xyz
1    52.48.175.241 (None, )

ASN- ()
rtb.gumgum.com
Apex Domain
Subdomains		 Transfer
40 15min.lt
www.15min.lt
s1.15min.lt
768 KB
32 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
pubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
390 KB
27 googlesyndication.com
58895eb4f37174a5ac5a935d2763ba5c.safeframe.googlesyndication.com
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
135 KB
24 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
40 KB
13 2mdn.net
s0.2mdn.net
179 KB
10 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
10 KB
9 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
24 KB
9 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
8 KB
8 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
43 KB
8 google.com
adservice.google.com
www.google.com
3 KB
8 gemius.pl
galt.hit.gemius.pl
ls.hit.gemius.pl
adlv.hit.gemius.pl
16 KB
7 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
fastlane.rubiconproject.com
token.rubiconproject.com
22 KB
7 kantartns.lt
lisource.panel.kantartns.lt
lijuke.panel.kantartns.lt
lisslpagestat.panel.kantartns.lt
56 KB
6 de.com
s79.research.de.com
b187.s79.research.de.com
2 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 adform.net
adx.adform.net
c1.adform.net
2 KB
5 google.de
adservice.google.de
www.google.de
2 KB
5 google-analytics.com
www.google-analytics.com
58 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
4 KB
4 adocean.pl
lv.adocean.pl
22 KB
4 googleapis.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
1020 B
4 onesignal.com
cdn.onesignal.com
onesignal.com
83 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 contextweb.com
bid.contextweb.com
bh.contextweb.com
1 KB
3 googletagservices.com
www.googletagservices.com
101 KB
3 gstatic.com
www.gstatic.com
29 KB
3 heatmap.it
u.heatmap.it
eu4.heatmap.it
11 KB
3 googletagmanager.com
www.googletagmanager.com
121 KB
2 everesttech.net
sync-tm.everesttech.net
744 B
2 avct.cloud
ads.avct.cloud
894 B
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
734 B
2 mathtag.com
sync.mathtag.com
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
652 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 turn.com
ad.turn.com
943 B
2 w55c.net
pm.w55c.net
2 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 criteo.net
static.criteo.net
55 KB
2 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
620 B
2 adition.com
dsp.adfarm1.adition.com
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 districtm.io
dmx.districtm.io
cdn.districtm.io
282 B
2 4dex.io
script.4dex.io
24 KB
2 facebook.com
www.facebook.com
460 B
2 facebook.net
connect.facebook.net
170 KB
2 chartbeat.com
static.chartbeat.com
25 KB
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
486 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 quantserve.com
pixel.quantserve.com
542 B
1 deepintent.com
match.deepintent.com
44 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
974 B
1 erne.co
green.erne.co
327 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
217 B
1 advangelists.com
nep.advangelists.com
232 B
1 brand-display.com
dmp.brand-display.com
253 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 setupad.com
node.setupad.com
209 B
1 meetrics.net
stat.meetrics.net
351 B
1 yieldmo.com
ads.yieldmo.com
35 B
1 appier.net
a.c.appier.net
556 B
1 travelaudience.com
ads.travelaudience.com
524 B
1 mxcdn.net
s79.mxcdn.net
57 KB
1 creativecdn.com
prebid-eu.creativecdn.com
174 B
1 emxdgt.com
hb.emxdgt.com
157 B
1 id5-sync.com
id5-sync.com
530 B
1 stpd.cloud
stpd.cloud
142 KB
1 ck-ie.com
eu.ck-ie.com
114 B
1 chartbeat.net
ping.chartbeat.net
201 B
1 bite.lt
freep.bite.lt
241 B
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
262 78
Domain Requested by
28 s1.15min.lt www.15min.lt
s1.15min.lt
16 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
16 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
13 s0.2mdn.net www.15min.lt
s0.2mdn.net
12 www.15min.lt 1 redirects www.15min.lt
s1.15min.lt
11 simage2.pubmatic.com ads.pubmatic.com
9 securepubads.g.doubleclick.net www.15min.lt
securepubads.g.doubleclick.net
www.googletagservices.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
7 image2.pubmatic.com ads.pubmatic.com
7 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 ib.adnxs.com 2 redirects stpd.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
5 match.adsrvr.org 4 redirects ssum-sec.casalemedia.com
5 b187.s79.research.de.com 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
5 www.google.com www.15min.lt
tpc.googlesyndication.com
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
5 galt.hit.gemius.pl 1 redirects www.15min.lt
galt.hit.gemius.pl
5 www.google-analytics.com www.15min.lt
www.google-analytics.com
www.googletagmanager.com
4 match.prod.bidr.io 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 eus.rubiconproject.com www.15min.lt
eus.rubiconproject.com
stpd.cloud
4 c.amazon-adsystem.com www.15min.lt
c.amazon-adsystem.com
4 gum.criteo.com 2 redirects static.criteo.net
4 lv.adocean.pl 2 redirects securepubads.g.doubleclick.net
www.15min.lt
4 lijuke.panel.kantartns.lt www.15min.lt
lisource.panel.kantartns.lt
lijuke.panel.kantartns.lt
3 x.bidswitch.net 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 mug.criteo.com www.15min.lt
3 www.googletagservices.com securepubads.g.doubleclick.net
www.15min.lt
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
3 www.gstatic.com www.15min.lt
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 www.googletagmanager.com www.15min.lt
www.gstatic.com
www.googletagmanager.com
2 sync-tm.everesttech.net 2 redirects
2 ads.avct.cloud 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 ad.turn.com 2 redirects
2 pm.w55c.net 2 redirects
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 js-sec.indexww.com stpd.cloud
ssum-sec.casalemedia.com
2 bh.contextweb.com 1 redirects stpd.cloud
2 ads.pubmatic.com stpd.cloud
ads.pubmatic.com
2 static.criteo.net stpd.cloud
static.criteo.net
2 dsp.adfarm1.adition.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 googleads4.g.doubleclick.net www.15min.lt
2 googleads.g.doubleclick.net 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
www.15min.lt
2 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 script.4dex.io stpd.cloud
script.4dex.io
2 adlv.hit.gemius.pl 1 redirects www.15min.lt
2 onesignal.com cdn.onesignal.com
2 www.facebook.com www.15min.lt
2 firebaseinstallations.googleapis.com www.gstatic.com
2 lisslpagestat.panel.kantartns.lt lisource.panel.kantartns.lt
2 firebase.googleapis.com www.gstatic.com
2 connect.facebook.net www.15min.lt
connect.facebook.net
2 static.chartbeat.com www.15min.lt
2 cdn.onesignal.com www.15min.lt
cdn.onesignal.com
2 www.google.de www.15min.lt
2 stats.g.doubleclick.net www.google-analytics.com
2 u.heatmap.it www.15min.lt
u.heatmap.it
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 nep.advangelists.com 1 redirects
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 acdn.adnxs.com stpd.cloud
1 biddr.brealtime.com stpd.cloud
1 cdn.districtm.io stpd.cloud
1 node.setupad.com www.15min.lt
1 s79.research.de.com s79.mxcdn.net
1 stat.meetrics.net s79.mxcdn.net
1 ssbsync.smartadserver.com 1 redirects
1 ads.yieldmo.com 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
1 a.c.appier.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 s79.mxcdn.net s0.2mdn.net
1 token.rubiconproject.com eus.rubiconproject.com
1 hbopenbid.pubmatic.com stpd.cloud
1 bidder.criteo.com stpd.cloud
1 bid.contextweb.com stpd.cloud
1 fastlane.rubiconproject.com stpd.cloud
1 prebid-eu.creativecdn.com stpd.cloud
1 hb.emxdgt.com stpd.cloud
1 htlb.casalemedia.com stpd.cloud
1 dmx.districtm.io stpd.cloud
1 adx.adform.net stpd.cloud
1 secure-assets.rubiconproject.com 1 redirects
1 id5-sync.com stpd.cloud
1 stpd.cloud www.15min.lt
1 eu.ck-ie.com www.15min.lt
1 ping.chartbeat.net www.15min.lt
1 pubads.g.doubleclick.net www.15min.lt
1 eu4.heatmap.it www.15min.lt
1 freep.bite.lt www.15min.lt
1 58895eb4f37174a5ac5a935d2763ba5c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ls.hit.gemius.pl galt.hit.gemius.pl
1 lisource.panel.kantartns.lt www.15min.lt
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
262 121

This site contains no links.

Subject Issuer Validity Valid
*.15min.lt
Sectigo RSA Domain Validation Secure Server CA		 2020-07-21 -
2022-07-21		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
*.heatmap.it
Sectigo RSA Domain Validation Secure Server CA		 2020-06-13 -
2022-06-26		 2 years crt.sh
lisource.panel.kantartns.lt
R3		 2021-10-03 -
2022-01-01		 3 months crt.sh
lipagestat.panel.kantartns.lt
R3		 2021-10-03 -
2022-01-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.bite.lt
Thawte RSA CA 2018		 2021-05-25 -
2022-06-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-19 -
2021-10-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.adocean.pl
Sectigo ECC Domain Validation Secure Server CA		 2020-01-27 -
2022-02-05		 2 years crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2020-11-12 -
2021-12-14		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.mxcdn.net
DigiCert SHA2 Secure Server CA		 2020-12-07 -
2021-12-14		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
meetrics.net
R3		 2021-09-22 -
2021-12-21		 3 months crt.sh
node.setupad.com
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh

This page contains 39 frames:

Primary Page: https://www.15min.lt/
Frame ID: 40904C66805F803AAE36F531EFFB1F23
Requests: 106 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: D22A30266C55035047FC81A4E01285D1
Requests: 1 HTTP requests in this frame

Frame: https://58895eb4f37174a5ac5a935d2763ba5c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D3F88EB72F4A1B805124BDC8CBEB3A2
Requests: 1 HTTP requests in this frame

Frame: https://lijuke.panel.kantartns.lt/viewability/cm.html
Frame ID: B607F0B33E3ABB5313A393440C5FBFA4
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 71B9F6CFAB4D129162B57DE8DDFF95B7
Requests: 31 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 8D241FF9EB4AB94FD059909EE77F6903
Requests: 3 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_dm_cnv&dcc=t
Frame ID: BFEAF07B7D8F882F94A05E9AE2103053
Requests: 1 HTTP requests in this frame

Frame: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 190417666D7AC3058C20F2B8733A7348
Requests: 1 HTTP requests in this frame

Frame: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4EA2CC16640429EA064C2B3374BC8B39
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EC596A67268B367B82FB64F4C2205EBA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 04A1DC10107A45FAE2F19DE6C87DE115
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 08BB616D7D41A43990A548BDCB204235
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B38D7DED72548B9FF2772B36972DC576
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj3nOe1ATAB&v=APEucNVI2KmdG58PZJAhGYACKOohgwncMlvoM3VoZAlI-s4ftpRyR3CwZBS6k3UQhRg-xoL65FOJQNaoEY8RokKVgjTZJjW55GUja6Z2SHJ4MumREdodYb02ejRKy4Wh8JD6J1GMydyxu8YOi3svP11Yk5GfhZIwxuMTubYp5iQEWw84Ipz12YQ8-PllZTuczriizn3dTKTxRtwcA89zmTzyLwqS55ZCAQ
Frame ID: 04A383E9E146F39078E12278A6D59972
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A16FCDEA85B906C623331617C68823C0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 963DA563E7581DF129DC6CCBF05B9B56
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
Frame ID: 0136B5A756DE106B0E8A50231B8D2942
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.15min.lt
Frame ID: 3010F15C85C60CB245F4D3367B6A6928
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 3B30E10C8BAC8F236B9F7204BB03190D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8CC0349978BCCCDC8262DE690870E2C9
Requests: 23 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 959D8277CC810AB9E0D5914417180C65
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 850F32850AEB0D432D693394084E7F68
Requests: 2 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 1F5E3AEDBB359ADB58291EFA9472DE01
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 50C3C4835C47412DA60C5AB7FA88278E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4316EC91224AD1F89796B70803301531
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7EF2574C16F7F3557205BC67680461FB
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62
Frame ID: 2E30CF1030A0CCA2F007AB9F60D94E60
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5174310226411430601
Frame ID: D904536E14345E0AA2598266F29E6BAA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 5313420CB9B168C76A4738F2F8F186FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7017028374625974412
Frame ID: 316819DC30CF23307F29F709549CC952
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEP207CwvwAABP0Zr4GAQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 8DA97024733A67832E19412697E4BF60
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 6A1C225C65C16A94DF0BB699515D1FED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003
Frame ID: 9CE18CE62547EA60031D11320B8576FC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Say9xEiX8SDelQBLPj0PXniV
Frame ID: 8D188830258C4439FF89653B13574E91
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 998CBE6F1617D9290E3E0042C3645BA9
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: CA9C3371D37CA5BEA2371E78F3FD1077
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3232BFFC6D63E3D625F887D3A92AADBA
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93b62758-3e71-417d-bafb-c9b71462bcd3-tuct85b03a3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 13233D42D04033ACDB51454D8DE4A911
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 2628F03A88E283D4E84439B24DD2BE14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.15min.lt/ HTTP 301
    https://www.15min.lt/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 80%
Detected patterns
  • adocean\.pl
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

262
Requests

100 %
HTTPS

28 %
IPv6

78
Domains

121
Subdomains

86
IPs

14
Countries

2596 kB
Transfer

6982 kB
Size

72
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.15min.lt/ HTTP 301
    https://www.15min.lt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://galt.hit.gemius.pl/_1633779230904/rexdot.js?l=100&id=okrg7bcAowle1DyYXQ64UsWmzds1Pacw_D8MFWTOr5f.l7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.15min.lt%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=199&lsdata=47vFZ8F2_VDmNOrIbY_upmqnfsubiDM.LPw2FlOg6tD.A7r1cuzh1VW8MXXmIGtvb0Pnf2B5vNqcP0IkG6YpzrS7wpHp/4zGr4ULauoWT8/&fpdata=3hEbwBfXm0ztUqG7R8kh9zKa1Z5uwwI5PvOtLytxsTf.F7&vis=1&fpcap= HTTP 301
  • https://galt.hit.gemius.pl/__/_1633779230904/rexdot.js?l=100&id=okrg7bcAowle1DyYXQ64UsWmzds1Pacw_D8MFWTOr5f.l7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.15min.lt%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=199&lsdata=47vFZ8F2_VDmNOrIbY_upmqnfsubiDM.LPw2FlOg6tD.A7r1cuzh1VW8MXXmIGtvb0Pnf2B5vNqcP0IkG6YpzrS7wpHp/4zGr4ULauoWT8/&fpdata=3hEbwBfXm0ztUqG7R8kh9zKa1Z5uwwI5PvOtLytxsTf.F7&vis=1&fpcap=
Request Chain 98
  • https://lv.adocean.pl/_1633779231614/ad.js?id=QQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7/x=1600/y=1200 HTTP 301
  • https://lv.adocean.pl/__/_1633779231614/ad.js?id=QQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7/x=1600/y=1200 HTTP 301
  • https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1633779231%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DQQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7%2Fx%3D1600%2Fy%3D1200 HTTP 301
  • https://lv.adocean.pl/__/_1633779231/ad.js?hclsdata=4UMadFafd53v5aYsVNYQgESbyjHCVxmMdBlY_MhIk9n..7&hcudata=4DcabeODd56ebJtI_xpBISSN_2jywl0pCfMyQaxUpzT.M7&id=QQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7/x=1600/y=1200
Request Chain 107
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.15min.lt%2F&domain=www.15min.lt&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=YkaP43xBZUNtaG56U2huSXlNZms2WmkyRzdaeitUR1BFY2lRZHR5V1RwWVc5UUQ2STQrL3Z2OVg1RGwycDlzNWovMk1DUFRYem1xNVhPaEVieGpPRmF0Z24wMCtJSzVURjNEMW90dHE1dUlmUVZDWmFTUnNMVHVRN1NLejVKRFlIVmNNOUJoQ1RmNEx5Q1JxYklMcUNmUUlvcVBhdzR5REIyMjUxdEZKQXhuOW1yWm1qWmc0UGhmYUFBZnJIVmdKUEkyVnpHeTFPam1hMXhTY2RpTUF6eVJGQTRGY0R1VlM2aU8yak0wZ1U3b2VqTW13PXw&cppv=2
Request Chain 110
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 130
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_dm_cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_dm_cnv&dcc=t
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELJ7BfMqfNSN0P5smlSJbXI&google_cver=1
Request Chain 157
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWF.Ie-aGXKMorcZOgHdeQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELJ7BfMqfNSN0P5smlSJbXI&google_cver=1&google_hm=2
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGU44kHwwErzsi71RkDtTSQ&google_cver=1
Request Chain 159
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0NTQ3MjQ2MDk4NDk3MTExMA%3D%3D
Request Chain 172
  • https://um.simpli.fi/gp_match?google_gid=CAESECx0N6MkA4C4AzWK_wotfSY&google_cver=1&google_push=AYg5qPLoF0QZWELg761-Wb9CsNAb5EPn0D05maHdgn5NTbSPvuWrpm1nSLyUR7FCsJ35y7X5HkwEoun38gpaJbSsS0TfY5Lxgtzz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B292A8ECC7C746E2AA6F09134E13980A&google_push=AYg5qPLoF0QZWELg761-Wb9CsNAb5EPn0D05maHdgn5NTbSPvuWrpm1nSLyUR7FCsJ35y7X5HkwEoun38gpaJbSsS0TfY5Lxgtzz
Request Chain 173
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBS0-cvosuK_Iw0rs1oZYLo&google_cver=1&google_push=AYg5qPJoS8nJTy9iHrptvgTSNbxbb3VTTrzTOY53MBGGQ-RvAJfMDxkWG4tZxMD7ZMDJw_ZErnT0BU3JQGcyk3K0y5a8s1xPf7M4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzAyODM3NDYyNTk3NDQxMg%3D%3D&google_push=AYg5qPJoS8nJTy9iHrptvgTSNbxbb3VTTrzTOY53MBGGQ-RvAJfMDxkWG4tZxMD7ZMDJw_ZErnT0BU3JQGcyk3K0y5a8s1xPf7M4
Request Chain 174
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAUR48WCOJtw2h092VFpJys&google_cver=1&google_push=AYg5qPJB1Yt8h-fzKOMazQw1shjmcflz0ZPqwGiNYpSjhYWJUgOOf7b2uEO6V7t__rlHStCuLN1FXbHKCqcmiSoXyvNDpYxeFlmK HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mLvzfhDWRZeRM3iz9VYLKQ2&google_push=AYg5qPJB1Yt8h-fzKOMazQw1shjmcflz0ZPqwGiNYpSjhYWJUgOOf7b2uEO6V7t__rlHStCuLN1FXbHKCqcmiSoXyvNDpYxeFlmK
Request Chain 175
  • https://a.c.appier.net/gcm?google_gid=CAESEI-Sfhk1iwFmT3Nkku_JIVs&google_cver=1&google_push=AYg5qPLJBBx49SRGZ44-dMJbC19jQsnQ-8whymp7UmigCR7tXFDpI0ksF3Gh8he6ra1Zj1RXnvp8_Cjgv1KfdlcU-JJ06azNdXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bnJDeXhsSDRBSXFMa3ktbUluNWhZUQ%3D%3D&google_push=AYg5qPLJBBx49SRGZ44-dMJbC19jQsnQ-8whymp7UmigCR7tXFDpI0ksF3Gh8he6ra1Zj1RXnvp8_Cjgv1KfdlcU-JJ06azNdXg
Request Chain 177
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIN_v4eyeru8P8DaPaJQd0Q&google_cver=1&google_push=AYg5qPIXEC4b5pNX18Sty9ljG6Mj23xadE06WvmFQ8p4hrzRShni0OItQugY8rr4d9lU9PcaKbTtssgijvO3Xw1jL3759EL3HSdl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIXEC4b5pNX18Sty9ljG6Mj23xadE06WvmFQ8p4hrzRShni0OItQugY8rr4d9lU9PcaKbTtssgijvO3Xw1jL3759EL3HSdl&google_hm=NDIyNDYxMDcxNTQwODQwNTk1NA%3D%3D
Request Chain 178
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOsVeCZfkIpRMfaiSmwmyEA&google_cver=1&google_push=AYg5qPI4IiKkcmsZ_t7OHrcN8pvbKUNiYKBb3uzDf4fTUK7ObaEtVxK0O4bGfaURRO5P81DJRNNJEt09U7NDG1YlegeI4k510UE7mw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOsVeCZfkIpRMfaiSmwmyEA&google_cver=1&google_push=AYg5qPI4IiKkcmsZ_t7OHrcN8pvbKUNiYKBb3uzDf4fTUK7ObaEtVxK0O4bGfaURRO5P81DJRNNJEt09U7NDG1YlegeI4k510UE7mw&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IeGtxX1hwRTJ1SGVoRy5qNmkyNkxOZ296czlIMlgwTH5B&google_push=AYg5qPI4IiKkcmsZ_t7OHrcN8pvbKUNiYKBb3uzDf4fTUK7ObaEtVxK0O4bGfaURRO5P81DJRNNJEt09U7NDG1YlegeI4k510UE7mw
Request Chain 208
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=15min.lt&sn=ChromeSyncframe&so=3&topUrl=www.15min.lt&bundle=1wqEb19PU1AyZ0hJRmFwZU9Zd0NUUFdDa3RRdUloOENrWUxwZU0lMkZ4SDZTM0NXc2o5RWkzZ1FLbVZOR1JxOG5BT245TVN1NkxBVWZGZmdvS1RnaTRSYk13REJ2d0pyaWtyYm5KYm1IRHVZVzJldncyVWhMdWM5eVBham9MY3BwS281cmJB&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=l2-MU3xaZDd6WmJDdnlmRWhWTGcxblQxNUltZVQ3c2kyajBkZWVUeXUrN2VLbHArTm5pUjM3UC9tMFQ2UkNFNHZRWEVad05NbFV5ZDFiMEhSaDJFSUYxZ3VhL094WnVqbGZ2SE56QU5oNFBjSzJQcDhObE5wMlo4RGhmQUhlUi82elBXM25jZ0N6dlc3cG53ejVyUWhQVlE2Y3pmQ1AyQ1BZSEU4cFk0aUxaNndIYzBFWklBVWcyRWsxLzFtZmxSYjcvamN6dU85Q2tQa0JtNk55U1o1T1N4VnUwRmhvaE9XMnJyZW1pTUJsQU05ZERON25MZk90RU1NNWhka2FyY25vQzlLbktFalZneE5ZaENteVB6LzByOW0wZz09fA&cppv=2
Request Chain 220
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWF-Ie_aGXKMorcZOgHdeQAABG0AAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWF-Ie_aGXKMorcZOgHdeQAABG0AAAIB&dcc=t
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YWF-Ie_aGXKMorcZOgHdeQAABG0AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHyhIVEeurnjaVfijc-WMW4&google_cver=1
Request Chain 225
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YgziN1EY1MzaBZ5&gdpr=1
Request Chain 226
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-39057dcc-a99f-48e2-8493-2c99c7e1052b
Request Chain 227
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7188744322431514683
Request Chain 229
  • https://c1.adform.net/serving/cookie/match?party=14&cid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62
Request Chain 230
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5174310226411430601
Request Chain 231
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 232
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7017028374625974412
Request Chain 233
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFUDIwN0N3dndBQUJQMFpyNEdBUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEP207CwvwAABP0Zr4GAQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEP207CwvwAABP0Zr4GAQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEP207CwvwAABP0Zr4GAQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 234
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 235
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8191723921 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8191723921 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/31ed125d-629e-4e3c-82b5-54fa1dcbdd3a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003
Request Chain 236
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Say9xEiX8SDelQBLPj0PXniV
Request Chain 239
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 240
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93b62758-3e71-417d-bafb-c9b71462bcd3-tuct85b03a3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hcRAwxydQ6aXh7NtPIyOYg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 243
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=85cb6161-7e23-4100-b163-94274e3a9ad3
Request Chain 244
  • https://pixel.onaudience.com/?partner=214&mapped=85C440C3-1C9D-43A6-9787-B36D3C8C8E62 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=21ed5842690bdf825299543c5b978cdf
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODVDNDQwQzMtMUM5RC00M0E2LTk3ODctQjM2RDNDOEM4RTYy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAJOaAJ-F8mJuKarGkYKvlI&google_cver=1
Request Chain 248
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=31ed125d-629e-4e3c-82b5-54fa1dcbdd3a
Request Chain 249
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6032031246190383492
Request Chain 250
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:dc8c6161-7e23-4a00-81b0-87526ed7606d&gdpr=0&gdpr_consent=
Request Chain 251
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3745472460984971110&gdpr=0&gdpr_consent=
Request Chain 252
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KapnUCj-Y1Iy-mIEff18BSyqYFcyqWhXKa_cDudG
Request Chain 253
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4gbcKylE2uV7fB4xVNXuXbVpfAEZMhc-~A&gdpr=0&gdpr_consent=
Request Chain 255
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=5863ebe4-effc-44ad-9eeb-d4ffdcccaaab&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9eb3d50b-93dc-449d-a6da-752904c4bf86&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 256
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YWF_IwAAAlALRwA6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWF_IwAAAlALRwA6&gdpr=0&gdpr_consent=&_test=YWF_IwAAAlALRwA6
Request Chain 258
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 259
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7188744322431514683&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 261
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3745472460984971110

262 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.15min.lt/
Redirect Chain
  • http://www.15min.lt/
  • https://www.15min.lt/
631 KB
97 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
70a974a2c754bd5f83fedf69142cea227ede0352f6818ef548176fc9ad77ca2a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.15min.lt
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sat, 09 Oct 2021 11:50:38 GMT
content-type
text/html; charset=UTF-8
content-length
99046
cache-control
must-revalidate, public
last-modified
Sat, 09 Oct 2021 11:30:00 GMT
x-frame-options
SAMEORIGIN
content-encoding
gzip
etag
"55592e1729d5258b1b9748140b8a78bb201806011005-gzip"
x-check
x-ua-device
pc
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
x-ab-layout
1
age
223
accept-ranges
bytes

Redirect headers

Date
Sat, 09 Oct 2021 11:33:50 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://www.15min.lt/
Content-Length
0
Content-Type
text/html; charset=UTF-8
X-Check
X-UA-Device
pc
Vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
X-AB-Layout
1
Age
0
Connection
keep-alive
roboto-latin-300-normal.woff2
s1.15min.lt/assets/fonts/roboto/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/assets/fonts/roboto/roboto-latin-300-normal.woff2
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.37 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-37.bnk.lt
Software
nginx /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Request headers

Referer
https://www.15min.lt/
Origin
https://www.15min.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:46:50 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:46:50 GMT
server
nginx
age
2158373
etag
"3d74-5cbf32326baf3-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
access-control-allow-origin
*
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
15755
roboto-latin-ext-300-normal.woff2
s1.15min.lt/assets/fonts/roboto/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/assets/fonts/roboto/roboto-latin-ext-300-normal.woff2
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.37 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-37.bnk.lt
Software
nginx /
Resource Hash
b448446e0e9bcadc01d54b55d28469282d21d55e98fab894c289192ba62b0478

Request headers

Referer
https://www.15min.lt/
Origin
https://www.15min.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:46:50 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:46:50 GMT
server
nginx
age
2158373
etag
"2e24-5cbf32329dee4-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
access-control-allow-origin
*
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
11835
roboto-latin-400-normal.woff2
s1.15min.lt/assets/fonts/roboto/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/assets/fonts/roboto/roboto-latin-400-normal.woff2
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.37 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-37.bnk.lt
Software
nginx /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer
https://www.15min.lt/
Origin
https://www.15min.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:46:50 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:46:50 GMT
server
nginx
age
2158373
etag
"3d48-5cbf3231d1a53-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
access-control-allow-origin
*
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
15711
roboto-latin-ext-400-normal.woff2
s1.15min.lt/assets/fonts/roboto/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/assets/fonts/roboto/roboto-latin-ext-400-normal.woff2
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.37 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-37.bnk.lt
Software
nginx /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Request headers

Referer
https://www.15min.lt/
Origin
https://www.15min.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:46:50 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:46:50 GMT
server
nginx
age
2158373
etag
"2e54-5cbf3231d91cb-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
access-control-allow-origin
*
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
11883
roboto-latin-500-normal.woff2
s1.15min.lt/assets/fonts/roboto/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/assets/fonts/roboto/roboto-latin-500-normal.woff2
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.37 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-37.bnk.lt
Software
nginx /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Request headers

Referer
https://www.15min.lt/
Origin
https://www.15min.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:46:50 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:46:50 GMT
server
nginx
age
2158373
etag
"3e30-5cbf3231d1a53-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
access-control-allow-origin
*
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
15943
roboto-latin-ext-500-normal.woff2
s1.15min.lt/assets/fonts/roboto/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/assets/fonts/roboto/roboto-latin-ext-500-normal.woff2
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.37 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-37.bnk.lt
Software
nginx /
Resource Hash
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Request headers

Referer
https://www.15min.lt/
Origin
https://www.15min.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:46:50 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:46:51 GMT
server
nginx
age
2158373
etag
"2df8-5cbf3232a5be5-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
access-control-allow-origin
*
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
11791
roboto-latin-700-normal.woff2
s1.15min.lt/assets/fonts/roboto/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/assets/fonts/roboto/roboto-latin-700-normal.woff2
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.37 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-37.bnk.lt
Software
nginx /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

Referer
https://www.15min.lt/
Origin
https://www.15min.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:46:50 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:46:50 GMT
server
nginx
age
2158373
etag
"3dd4-5cbf3231d822b-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
access-control-allow-origin
*
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
15851
roboto-latin-ext-700-normal.woff2
s1.15min.lt/assets/fonts/roboto/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/assets/fonts/roboto/roboto-latin-ext-700-normal.woff2
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.37 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-37.bnk.lt
Software
nginx /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Request headers

Referer
https://www.15min.lt/
Origin
https://www.15min.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:46:50 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:46:50 GMT
server
nginx
age
2158373
etag
"2e3c-5cbf3232406a9-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
access-control-allow-origin
*
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
11859
common-desktop-bundle.less.css
s1.15min.lt/css/bundle/ 		228 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/css/bundle/common-desktop-bundle.less.css?v=1631706450
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
1e020ce904fa4c54df840cfafa585165503aae600f7d572fdcdf9144a459cd4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 11:46:31 GMT
server
nginx
age
2072794
etag
"39151-5cc073fd8abfd-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
text/css
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
43212
widgets-desktop-bundle.less.css
s1.15min.lt/css/bundle/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/css/bundle/widgets-desktop-bundle.less.css?v=1632805254
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
3efcf5d95e1437166d639bb6c6a21be2887f510a14e67a02bc1dc8be5f73b447

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 04:59:38 GMT
server
nginx
age
973980
etag
"e8c7-5cd0714a882bd-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
text/css
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
12561
list.less.css
s1.15min.lt/css/components/posts/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/css/components/posts/list.less.css?v=1626442703
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
5e51cc8c77883ba9beb5f9c1c9275d99613ad1cde2631b862ae56f301d9ae5b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:46:53 GMT
server
nginx
age
2152583
etag
"6009-5cbf3235172f2-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
text/css
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
3659
plius_infoblocks.less.css
s1.15min.lt/css/auto_rows/ 		11 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/css/auto_rows/plius_infoblocks.less.css?v=1604646647
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
7eb45051564ce39b0f40d619249dded08d25ebd730aaef1cca21ee65ac693c04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 09:09:18 GMT
server
nginx
age
620888
etag
"2cdd-5cd46eb08e789-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
text/css
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
6664
front.less.css
s1.15min.lt/css/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/css/front.less.css?v=1629697589
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
e35eab17958bdf9a8e2db6bd305647871c6b706aa51b10a822077d695b102476

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 14:07:24 GMT
server
nginx
age
1489672
etag
"775f-5cc81eabafccc-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
text/css
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
5232
common-desktop-bundle.js
s1.15min.lt/js/ 		202 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/js/common-desktop-bundle.js?v=1626429785
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
c9de9feb8b113b8afeaef2e9c1e86948e1dfd0929b65468c977feb245c20d413

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 10:55:16 GMT
server
nginx
age
2165515
etag
"327ad-5cba1f35a3713-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
application/javascript
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
67218
3825744207.js
s1.15min.lt/static/js/1633005161https/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/static/js/1633005161https/3825744207.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
faaa40b5fe3ec593f42957c67044a6bd6e03d1cd9f8b4592c745bc4bd2f07030

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
content-encoding
gzip
last-modified
Fri, 08 Oct 2021 15:23:35 GMT
server
nginx
age
54593
etag
"2ae2-5cdd8f6778d2a-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
application/javascript
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
4153
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
cdcfd2c4489c22333d330be4860a63ba699409dc36bde582df1c25603d69be26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1010 / 93 of 1000 / last-modified: 1633731109"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26826
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 11:33:50 GMT
15min_adblock_1200x300-6156cc4fc3457.jpg
s1.15min.lt/static/cache/MTIwMHgzMDAsLDYyNTk0MSxvcmlnaW5hbCwsaWQ9NjE3MDczOCZkYXRlPTIwMjElMkYxMCUyRjAxLDMzOTQ5MDgyNzA=/ 		64 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/static/cache/MTIwMHgzMDAsLDYyNTk0MSxvcmlnaW5hbCwsaWQ9NjE3MDczOCZkYXRlPTIwMjElMkYxMCUyRjAxLDMzOTQ5MDgyNzA=/15min_adblock_1200x300-6156cc4fc3457.jpg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
00c2ab50445dcc5d185c5a3fa30da7250fb0883309c6f3238cc399e108c3d433

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 08:52:58 GMT
server
nginx
age
700859
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/jpeg
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
62836
expires
Sun, 03 Oct 2021 08:52:58 GMT
15min_adblock_300x700-6156cc5a6f956.jpg
s1.15min.lt/static/cache/MzAweDcwMCwsNjI1OTQxLG9yaWdpbmFsLCxpZD02MTcwNzQwJmRhdGU9MjAyMSUyRjEwJTJGMDEsMzQ4MDA2MTI1OA==/ 		50 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/static/cache/MzAweDcwMCwsNjI1OTQxLG9yaWdpbmFsLCxpZD02MTcwNzQwJmRhdGU9MjAyMSUyRjEwJTJGMDEsMzQ4MDA2MTI1OA==/15min_adblock_300x700-6156cc5a6f956.jpg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
3f1246f16fb9992e12f367c05ba332c3e6d80a70b35b5a5a0d8a966cad501641

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 08:52:58 GMT
server
nginx
age
700859
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/jpeg
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
48911
expires
Sun, 03 Oct 2021 08:52:58 GMT
autogidas-615c1114c04b5.jpg
s1.15min.lt/static/cache/MzAweDYwMCwsNjI1OTQxLG9yaWdpbmFsLCxpZD02MTc3MzY0JmRhdGU9MjAyMSUyRjEwJTJGMDUsMjg4NzkwMjg0OQ==/ 		33 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/static/cache/MzAweDYwMCwsNjI1OTQxLG9yaWdpbmFsLCxpZD02MTc3MzY0JmRhdGU9MjAyMSUyRjEwJTJGMDUsMjg4NzkwMjg0OQ==/autogidas-615c1114c04b5.jpg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
ab85ab96378fc9f42d9d1861080f1dc9fe1d2c9b632ea2a1abdc112b1150b5f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
content-encoding
gzip
last-modified
Tue, 05 Oct 2021 08:49:00 GMT
server
nginx
age
355494
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/jpeg
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
31841
expires
Thu, 07 Oct 2021 08:49:00 GMT
max.svg
www.15min.lt/assets/images/logos/cosites/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.15min.lt/assets/images/logos/cosites/max.svg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
82b7f2372323bf98630a6501534a6cd861988a3550fd3fc70b6dbf8f586082d6

Request headers

:path
/assets/images/logos/cosites/max.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.15min.lt
referer
https://www.15min.lt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
x-ab-layout
1
last-modified
Fri, 17 Sep 2021 07:11:46 GMT
server
nginx
age
1792758
etag
"465-5cc2ba4f3ebae-gzip"
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
content-type
image/svg+xml
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
1125
s.gif
www.15min.lt/assets/images/bg/ 		43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.15min.lt/assets/images/bg/s.gif
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:path
/assets/images/bg/s.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.15min.lt
referer
https://www.15min.lt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
x-ab-layout
1
last-modified
Fri, 17 Sep 2021 07:11:45 GMT
server
nginx
age
1793171
etag
"2b-5cc2ba4e1fcf0-gzip"
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
content-type
image/gif
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
43
tgif
www.15min.lt/cached/ 		311 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.15min.lt/cached/tgif?c=3369135716&w=263&h=160
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
9429705ee7ac19daffe75663417f99ac21804e03e411cc16cce1d81571c485eb

Request headers

:path
/cached/tgif?c=3369135716&w=263&h=160
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.15min.lt
referer
https://www.15min.lt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
x-ab-layout
1
last-modified
Thu, 07 Oct 2021 21:00:00 GMT
server
nginx
age
64976
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
content-type
image/gif
x-ua-device
pc
cache-control
must-revalidate, public, s-maxage=172800
x-check
accept-ranges
bytes
content-length
311
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2813
date
Sat, 09 Oct 2021 10:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 09 Oct 2021 12:46:57 GMT
tgif
www.15min.lt/cached/ 		431 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.15min.lt/cached/tgif?c=2978182791&w=367&h=215
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
447ff5ca3608d1b7eab666dd8e40bed23b2e330d3610fe67fba8c4613eccc06f

Request headers

:path
/cached/tgif?c=2978182791&w=367&h=215
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.15min.lt
referer
https://www.15min.lt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
x-ab-layout
1
last-modified
Thu, 07 Oct 2021 21:00:00 GMT
server
nginx
age
64629
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
content-type
image/gif
x-ua-device
pc
cache-control
must-revalidate, public, s-maxage=172800
x-check
accept-ranges
bytes
content-length
431
xgemius.js
galt.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galt.hit.gemius.pl/xgemius.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx1.host.hit.gemius.pl
Software
GHC /
Resource Hash
0f94f262142bd783259bfd6292bd3f2691b725489e5c5aea82903dc1c4e75f17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 10:02:32 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Sat, 09 Oct 2021 23:33:50 GMT
gtm.js
www.googletagmanager.com/ 		130 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PRK8JB
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba6f5a0a159314a1abbc8faee2735474f3c01c9601fa882ec65034f74c0b06ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47340
x-xss-protection
0
last-modified
Sat, 09 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Oct 2021 11:33:50 GMT
icomoon.woff2
s1.15min.lt/assets/vendors/ico15min/dist/font/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/assets/vendors/ico15min/dist/font/icomoon.woff2?-1ji1co1629374953
Requested by
Host: s1.15min.lt
URL: https://s1.15min.lt/css/bundle/common-desktop-bundle.less.css?v=1631706450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.37 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-37.bnk.lt
Software
nginx /
Resource Hash
0bd01b8902f40985b3b1ab0d85daf64976ffa83ffc7669052afbe65557acede8

Request headers

Referer
https://s1.15min.lt/css/bundle/common-desktop-bundle.less.css?v=1631706450
Origin
https://www.15min.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:46:51 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:47:06 GMT
server
nginx
age
2158373
etag
"8bdc-5cbf32413b383-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
access-control-allow-origin
*
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
35832
weathericons-regular-webfont.woff2
s1.15min.lt/assets/vendors/weather-icons/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.15min.lt/assets/vendors/weather-icons/fonts/weathericons-regular-webfont.woff2
Requested by
Host: s1.15min.lt
URL: https://s1.15min.lt/css/bundle/common-desktop-bundle.less.css?v=1631706450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.37 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-37.bnk.lt
Software
nginx /
Resource Hash
2b5e92248722bbbe12208cccc7bc1ef098963cff6efd05c9d8364c3452ab7571

Request headers

Referer
https://s1.15min.lt/css/bundle/common-desktop-bundle.less.css?v=1631706450
Origin
https://www.15min.lt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:46:51 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 11:46:53 GMT
server
nginx
age
2158373
etag
"7b94-5cbf32348d7d6-gzip"
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
access-control-allow-origin
*
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
31659
tgif
www.15min.lt/cached/ 		78 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.15min.lt/cached/tgif?c=962167845&w=50&h=29
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
8982ed1069faef4d8c8b1570a1661e3ecef8eff2a40294e90a989b29d73ee6ad

Request headers

:path
/cached/tgif?c=962167845&w=50&h=29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.15min.lt
referer
https://www.15min.lt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
x-ab-layout
1
last-modified
Thu, 07 Oct 2021 21:00:00 GMT
server
nginx
age
65007
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
content-type
image/gif
x-ua-device
pc
cache-control
must-revalidate, public, s-maxage=172800
x-check
accept-ranges
bytes
content-length
78
tgif
www.15min.lt/cached/ 		171 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.15min.lt/cached/tgif?c=2678622143&w=155&h=79
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
adc001d72b213450bb3e0bc11bea2f3c5fc8cccf620743bee783a2060c079087

Request headers

:path
/cached/tgif?c=2678622143&w=155&h=79
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.15min.lt
referer
https://www.15min.lt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
x-ab-layout
1
last-modified
Thu, 07 Oct 2021 21:00:00 GMT
server
nginx
age
65035
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
content-type
image/gif
x-ua-device
pc
cache-control
must-revalidate, public, s-maxage=172800
x-check
accept-ranges
bytes
content-length
171
max-white.png
s1.15min.lt/assets/images/logos/cosites/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/assets/images/logos/cosites/max-white.png
Requested by
Host: s1.15min.lt
URL: https://s1.15min.lt/css/bundle/common-desktop-bundle.less.css?v=1631706450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
4b614d2c2e98f31c546f1ac9798324fef2c3bf67c09fbaa64d199ed501ce5411

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s1.15min.lt/css/bundle/common-desktop-bundle.less.css?v=1631706450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
last-modified
Fri, 01 Oct 2021 09:09:14 GMT
server
nginx
age
511347
etag
"1f39-5cd46eaca0ae0-gzip"
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/png
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
7993
js
www.google-analytics.com/gtm/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-N6XW7CC&cid=1916161465.1633779231
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7aa5652d6344b8ff282a4e9e2095c805fc4c6c7c44421efaca078f9d773e1eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38571
x-xss-protection
0
expires
Sat, 09 Oct 2021 11:33:50 GMT
pubads_impl_2021100401.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
7770fb287496ea4c36d2ac2f7ee6200008b73da0ec061c4d7e6d7a591df92fd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122419
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 08:37:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 11:33:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		108 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.15min.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b828d833aecc8d7bee66b56209385b8395bafea56128151f141a96e9cc945b3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Sat, 09 Oct 2021 11:33:50 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd5d1ae22dd0d690c61091557e59c0efe9f2b3055ad7d7b04c3c131d0b34aed6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
log.js
u.heatmap.it/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/log.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 19:07:08 GMT
content-encoding
br
last-modified
Mon, 22 Jun 2020 07:05:45 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
W/"5ef05849-6b2c"
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
max-age=604800
x-cdn-pop
sbg
accept-ranges
bytes
content-length
10533
x-request-id
425986
expires
Sun, 03 Oct 2021 20:07:10 GMT
cm.js
lisource.panel.kantartns.lt/cm/ 		51 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lisource.panel.kantartns.lt/cm/cm.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.62.138.182 Kaunas, Lithuania, ASN15440 (BALTNETA Customers AS, LT),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d5692a3deda60c363db176e08b284894dfa927137cd02ace4e27d2b38f16919

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
last-modified
Thu, 19 Sep 2019 07:41:30 GMT
server
nginx/1.13.0
etag
"5d83312a-cdf2"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
content-length
52722
expires
Fri, 20 Sep 2019 07:41:30 GMT
pic.gif
lijuke.panel.kantartns.lt/bug/ 		56 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lijuke.panel.kantartns.lt/bug/pic.gif?siteid=15min.lt&j=1&nocache=0.2393499104984642
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.62.138.182 Kaunas, Lithuania, ASN15440 (BALTNETA Customers AS, LT),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
-1
tgif
www.15min.lt/cached/ 		53 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.15min.lt/cached/tgif?c=2619142924&w=19&h=11
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
d9ef8925ebe0941cbecaf4a05ca95f6d1aafdd688f36827cd03728c9f2c045a9

Request headers

:path
/cached/tgif?c=2619142924&w=19&h=11
pragma
no-cache
cookie
_ga=GA1.2.1916161465.1633779231; _gid=GA1.2.1669294577.1633779231
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.15min.lt
referer
https://www.15min.lt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
x-ab-layout
1
last-modified
Thu, 07 Oct 2021 21:00:00 GMT
server
nginx
age
65052
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
content-type
image/gif
x-ua-device
pc
cache-control
must-revalidate, public, s-maxage=172800
x-check
accept-ranges
bytes
content-length
53
fpdata.js
galt.hit.gemius.pl/ 		277 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://galt.hit.gemius.pl/fpdata.js?href=www.15min.lt
Requested by
Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx1.host.hit.gemius.pl
Software
GHC /
Resource Hash
122ee0bdf233d4c892aa38676b513aa53f4b4dfa663bc8610e5060b3383608de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
277
expires
Mon, 08 Nov 2021 11:33:50 GMT
lsget.html
ls.hit.gemius.pl/ Frame D22A 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash
ecfe2e165ae96f6d0a80b40d7cd7e0d1b117df3c5b5932b33e4feb897840b011

Request headers

:method
GET
:authority
ls.hit.gemius.pl
:scheme
https
:path
/lsget.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
expires
Mon, 08 Nov 2021 11:33:50 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2715
content-encoding
gzip
tgif
www.15min.lt/cached/ 		43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.15min.lt/cached/tgif?c=1872561650&w=2&h=1
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
73e49ed2ec4f472e1c7c95c36a5358bd2764f256fcc9011ff7e28727eb6bdc73

Request headers

:path
/cached/tgif?c=1872561650&w=2&h=1
pragma
no-cache
cookie
_ga=GA1.2.1916161465.1633779231; _gid=GA1.2.1669294577.1633779231
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.15min.lt
referer
https://www.15min.lt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
x-ab-layout
1
last-modified
Thu, 07 Oct 2021 21:00:00 GMT
server
nginx
age
65080
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
content-type
image/gif
x-ua-device
pc
cache-control
must-revalidate, public, s-maxage=172800
x-check
accept-ranges
bytes
content-length
43
tgif
www.15min.lt/cached/ 		44 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.15min.lt/cached/tgif?c=3620324184&w=4&h=3
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
3e48d2c294f57cc0c3c88722200bb17a244f42ecf20b860888cd9625f0ae2c96

Request headers

:path
/cached/tgif?c=3620324184&w=4&h=3
pragma
no-cache
cookie
_ga=GA1.2.1916161465.1633779231; _gid=GA1.2.1669294577.1633779231
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.15min.lt
referer
https://www.15min.lt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:38 GMT
x-ab-layout
1
last-modified
Thu, 07 Oct 2021 21:00:00 GMT
server
nginx
age
65083
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
content-type
image/gif
x-ua-device
pc
cache-control
must-revalidate, public, s-maxage=172800
x-check
accept-ranges
bytes
content-length
44
collect
stats.g.doubleclick.net/j/ 		4 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-5421911-1&cid=1916161465.1633779231&jid=1183514337&gjid=1601842140&_gid=1669294577.1633779231&_u=aGDAgEADQAAAAE~&z=1461269661
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 09 Oct 2021 11:33:50 GMT
content-type
text/plain
access-control-allow-origin
https://www.15min.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=390788620&t=pageview&_s=1&dl=https%3A%2F%2Fwww.15min.lt%2F&ul=en-us&de=UTF-8&dt=15min%20naujienos%20%E2%80%93%20Suprasti%20akimirksniu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=1183514337&gjid=1601842140&cid=1916161465.1633779231&tid=UA-5421911-1&_gid=1669294577.1633779231&gtm=2wga60PRK8JB&cd1=GuestUser&z=1261531117
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 13:37:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78989
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.15min.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.15min.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		412 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1910339437015335&correlator=3728098284982782&output=ldjh&impl=fifs&eid=44749397%2C31062930&vrg=2021100401&ptt=17&sc=1&sfv=1-0-38&ecs=20211009&iu_parts=146733436%2C15min%2C15min_front%2C15min_front_1200x300%2C15min_front_300x300%2C15min_front_300x600_1%2C15min_front_300x600_2%2C15min_front_300x600_3%2Cproject_ad%2C15min_zinios%2C15min_zinios_300x600_bottom&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F8%2C%2F0%2F1%2F9%2F10&prev_iu_szs=320x50%7C728x90%7C880x250%7C880x300%7C930x180%7C950x90%7C960x90%7C970x66%7C970x90%7C970x250%7C980x90%7C980x120%7C980x200%7C1200x250%7C1200x300%7C1200x400%7C1200x500%2C320x50%7C1x1%7C300x250%7C300x300%7C300x600%7C300x700%7C300x800%7C300x900%2C320x50%7C300x900%7C300x600%7C300x250%2C320x50%7C300x600%2C320x50%7C160x600%7C300x600%2C320x50%7C300x250%7C300x600%2C320x50%7C1200x100%2C320x50%7C300x200%2C320x50%7C1200x250%2C320x50%7C300x300%2C320x50%7C1200x250%2C320x50%7C300x250%2C320x50%7C1200x250%2C320x50%7C300x200%2C320x50%7C1200x250%2C320x50%7C300x300%2C320x50%7C1200x150%7C1200x250%2C320x50%7C300x300%7C300x200%2C320x50%7C160x600%7C300x600&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight%2Cheight&prev_scp=%7C%7C%7C%7C%7Ckeyword%3Dmax_300x250%7Ckeyword%3Dkampas_zalias%7Ckeyword%3Dkampas_zalias%7Ckeyword%3Deurovaistine_kampas%7Ckeyword%3Deurovaistine_kampas%7Ckeyword%3Dcircle_kampas%7Ckeyword%3Dcircle_kampas%7Ckeyword%3Desportas_kampas_2%7Ckeyword%3Desportas_kampas_2%7Ckeyword%3Dif_kampas%7Ckeyword%3Dif_kampas%7Ckeyword%3Durban_kampas2%7Ckeyword%3Durban_kampas2%7C&eri=1&cust_params=route%3D_%26cosite%3Ddefault%26user%3Dquest%26mobile_environment%3D0%26tags%3Ddefault%252Ctemperature_positive%26app%3D0%26tipas%3D5&cookie_enabled=1&bc=31&abxe=1&lmt=1633779000&dt=1633779230834&dlt=1633779230425&idt=362&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C1100%2C1100%2C1100%2C1170%2C1100%2C200%2C1100%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=114%2C526%2C1349%2C2620%2C3235%2C3906%2C4778%2C4796%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=2634167003%2C3221894997%2C4133401772%2C1496882811%2C1040371775%2C3301974571%2C2081527670%2C1568859936%2C15590306%2C1542469975%2C3601008332%2C3908586137%2C439384446%2C2477890688%2C3901828673%2C2808442125%2C324025357%2C1044064714%2C2436819089&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci%7Cj&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.15min.lt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x300%7C300x1%7C300x1%7C300x600%7C300x1%7C300x1%7C1200x18%7C300x18%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1200x300%7C300x1%7C300x1%7C300x0%7C300x1%7C300x1%7C1200x1%7C300x1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1916161465.1633779231&ga_sid=1633779231&ga_hid=390788620&ga_fc=false&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
90b0f9be4b71d2eff69b1c86d2a0e932a7b1295dbc200e12d9e4da1944f18d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50762
x-xss-protection
0
google-lineitem-id
5107581079,5768399456,5803629771,4438986654,4438996061,5732068236,5601514253,5601514253,5801134051,5801134051,5778875962,5778875962,5737284193,5737284193,5777102822,5777102822,5797612278,5797612278,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138275040064,138302694484,138366326946,138212287030,138212287684,138358885902,138339884167,138339478446,138365735304,138365735307,138363141725,138363535546,138365268573,138365657821,138362786063,138362786066,138366316531,138366316738,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.15min.lt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
58895eb4f37174a5ac5a935d2763ba5c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D3F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58895eb4f37174a5ac5a935d2763ba5c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
58895eb4f37174a5ac5a935d2763ba5c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 09 Oct 2021 11:33:50 GMT
expires
Sun, 09 Oct 2022 11:33:50 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www.15min.lt.js
u.heatmap.it/conf/ 		43 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/conf/www.15min.lt.js
Requested by
Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
17c604e98240bd311d4bb7f32ffcd77a2e3bac55d2594c1c703fc8644d81cbab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:23 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
content-type
text/javascript;charset=UTF-8
cache-control
max-age=300
x-cdn-pop
sbg
accept-ranges
bytes
content-length
48
x-request-id
3769432
expires
Sat, 09 Oct 2021 11:38:23 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-5421911-1&cid=1916161465.1633779231&jid=1183514337&_u=aGDAgEADQAAAAE~&z=273276720
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-5421911-1&cid=1916161465.1633779231&jid=1183514337&_u=aGDAgEADQAAAAE~&z=273276720
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
15min.js
freep.bite.lt/ 		1 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://freep.bite.lt/15min.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.226.139.106 Riga, Latvia, ASN13194 (BITE Bite IP Network, LT),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 11:33:51 GMT
Last-Modified
Sat, 07 Mar 2015 18:46:41 GMT
Server
nginx
ETag
"54fb4791-1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1119
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
69b74be128854e08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 12 Oct 2021 11:33:50 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.2.2/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.2/firebase-app.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dadfe4e91e73ab90896138ee443d45aad1bcb0e3de72aaeab3020f1f25a1c4af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 07:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6546
x-xss-protection
0
last-modified
Thu, 07 Jan 2021 21:51:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="firebase-js"
expires
Fri, 07 Oct 2022 07:04:10 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/8.2.2/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.2/firebase-analytics.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2148022def76b9fb894dda29d0fe31651e0492d59a87b3de6fad4ec69ae0a9be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 11:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
516979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Thu, 07 Jan 2021 21:51:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="firebase-js"
expires
Mon, 03 Oct 2022 11:57:31 GMT
firebase-performance.js
www.gstatic.com/firebasejs/8.2.2/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.2/firebase-performance.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78076bcbc195fc3004fd66ff4cf1a5838d1a2e5263d953775cd4db547369d542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 18:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11637
x-xss-protection
0
last-modified
Thu, 07 Jan 2021 21:51:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="firebase-js"
expires
Tue, 04 Oct 2022 18:16:07 GMT
rexdot.js
galt.hit.gemius.pl/__/_1633779230904/
Redirect Chain
  • https://galt.hit.gemius.pl/_1633779230904/rexdot.js?l=100&id=okrg7bcAowle1DyYXQ64UsWmzds1Pacw_D8MFWTOr5f.l7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.15min.l...
  • https://galt.hit.gemius.pl/__/_1633779230904/rexdot.js?l=100&id=okrg7bcAowle1DyYXQ64UsWmzds1Pacw_D8MFWTOr5f.l7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.15mi...
167 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://galt.hit.gemius.pl/__/_1633779230904/rexdot.js?l=100&id=okrg7bcAowle1DyYXQ64UsWmzds1Pacw_D8MFWTOr5f.l7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.15min.lt%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=199&lsdata=47vFZ8F2_VDmNOrIbY_upmqnfsubiDM.LPw2FlOg6tD.A7r1cuzh1VW8MXXmIGtvb0Pnf2B5vNqcP0IkG6YpzrS7wpHp/4zGr4ULauoWT8/&fpdata=3hEbwBfXm0ztUqG7R8kh9zKa1Z5uwwI5PvOtLytxsTf.F7&vis=1&fpcap=
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx1.host.hit.gemius.pl
Software
GHC /
Resource Hash
af56215f2636f597c7feb1b44fe6827d015b2a9fd74afe91bea2eff6ef9cabac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:50 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
167
expires
Fri, 08 Oct 2021 11:33:50 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:50 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1633779230904/rexdot.js?l=100&id=okrg7bcAowle1DyYXQ64UsWmzds1Pacw_D8MFWTOr5f.l7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.15min.lt%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=199&lsdata=47vFZ8F2_VDmNOrIbY_upmqnfsubiDM.LPw2FlOg6tD.A7r1cuzh1VW8MXXmIGtvb0Pnf2B5vNqcP0IkG6YpzrS7wpHp/4zGr4ULauoWT8/&fpdata=3hEbwBfXm0ztUqG7R8kh9zKa1Z5uwwI5PvOtLytxsTf.F7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 08 Oct 2021 11:33:50 GMT
pv
eu4.heatmap.it/log/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu4.heatmap.it/log/pv?pid=87427&u=https%3A%2F%2Fwww.15min.lt%2F&tpl=.&pt=15min%20naujienos%20%E2%80%93%20Suprasti%20akimirksniu&t=259558
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.202.80.197 , France, ASN16276 (OVH, FR),
Reverse DNS
eu4.heatmap.it
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 11:33:51 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sat, 09 Oct 2021 11:33:50 GMT
cds.js
lijuke.panel.kantartns.lt/viewability/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lijuke.panel.kantartns.lt/viewability/cds.js
Requested by
Host: lisource.panel.kantartns.lt
URL: https://lisource.panel.kantartns.lt/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.62.138.182 Kaunas, Lithuania, ASN15440 (BALTNETA Customers AS, LT),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:50 GMT
last-modified
Mon, 08 Oct 2018 13:39:21 GMT
server
nginx/1.13.0
accept-ranges
bytes
etag
"5bbb5e09-9c3"
content-length
2499
content-type
application/javascript; charset=utf-8
cm.html
lijuke.panel.kantartns.lt/viewability/ Frame B607 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lijuke.panel.kantartns.lt/viewability/cm.html
Requested by
Host: lijuke.panel.kantartns.lt
URL: https://lijuke.panel.kantartns.lt/viewability/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.62.138.182 Kaunas, Lithuania, ASN15440 (BALTNETA Customers AS, LT),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
baaeffa2122732851a41ef5026d0ddba838815504eddac190408247f46201325

Request headers

:method
GET
:authority
lijuke.panel.kantartns.lt
:scheme
https
:path
/viewability/cm.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

server
nginx/1.13.0
date
Sat, 09 Oct 2021 11:33:50 GMT
content-type
text/html; charset=utf-8
last-modified
Tue, 23 Oct 2018 10:46:56 GMT
etag
W/"5bcefc20-b3b"
content-encoding
gzip
collect
www.google-analytics.com/j/ 		4 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=390788620&t=event&_s=1&dl=https%3A%2F%2Fwww.15min.lt%2F&ul=en-us&de=UTF-8&dt=15min%20naujienos%20%E2%80%93%20Suprasti%20akimirksniu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=GDPR_popup&ea=show_bottom_line&_u=aGDAAEADQAAAAG~&jid=899653528&gjid=1776569586&cid=1916161465.1633779231&tid=UA-5421911-1&_gid=1669294577.1633779231&_r=1&_slc=1&z=1297844361
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.15min.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ce00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:16:00 GMT
content-encoding
gzip
age
1071
x-edge-origin-shield-skipped
0
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
last-modified
Fri, 09 Jul 2021 00:11:37 GMT
server
nginx
etag
W/"60e79439-8e96"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
plwoaF9XY4soMSHh1wQjOPtfU7M1AbttMq-7Qhhuu__68gUzTgij8A==
expires
Sat, 09 Oct 2021 13:16:00 GMT
subscriptions.js
static.chartbeat.com/js/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/subscriptions.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ce00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bfee3aaae52a8e772c619f79150bb21d5e6ece8a846b966b3bd283a4a7f4ed6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:14:00 GMT
content-encoding
gzip
age
1191
x-edge-origin-shield-skipped
0
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
last-modified
Thu, 06 May 2021 23:57:21 GMT
server
nginx
etag
W/"60948261-7e73"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
TvLzfEWJSTbt0Lzx5FR6qaCxoeUcM9cdpmgUbDSor6Gt6ShFbvE38Q==
expires
Sat, 09 Oct 2021 13:14:00 GMT
DFPAudiencePixel;ord=3103083312007.4
pubads.g.doubleclick.net/activity;dc_iu=/146733436/ 		42 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/146733436/DFPAudiencePixel;ord=3103083312007.4?
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25967
x-xss-protection
0
pragma
public
x-fb-debug
6UkKVHKqPB6O2N2UEkZA+r30sSsWl+zf2bP72IO4CDAv+elmX8B//P+KLmd0cYtHcEZGik2oRyh3IdY6TvYZiw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sat, 09 Oct 2021 11:33:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.2/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
471184ddd371386769de7a1975793bd18f6011145002f133ed49dac692a6ac78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33152
x-xss-protection
0
last-modified
Sat, 09 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Oct 2021 11:33:51 GMT
streams_now
www.15min.lt/ajax/video/ 		5 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.15min.lt/ajax/video/streams_now?cachable=1
Requested by
Host: s1.15min.lt
URL: https://s1.15min.lt/js/common-desktop-bundle.js?v=1626429785
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1916161465.1633779231; _gid=GA1.2.1669294577.1633779231; _dc_gtm_UA-5421911-1=1; __gfp_64b=3hEbwBfXm0ztUqG7R8kh9zKa1Z5uwwI5PvOtLytxsTf.F7|1633779230; _gat=1
:path
/ajax/video/streams_now?cachable=1
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.15min.lt
referer
https://www.15min.lt/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.15min.lt/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:39 GMT
x-ab-layout
1
server
nginx
age
14
vary
X-UA-Device, X-Requested-With, X-Forwarded-Proto, X-AB-Layout
content-type
application/json
x-ua-device
pc
cache-control
must-revalidate, public, s-maxage=60
x-check
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
5
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
15
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
69b74be41eab4e08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 12 Oct 2021 11:33:51 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-5421911-1&cid=1916161465.1633779231&jid=899653528&gjid=1776569586&_gid=1669294577.1633779231&_u=aGDAAEADQAAAAG~&z=1190844980
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 09 Oct 2021 11:33:51 GMT
content-type
text/plain
access-control-allow-origin
https://www.15min.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:293477739774:web:a412c8d9befb64b13409af/ 		259 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:293477739774:web:a412c8d9befb64b13409af/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.2/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
daef822edf3324a75278a9e5899198cf93fb8592bacae514afdf3b3b7837cd79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://www.15min.lt/
x-goog-api-key
AIzaSyDiylwOD5bR1z5296j8cRgxbsDu3gQD8y0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.15min.lt
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
189
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:293477739774:web:a412c8d9befb64b13409af/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:293477739774:web:a412c8d9befb64b13409af/webConfig
Protocol
H2
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-goog-api-key
Origin
https://www.15min.lt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.15min.lt
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
x-goog-api-key
access-control-max-age
3600
date
Sat, 09 Oct 2021 11:33:51 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
PageStatEntry
lisslpagestat.panel.kantartns.lt/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lisslpagestat.panel.kantartns.lt/pagestat/PageStatEntry?cookie=4D5886B6594E47DA856584E37054D328&time=1633779230967&location=https%3A%2F%2Fwww.15min.lt%2F&referrer=&is_flash=0&session_id=628310589&version=3.5.327_lt/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=1&vt=d
Requested by
Host: lisource.panel.kantartns.lt
URL: https://lisource.panel.kantartns.lt/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.62.138.182 Kaunas, Lithuania, ASN15440 (BALTNETA Customers AS, LT),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Oct 2021 11:33:51 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
pic.gif
lijuke.panel.kantartns.lt/bug/ 		56 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lijuke.panel.kantartns.lt/bug/pic.gif?uid=4D5886B6594E47DA856584E37054D328&time=1633779231078
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.62.138.182 Kaunas, Lithuania, ASN15440 (BALTNETA Customers AS, LT),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
Thu, 01 Jan 1970 00:00:00 GMT
401400737151807
connect.facebook.net/signals/config/ 		490 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/401400737151807?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8f15ec34423cfe92f0432dd6adf4221419ffaabd1c5373b19816bf58c4677c78
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
146870
x-xss-protection
0
pragma
public
x-fb-debug
xXUMvZh4fgGhAe4apImcHP/HQ9RUAsn95cW3z5ubJsyxvQYwTkOXY9ER6BfASUM4Tp95vuHDa37kNP8mvyVjzg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 09 Oct 2021 11:33:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
installations
firebaseinstallations.googleapis.com/v1/projects/fifteenminlt/ 		576 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/fifteenminlt/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/8.2.2/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ef645c24732e65b85d93111f79bdc80a3bb0bf25dec36a63654a7c08ecff1d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://www.15min.lt/
x-goog-api-key
AIzaSyDiylwOD5bR1z5296j8cRgxbsDu3gQD8y0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.15min.lt
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
451
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/fifteenminlt/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/fifteenminlt/installations
Protocol
H2
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-goog-api-key
Origin
https://www.15min.lt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.15min.lt
vary
origin referer x-origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-type,x-goog-api-key
access-control-max-age
3600
date
Sat, 09 Oct 2021 11:33:51 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
reval-baldai-imone-614778d7b1749.jpg
s1.15min.lt/static/cache/NDAweDI2MCwsOTU4NDA4LG9yaWdpbmFsLCxpZD02MTUxMzUyJmRhdGU9MjAyMSUyRjA5JTJGMTksMjI5NzQ3NjU3MA==/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/static/cache/NDAweDI2MCwsOTU4NDA4LG9yaWdpbmFsLCxpZD02MTUxMzUyJmRhdGU9MjAyMSUyRjA5JTJGMTksMjI5NzQ3NjU3MA==/reval-baldai-imone-614778d7b1749.jpg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
daee85e32a87cc50e0e8421a30dbbf52ead3d81712e1e537520959ddf872d178

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:39 GMT
content-encoding
gzip
last-modified
Sat, 09 Oct 2021 10:58:54 GMT
server
nginx
age
2096
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/jpeg
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
45258
expires
Mon, 11 Oct 2021 10:58:54 GMT
kursenu-dvaras-615ecdc42f39f.jpg
s1.15min.lt/static/cache/NDAweDI2MCwxMTEweDcyNyw2MTY2NTMsb3JpZ2luYWwsLGlkPTYxODE2MjYmZGF0ZT0yMDIxJTJGMTAlMkYwNywyNjkyNDIxODQ4/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/static/cache/NDAweDI2MCwxMTEweDcyNyw2MTY2NTMsb3JpZ2luYWwsLGlkPTYxODE2MjYmZGF0ZT0yMDIxJTJGMTAlMkYwNywyNjkyNDIxODQ4/kursenu-dvaras-615ecdc42f39f.jpg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
6334f6595917e21b820d03f75bfb5281da3ed6a174aa1feab44ad79c47032aba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:39 GMT
content-encoding
gzip
last-modified
Sat, 09 Oct 2021 10:58:54 GMT
server
nginx
age
2096
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/jpeg
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
44459
expires
Mon, 11 Oct 2021 10:58:54 GMT
senjore-6006c8abb828d.jpg
s1.15min.lt/static/cache/MjUweDE1MCw5MjV4NTUwLDYyMzYzMCxvcmlnaW5hbCwsaWQ9NTc1ODA1OCZkYXRlPTIwMjElMkYwMSUyRjE5LDE1MzYzMjY0NDQ=/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/static/cache/MjUweDE1MCw5MjV4NTUwLDYyMzYzMCxvcmlnaW5hbCwsaWQ9NTc1ODA1OCZkYXRlPTIwMjElMkYwMSUyRjE5LDE1MzYzMjY0NDQ=/senjore-6006c8abb828d.jpg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
e3faa5520ae3c9b0232ec894f887206e19af6921b0192ad4d042e91622f4596f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:39 GMT
content-encoding
gzip
last-modified
Sat, 09 Oct 2021 11:02:28 GMT
server
nginx
age
1883
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/jpeg
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
10005
expires
Mon, 11 Oct 2021 11:02:28 GMT
karolio-dumine-pirtis-61269ac5b7ad1.jpg
s1.15min.lt/static/cache/MjUweDE1MCwsNjE2MzQ0LG9yaWdpbmFsLCxpZD02MTA3NzEyJmRhdGU9MjAyMSUyRjA4JTJGMjUsMjI0NDg4NjI3MQ==/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/static/cache/MjUweDE1MCwsNjE2MzQ0LG9yaWdpbmFsLCxpZD02MTA3NzEyJmRhdGU9MjAyMSUyRjA4JTJGMjUsMjI0NDg4NjI3MQ==/karolio-dumine-pirtis-61269ac5b7ad1.jpg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
8e3628fa21609d1f2ff3949fb52fad421d7800f25a69f7904021b750ad5aeb50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:39 GMT
content-encoding
gzip
last-modified
Sat, 09 Oct 2021 10:58:54 GMT
server
nginx
age
2096
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/jpeg
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
13611
expires
Mon, 11 Oct 2021 10:58:54 GMT
apniukusi-diena-vilniuje-5f7f17d686694.jpg
s1.15min.lt/static/cache/MjUweDE1MCwsNzIxODg4LG9yaWdpbmFsLCxpZD01NTk3ODYyJmRhdGU9MjAyMCUyRjEwJTJGMDgsNDA2MDk3NzU1MA==/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/static/cache/MjUweDE1MCwsNzIxODg4LG9yaWdpbmFsLCxpZD01NTk3ODYyJmRhdGU9MjAyMCUyRjEwJTJGMDgsNDA2MDk3NzU1MA==/apniukusi-diena-vilniuje-5f7f17d686694.jpg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
5773e8fc7a83b45255b8464df63020be618800f1fa39cfd0ea6ffd10e3822ad8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:39 GMT
content-encoding
gzip
last-modified
Sat, 09 Oct 2021 06:32:04 GMT
server
nginx
age
18107
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/jpeg
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
14015
expires
Mon, 11 Oct 2021 06:32:04 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.15min.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.15min.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1910339437015335&correlator=3728098284982782&output=ldjh&impl=fifs&eid=44749397%2C31062930&vrg=2021100401&ptt=17&sc=1&sfv=1-0-38&ecs=20211009&iu_parts=146733436%2C15min%2C15min_front%2C15min_front_1200x300_2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=930x180%7C950x90%7C960x90%7C970x66%7C970x90%7C970x250%7C970x400%7C980x90%7C980x200%7C1200x250%7C1200x300%7C1200x400%7C1200x500&eri=1&cust_params=route%3D_%26cosite%3Ddefault%26user%3Dquest%26mobile_environment%3D0%26tags%3Ddefault%252Ctemperature_positive%26app%3D0%26tipas%3D5&cookie_enabled=1&bc=31&abxe=1&lmt=1633779000&dt=1633779231117&dlt=1633779230425&idt=362&frm=20&biw=1600&bih=1200&oid=2&adxs=335&adys=1314&adks=3043397444&ucis=k&ifi=20&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.15min.lt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x19&msz=1200x1&ga_vid=1916161465.1633779231&ga_sid=1633779231&ga_hid=390788620&ga_fc=false&fws=0&ohw=0&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
85a9d7e190de46cbabfdae119e224fc42a56c46db7751724ff783e1921c11722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29429
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.15min.lt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=401400737151807&ev=PageView&dl=https%3A%2F%2Fwww.15min.lt%2F&rl=&if=false&ts=1633779231146&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633779231144.1232750554&it=1633779231084&coo=false&exp=p0&rqm=GET
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 09 Oct 2021 11:33:51 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=15min.lt&p=%2F&u=BIsErFCiXEIwGzzQz&d=15min.lt&g=54232&g0=default&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=46021&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=976&t=BP16VQBKKugXDSH9LHCjBlE6BDUZrJ&V=128&i=15min%20naujienos%20%E2%80%93%20Suprasti%20akimirksniu&tz=0&sn=1&sv=DNxH0kDEI4Eob57zcD8RM8kjP9l2&sd=1&im=067b2fff&_
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.149.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-149-82.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:51 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
paulius-motiejunas-ir-karolina-sklenyte-61615a9e13d81.jpg
s1.15min.lt/static/cache/NDAweDI2MCw5MzR4MzE3LDEwNTk4MjQsb3JpZ2luYWwsLGlkPTYxODQ5NDgmZGF0ZT0yMDIxJTJGMTAlMkYwOSw5Nzk3MjUzNjg=/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/static/cache/NDAweDI2MCw5MzR4MzE3LDEwNTk4MjQsb3JpZ2luYWwsLGlkPTYxODQ5NDgmZGF0ZT0yMDIxJTJGMTAlMkYwOSw5Nzk3MjUzNjg=/paulius-motiejunas-ir-karolina-sklenyte-61615a9e13d81.jpg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
e13e25d28a342962cdfeb5d8e128d34edf89bc5e7af3fc13297b71adfef5f164

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:39 GMT
content-encoding
gzip
last-modified
Sat, 09 Oct 2021 09:20:16 GMT
server
nginx
age
8014
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/jpeg
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
27969
expires
Mon, 11 Oct 2021 09:20:16 GMT
pietusudanas_ep4-616024d7c54be.jpg
s1.15min.lt/static/cache/NDAweDI2MCwsMTA2OTc1MCxvcmlnaW5hbCwsaWQ9NjE4MzcwMCZkYXRlPTIwMjElMkYxMCUyRjA4LDcxNzUyODU5OQ==/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.15min.lt/static/cache/NDAweDI2MCwsMTA2OTc1MCxvcmlnaW5hbCwsaWQ9NjE4MzcwMCZkYXRlPTIwMjElMkYxMCUyRjA4LDcxNzUyODU5OQ==/pietusudanas_ep4-616024d7c54be.jpg
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.11.24.36 , Lithuania, ASN61091 (PLIUS-AS, LT),
Reverse DNS
ip-185-11-24-36.bnk.lt
Software
nginx /
Resource Hash
96f6bb3683462d85a7f75abdc91baa711c716f1f21178a71cb3f86585cc3c4ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:50:39 GMT
content-encoding
gzip
last-modified
Sat, 09 Oct 2021 08:02:30 GMT
server
nginx
age
12681
vary
Accept-Encoding, X-UA-Device, X-Requested-With, X-Forwarded-Proto
content-type
image/jpeg
x-ua-device
pc
cache-control
public, max-age=2592000
x-check
accept-ranges
bytes
content-length
45417
expires
Mon, 11 Oct 2021 08:02:30 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-5421911-1&cid=1916161465.1633779231&jid=899653528&_u=aGDAAEADQAAAAG~&z=415851887
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-5421911-1&cid=1916161465.1633779231&jid=899653528&_u=aGDAAEADQAAAAG~&z=415851887
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/1b750d81-beed-426f-97a9-062d2e7adf27/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/1b750d81-beed-426f-97a9-062d2e7adf27/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a623f896b707d8e75760ff6b570850b56d1a359f4230bfa70a5ebd03bc0579c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
599
cf-polished
origSize=6379
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5e338586-0d86-44f4-8111-04474a9486f0
x-runtime
0.030486
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"712e4c16ad4ec6bef812e3461919a5bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
69b74be47f554e08-FRA
access-control-allow-headers
SDK-Version
expires
Sat, 09 Oct 2021 12:33:51 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1117
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
69b74be68b694e08-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 12 Oct 2021 11:33:51 GMT
js
www.googletagmanager.com/gtag/ 		104 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQSG19L01Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f84baca24d9f94c61750248038b068218da1300bd7cd2683005692e87760cb8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42630
x-xss-protection
0
expires
Sat, 09 Oct 2021 11:33:51 GMT
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW11enfJ9b6ai-uGW6qHngxL-f653vToWsfAkknYmdIckeRcPkJuWsC7pOCQQAQHlqnNHr68-pwmwjoT03s8yeyGSUuaLgZ5ZvmdCVgnfCAqVT5UOgJAa5BNBuP7_lDwC6P97zo1vQG6xjJ6aeH4SfuyjYKF9J1G73GadSXFAtDyQuB5WpswSTiFh-TU9MYrwlr29AoA_H3dlL0hhIrnSy15V0-4hJn_m-pPd4pkuKRNOtpvOj7u6HnOy9kAmX8T8QXndBbWx7A-mRWLY-8UD5xCjwM623GMr82VIUmJwt7aqZeQqbqOSwkKU_BlJkIrTsgp4uPjMJmiToZlcyCfPL&sai=AMfl-YSKnaKKPWZVpg0I-h8uuqREGgkeG2tUX3sadjDu4waSLW5780QNYwubJlm24DswwPTZKpm1henM57WHERTYEfvhTYaO1J1LgCfTBILPdd9HKwtdcLlMTrGJyUhagE_Y&sig=Cg0ArKJSzC00O5GK_aFcEAE&urlfix=1&adurl=
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 09 Oct 2021 11:33:51 GMT
aomini.js
lv.adocean.pl/files/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lv.adocean.pl/files/js/aomini.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.137 , France, ASN16276 (OVH, FR),
Reverse DNS
ip137.ip-54-38-133.eu
Software
GAD /
Resource Hash
c9d355e1a65a6bb97cd4af5a0fe10a9e0169fd568cd00a0f35a2bd82e8c4bb80

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
gzip
last-modified
Tue, 05 Oct 2021 10:42:25 GMT
server
GAD
etag
"00001E15458726DB"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
public, must-revalidate, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-type
application/x-javascript
content-length
2986
expires
Sun, 10 Oct 2021 11:33:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547226118934"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Oct 2021 11:33:51 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VQSG19L01Y&gtm=2oea60&_p=390788620&sr=1600x1200&ul=en-us&_fid=cWQjavEP1TGAMx2dJ9jP3V&cid=1916161465.1633779231&_s=1&dl=https%3A%2F%2Fwww.15min.lt%2F&dt=&sid=1633779231&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.origin=firebase
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VQSG19L01Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.15min.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad.js
lv.adocean.pl/__/_1633779231/
Redirect Chain
  • https://lv.adocean.pl/_1633779231614/ad.js?id=QQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7/x=1600/y=1200
  • https://lv.adocean.pl/__/_1633779231614/ad.js?id=QQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7/x=1600/y=1200
  • https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1633779231%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DQQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7%2Fx...
  • https://lv.adocean.pl/__/_1633779231/ad.js?hclsdata=4UMadFafd53v5aYsVNYQgESbyjHCVxmMdBlY_MhIk9n..7&hcudata=4DcabeODd56ebJtI_xpBISSN_2jywl0pCfMyQaxUpzT.M7&id=QQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethy...
59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lv.adocean.pl/__/_1633779231/ad.js?hclsdata=4UMadFafd53v5aYsVNYQgESbyjHCVxmMdBlY_MhIk9n..7&hcudata=4DcabeODd56ebJtI_xpBISSN_2jywl0pCfMyQaxUpzT.M7&id=QQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7/x=1600/y=1200
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.137 , France, ASN16276 (OVH, FR),
Reverse DNS
ip137.ip-54-38-133.eu
Software
GAD /
Resource Hash
01e91ac266aa69aeb06f4264cba1a37ad8013132aefae84ce828735dc0f8acd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
gzip
server
GAD
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
18078
expires
Fri, 08 Oct 2021 11:33:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:51 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://lv.adocean.pl/__/_1633779231/ad.js?hclsdata=4UMadFafd53v5aYsVNYQgESbyjHCVxmMdBlY_MhIk9n..7&hcudata=4DcabeODd56ebJtI_xpBISSN_2jywl0pCfMyQaxUpzT.M7&id=QQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7/x=1600/y=1200
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 08 Oct 2021 11:33:51 GMT
extra=;
adlv.hit.gemius.pl/_1633779231943/redot.js/id=d12V749Y5V2yY_4iMkyQsXa4fUoBWPuJN_1Hn7Mgy5P.v7/stparam=llnkqrrnxr/fastid=fzlukhxkpegwnbfwitdmgixsvemj/sarg=61617E1F3AD3C272/ 		2 B
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/_1633779231943/redot.js/id=d12V749Y5V2yY_4iMkyQsXa4fUoBWPuJN_1Hn7Mgy5P.v7/stparam=llnkqrrnxr/fastid=fzlukhxkpegwnbfwitdmgixsvemj/sarg=61617E1F3AD3C272/extra=;
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.77.53.76 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
ns31075284.ip-51-77-53.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:51 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin
https://www.15min.lt
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
2
expires
Fri, 08 Oct 2021 11:33:51 GMT
gms234.gif
eu.ck-ie.com/ 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.ck-ie.com/gms234.gif?gdpr=0&gdpr_consent=&us_privacy=&coppa=&redirect=https%3A%2F%2Flv%2Eadocean%2Epl%2Fad%2Ejs%3Fid%3DfaVAMcMbhzAQLfb6BQ%5F1QpDUAwJXa1HAuU75agXTsx%2E%2EC7%26index%3D1921%26userid%3D%3CSMARTYADS%5FUSER%5FID%3E
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.148.200.7 , Czech Republic, ASN56965 (GOTHAMADS-AS, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 09 Oct 2021 11:33:51 GMT
Content-Type
text/plain
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXw0Hs6wa_qwaZxuRhLxHzds8_I3wpXcr1_QpwVFxgjpPFzAWRxlo-Mm34bbqx4SaUXF17AKN6FQfKHvilw68CYfG1AjviskTCIBIWp8XAVLUNIYRyp6efLM-Y5QjGQ8ib4ivVNM7bmc4JYOdhgAEevEVIoN6norDoL3Z1O-I-DoltNE9f5_p7XWA0Aw4Fgz9j5mLhi-JD_Y5ItUTy-nJkWIw44gubbkwA6isyuSNiKAoLWNrcML7zr6_WryJMlnyCu8Ce_dnNii923UUJ_LTBSBRMcUO7abETVHYwmvHE69FP6wR-64utA9mBwla2CtSBbZZuThooNJgE0y8TDAWmKkI&sai=AMfl-YTRmhSk7lVYbq1U6GCzuO-QNCt8U7MTIg8jI6k2D4iMwlHqj6-jOjj8I-pBSu8AMWuW1IZAxEnWpZlWHtao5vsHK-sWSVbtJ7YI_KWImdj1lYVPDNDDvte_vicQulTz&sig=Cg0ArKJSzNCVM_7vY5XGEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sat, 09 Oct 2021 11:33:51 GMT
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89ea14bfd3e2d637476fb50a7fe36481f8e09876451449a248adb37f889e5951

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
stpd201221.js
stpd.cloud/assets/postbid/ Frame 71B9 		461 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f24b3c21a64c5e2ce7297d6506281c93de63f2307b4f098d6f3b9092c7fe5ff3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
mNeKIrOnpYVBPh7ZR8r36g==
age
1728
x-ms-lease-status
unlocked
last-modified
Fri, 08 Oct 2021 11:03:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3i4Ext7oCc8HEdX%2BYQfdJHjzKxbzw6byD%2FlCU%2F4o6ipIPvSzexs4BgA57wRNpIl%2Beamv71u1r4iXS9WQplurfJFHe%2BXK0bUuLd0EpHFAtK%2F8b1rqi4yCby8Q3wJZ%2BizC5TSBYooh%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-ms-request-id
93f848d6-001e-001c-0534-bcadf7000000
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
69b74be80a144d89-FRA
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.15min.lt%2F&domain=www.15min.lt&cw=1&lsw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.15min.lt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.15min.lt
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1413
date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
gzip
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ Frame 71B9 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding
gzip
etag
e2b905aea413c4d7479fb2bb9cbc6c65
age
875
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
server
Server
x-amz-rid
15VHF9DCVYG9SG4V6AFP
date
Sat, 09 Oct 2021 11:19:19 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
enkaUULV1j-f7rM6iWoHwz-ZX2u4x1pIeOaJQ_C8Q_J3yZad3h0jkQ==
localstore.js
script.4dex.io/ Frame 71B9 		483 B
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2719
content-type
application/javascript
x-amz-request-id
tx4156f9f298ad4ef289067-006156c982
x-amz-id-2
tx4156f9f298ad4ef289067-006156c982
last-modified
Fri, 01 Oct 2021 08:34:21 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1cBSTmujKPltTg4qieWMilkZLm%2BKoTorINgeg%2BabUSnF%2B9btX%2FCoAX2VXUUD3y42uLSc3UaJKon%2BUu8jHsBaKSsZZfOso1BYFWhENH0m%2FIh3gEGUJYSJts5YY9Tr3%2Fsmy8eumrcr1f298K8"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1633077261838806
cache-control
public, max-age=1800
cf-ray
69b74be8ae3e2c52-FRA
expires
Sat, 09 Oct 2021 12:03:52 GMT
sid
mug.criteo.com/ Frame 71B9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.15min.lt%2F&domain=www.15min.lt&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=YkaP43xBZUNtaG56U2huSXlNZms2WmkyRzdaeitUR1BFY2lRZHR5V1RwWVc5UUQ2STQrL3Z2OVg1RGwycDlzNWovMk1DUFRYem1xNVhPaEVieGpPRmF0Z24wMCtJSzVURjNEMW90dHE1dUlmUVZDWmFTUnNMVHVRN1NLej...
336 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YkaP43xBZUNtaG56U2huSXlNZms2WmkyRzdaeitUR1BFY2lRZHR5V1RwWVc5UUQ2STQrL3Z2OVg1RGwycDlzNWovMk1DUFRYem1xNVhPaEVieGpPRmF0Z24wMCtJSzVURjNEMW90dHE1dUlmUVZDWmFTUnNMVHVRN1NLejVKRFlIVmNNOUJoQ1RmNEx5Q1JxYklMcUNmUUlvcVBhdzR5REIyMjUxdEZKQXhuOW1yWm1qWmc0UGhmYUFBZnJIVmdKUEkyVnpHeTFPam1hMXhTY2RpTUF6eVJGQTRGY0R1VlM2aU8yak0wZ1U3b2VqTW13PXw&cppv=2
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2edc12a3e29f1297d40619b275897f03be619a0ec6f64040cad5fce161540508
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 09 Oct 2021 11:33:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2509
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 09 Oct 2021 11:33:51 GMT
location
https://mug.criteo.com/sid?cpp=YkaP43xBZUNtaG56U2huSXlNZms2WmkyRzdaeitUR1BFY2lRZHR5V1RwWVc5UUQ2STQrL3Z2OVg1RGwycDlzNWovMk1DUFRYem1xNVhPaEVieGpPRmF0Z24wMCtJSzVURjNEMW90dHE1dUlmUVZDWmFTUnNMVHVRN1NLejVKRFlIVmNNOUJoQ1RmNEx5Q1JxYklMcUNmUUlvcVBhdzR5REIyMjUxdEZKQXhuOW1yWm1qWmc0UGhmYUFBZnJIVmdKUEkyVnpHeTFPam1hMXhTY2RpTUF6eVJGQTRGY0R1VlM2aU8yak0wZ1U3b2VqTW13PXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.15min.lt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1807
content-length
482
expires
0
481.json
id5-sync.com/g/v2/ Frame 71B9 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.34.104 , France, ASN16276 (OVH, FR),
Reverse DNS
p33.id5-sync.com
Software
/
Resource Hash
3399cbe623a9ee3ace6278f061b6fa1245b95de960573ad49f41baa073b4a608
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.15min.lt
Date
Sat, 09 Oct 2021 11:33:47 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame 71B9 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b6af8a6327b2ffc27912f67be0eb5cadd7cae15105f78d3cfb34e7a8cad0588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1010 / 639 of 1000 / last-modified: 1633731165"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26943
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 11:33:52 GMT
usync.html
eus.rubiconproject.com/ Frame 8D24
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.15min.lt/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Oct 2021 11:33:52 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date
Sat, 09 Oct 2021 11:33:52 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
redot.js
galt.hit.gemius.pl/_1633779232096/ 		2 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://galt.hit.gemius.pl/_1633779232096/redot.js?l=109&id=okrg7bcAowle1DyYXQ64UsWmzds1Pacw_D8MFWTOr5f.l7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1633779230&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.15min.lt%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=199&lsdata=47vFZ8F2_VDmNOrIbY_upmqnfsubiDM.LPw2FlOg6tD.A7r1cuzh1VW8MXXmIGtvb0Pnf2B5vNqcP0IkG6YpzrS7wpHp/4zGr4ULauoWT8/&fpdata=3hEbwBfXm0ztUqG7R8kh9zKa1Z5uwwI5PvOtLytxsTf.F7&vis=1&fpcap=
Requested by
Host: galt.hit.gemius.pl
URL: https://galt.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
79.137.68.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ltx1.host.hit.gemius.pl
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:52 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
2
expires
Fri, 08 Oct 2021 11:33:52 GMT
adagio.js
script.4dex.io/ Frame 71B9 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7ddf617c63da9bd588428601e0f8ad67395a39a44c1f014577ac0f2bbb5f9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
701580
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx29b729a14dd3410ea6b84-006156c98a
x-amz-id-2
tx29b729a14dd3410ea6b84-006156c98a
last-modified
Fri, 01 Oct 2021 08:34:20 GMT
server
cloudflare
etag
W/"5300a3b1be09eec23740c383b46565be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62OOj4oedNgBAKR%2Bi8KGLTR6uglhJAA%2BvHDnVsuX2juVKrjjF0ixehU%2BvVUG2%2Fl87mR%2BqHH7GfEVrfQCFamwzeL5W%2FY7GghfyeteWW4%2FXRytT5RVhJuj1%2BMZQgK%2FvPuUhdwC5AV3tEPNJ0W0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1633077260231162
cf-ray
69b74be8de813250-FRA
access-control-allow-headers
Authorization
prebid
ib.adnxs.com/ut/v3/ Frame 71B9 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
212407323420d4a4fc9e19a38c121bf526293ac1a0bfbfa221b2a4ebab112eab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:52 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
67765371-7780-4931-9b08-6ace1f5987e4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.15min.lt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 71B9 		5 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTY4NzI1OCZ0cmFuc2FjdGlvbklkPTZmM2ZmYjcwLTk4NDktNDZhNC05NTYzLWI1M2U5MTkxMWJiZQ%3D%3D&pt=gross&stid=c5da70af-0fc8-4332-b50d-670fd4b2f908&fd=1&eids=eyJpZDUtc3luYy5jb20iOnsiMCI6WzFdfSwicHViY2lkLm9yZyI6eyI5MjRhYjllMS1hYjRhLTRhYjEtOGYwOS03MTM3N2ZjOWU5ZDIiOlsxXX19
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:52 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.15min.lt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
v1
dmx.districtm.io/b/ Frame 71B9 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.15min.lt
access-control-allow-credentials
true
cf-ray
69b74be90ba24d84-FRA
access-control-allow-headers
Content-Type, Origin
cygnus
htlb.casalemedia.com/ Frame 71B9 		24 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=226699&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227576b16e95fa7a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.15min.lt%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%2216%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228eabf876d67193%22%2C%22ext%22%3A%7B%22siteID%22%3A%22226699%22%2C%22sid%22%3A%2215min.lt_970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2295b7935cd5bf53%22%2C%22ext%22%3A%7B%22siteID%22%3A%22226699%22%2C%22sid%22%3A%2215min.lt_970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221075ae2f88d18bb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22226699%22%2C%22sid%22%3A%2215min.lt_970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A180%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22118172bb5f4b6cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22226699%22%2C%22sid%22%3A%2215min.lt_970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A240%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2212e3656c2f73056%22%2C%22ext%22%3A%7B%22siteID%22%3A%22226699%22%2C%22sid%22%3A%2215min.lt_970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A240%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5e991bbeb03c1f34a39cab8dea2ac24ef16f2065d22106ffda3b7bfc77b80005

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.194], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.15min.lt
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Sat, 09 Oct 2021 11:33:52 GMT
/
hb.emxdgt.com/ Frame 71B9 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1633779232141&src=pbjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.15min.lt
date
Sat, 09 Oct 2021 11:33:52 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 71B9 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.15min.lt
date
Sat, 09 Oct 2021 11:33:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 71B9 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=60508&zone_id=1342212&size_id=57&alt_size_ids=78&rp_schain=1.0,1!setupad.com,16,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=924ab9e1-ab4a-4ab1-8f09-71377fc9e9d2%5E1&rf=https%3A%2F%2Fwww.15min.lt%2F&tk_flint=pbjs_lite_v4.21.0-pre&x_source.tid=6f3ffb70-9849-46a4-9563-b53e91911bbe&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.17698549560452403
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e1aeb82d0f04142527a45ee0258de8c1e6c4e4466bafcefd75144f3517d3a2dc

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:52 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.15min.lt
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ortb
bid.contextweb.com/header/ Frame 71B9 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.134 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
server
envoy
cwdl
22/110
access-control-allow-origin
https://www.15min.lt
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
cw-server
bid-deployment-dd6f57bbf-6slgg
prebid
ib.adnxs.com/ut/v3/ Frame 71B9 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4ef3e75025fcfbad2709bb4f93522fadb366e8f014594e7f5575279cefaad939
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:52 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9e45d6b0-e614-4a77-9594-b99e52770a5d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.15min.lt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 71B9 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=92769629067
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.15min.lt
date
Sat, 09 Oct 2021 11:33:51 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 71B9 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.15min.lt
date
Sat, 09 Oct 2021 11:33:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame 8D24 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 11:33:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=50517
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sun, 10 Oct 2021 01:35:49 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 71B9 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.15min.lt%2F&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 10:48:15 GMT
via
1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
server
Server
age
2737
x-edge-origin-shield-skipped
0
access-control-allow-origin
https://www.15min.lt
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
yU7TDFSggwHt_eSDlEg5xhGT8jlDFUbpbjsInRoye7xZUDtBtE6dyw==
bid
c.amazon-adsystem.com/e/dtb/ Frame 71B9 		135 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.15min.lt%2F&pid=1AE3lh2q02h4K&cb=0&ws=970x150&v=7.69.01&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22980x200%22%2C%22980x180%22%2C%22970x240%22%2C%22980x240%22%5D%2C%22sn%22%3A%22%2F147246189%2C146733436%2F15min.lt_970x250_foreign_front%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
48bf04be09630e4455e38a532808e961a90be21c6c8a4864822bf08cb5ad8e89
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
via
1.1 84f381696dd33e92960b92250106e465.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
GGXWVJZ5M14F8RE9GV6V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.15min.lt
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
135
x-amz-cf-id
SshjWn5Hng1HC9em7LQLr5MBB8bNwUPp5_M1UUsn2EtPHVeoN4Yz4w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 71B9 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
37829
x-edge-origin-shield-skipped
0
access-control-max-age
3000
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Sat, 09 Oct 2021 01:03:46 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
9bKdSQO4XPkCxEDzK5-bgQFWS20JfPS91HtieEm71Y8-OB-tXBpklg==
khaos.jpg
token.rubiconproject.com/ Frame 8D24 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YkaP43xBZUNtaG56U2huSXlNZms2WmkyRzdaeitUR1BFY2lRZHR5V1RwWVc5UUQ2STQrL3Z2OVg1RGwycDlzNWovMk1DUFRYem1xNVhPaEVieGpPRmF0Z24wMCtJSzVURjNEMW90dHE1dUlmUVZDWmFTUnNMVHVRN1NLejVKRFlIVmNNOUJoQ1RmNEx5Q1JxYklMcUNmUUlvcVBhdzR5REIyMjUxdEZKQXhuOW1yWm1qWmc0UGhmYUFBZnJIVmdKUEkyVnpHeTFPam1hMXhTY2RpTUF6eVJGQTRGY0R1VlM2aU8yak0wZ1U3b2VqTW13PXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
974
date
Sat, 09 Oct 2021 11:33:51 GMT
content-encoding
gzip
vary
Accept-Encoding
iu3
aax-eu.amazon-adsystem.com/s/ Frame BFEA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_dm_cnv
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_dm_cnv&dcc=t
65 B
686 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_dm_cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.15min.lt/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

Server
Server
Date
Sat, 09 Oct 2021 11:33:52 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
65
Connection
keep-alive
x-amz-rid
1NB2J3B82R1DY3CWWYXM
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Sat, 09 Oct 2021 11:33:52 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
3B1XEACPNKAT7WDEG89C
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_ox-db5_dm_cnv&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
pubads_impl_2021100601.js
securepubads.g.doubleclick.net/gpt/ Frame 71B9 		365 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
62829675b31c3c336b79e09872f249e6d6262c6faa9371985f821223dbaf2d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125954
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 08:42:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 11:33:52 GMT
integrator.js
adservice.google.de/adsid/ Frame 71B9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.15min.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 71B9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.15min.lt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 71B9 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=69753408999378&correlator=563351143094820&output=ldjh&impl=fifs&eid=31062393%2C31063070%2C31063108&vrg=2021100601&ptt=17&sc=1&sfv=1-0-38&ecs=20211009&iu_parts=147246189%3A146733436%2C15min.lt_970x250_foreign_front&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C980x200%7C980x180%7C970x240%7C980x240&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D46dc88cd5430122a%3AT%3D1633779231%3AS%3DALNI_MaE1xcKoIjaI4HrCrxiw2aB2gq2AA&cdm=www.15min.lt&bc=31&abxe=1&lmt=1633779232&dt=1633779232488&dlt=1633779231935&idt=532&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=150&oid=2&adxs=0&adys=75&adks=2179972154&ucis=w1wtzhj0xtfn&ifi=1&ifk=1756508235&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.15min.lt%2F&top=https%3A%2F%2Fwww.15min.lt%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x150&msz=970x0&ga_vid=1916161465.1633779231&ga_sid=1633779232&ga_hid=1184630120&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
da9185b1a35048233dadeab2fe5106fb9537b3768342ed777f5ac41d7591b012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8788
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.15min.lt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1904 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 09 Oct 2021 11:33:52 GMT
expires
Sun, 09 Oct 2022 11:33:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=401400737151807&ev=Microdata&dl=https%3A%2F%2Fwww.15min.lt%2F&rl=&if=false&ts=1633779232649&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633779231144.1232750554&it=1633779231084&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 09 Oct 2021 11:33:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4309c178f13cc80536fe691a5487be34d6d833100b933c06bbff21b46a586739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8661
x-xss-protection
0
container.html
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4EA2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 09 Oct 2021 11:33:52 GMT
expires
Sun, 09 Oct 2022 11:33:52 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 71B9 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c5bc53771a5a3188f9e675b0000a54da10d0523b906e6fe9848fe469c0ae852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8426
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 09 Oct 2021 11:33:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 71B9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 09 Oct 2021 11:33:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EC59 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 09 Oct 2021 11:11:31 GMT
expires
Sun, 09 Oct 2022 11:11:31 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1342
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 04A1 		783 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b5b54604d8ec12ab31d009505a8847a8594958cc7c213fb70caab6e271131e7a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UFkK4BuoEKCBIuEPVIQiZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 09 Oct 2021 11:33:52 GMT
date
Sat, 09 Oct 2021 11:33:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-UFkK4BuoEKCBIuEPVIQiZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 08BB 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 09 Oct 2021 11:11:31 GMT
expires
Sun, 09 Oct 2022 11:11:31 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1342
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B38D 		783 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4af9d4327c38df7357e325a382ada67e5ca71ad3cbd146c1797fc99f2bb47a58
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7oLl4EbFvCXEpE3iKXbBGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 09 Oct 2021 11:33:52 GMT
date
Sat, 09 Oct 2021 11:33:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-7oLl4EbFvCXEpE3iKXbBGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 04A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100401&jk=1910339437015335&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B38D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100601&jk=69753408999378&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLq2gcJSXnEd4OeL0SBB5lXtZFLyDP_TNM0PypoLMf24d0HiVqqCRgBvSLqGmMZHX9ywhqT-BJ40T3MC85XT1R92AjgUEAtcYUQyVt-2HqSPPM7RMG&sig=Cg0ArKJSzMBJh7B316maEAE&id=lidar2&mcvt=1000&p=0,0,150,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211006&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2634167003&rs=4&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633779230220&rpt=1750&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 04A3 		624 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj3nOe1ATAB&v=APEucNVI2KmdG58PZJAhGYACKOohgwncMlvoM3VoZAlI-s4ftpRyR3CwZBS6k3UQhRg-xoL65FOJQNaoEY8RokKVgjTZJjW55GUja6Z2SHJ4MumREdodYb02ejRKy4Wh8JD6J1GMydyxu8YOi3svP11Yk5GfhZIwxuMTubYp5iQEWw84Ipz12YQ8-PllZTuczriizn3dTKTxRtwcA89zmTzyLwqS55ZCAQ
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CLOokgEQ4p3QAhj3nOe1ATAB&v=APEucNVI2KmdG58PZJAhGYACKOohgwncMlvoM3VoZAlI-s4ftpRyR3CwZBS6k3UQhRg-xoL65FOJQNaoEY8RokKVgjTZJjW55GUja6Z2SHJ4MumREdodYb02ejRKy4Wh8JD6J1GMydyxu8YOi3svP11Yk5GfhZIwxuMTubYp5iQEWw84Ipz12YQ8-PllZTuczriizn3dTKTxRtwcA89zmTzyLwqS55ZCAQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUleEFWjKHARumr_HUUdKaUpP1TMGaotz_0IX16ttTpvKnlAE6W-MGgENCqiZ9I
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 09 Oct 2021 11:33:53 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4EA2 		72 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8vnqnYsQ0ntfx0qLVOsz4KX--ubANxjOwdQs4a2IaY9NM8J8NUrJHLQmEI4IOA4iT7qAOa7hRvJ1lZHSFj_9oGhK2jR6qSU0PLYN4HyhoGb8lEZNEc2B0wKZ-bUEKGDKQqhyJFwbqYuauMRCeJuqKVZtlkQ&dbm_d=AKAmf-AvI1oB-2UV501chqioyPJFBUSzd9rN_z1QgpIYlupIzOoCGhSuQ4ThL3fUSKS_jkdlW2Aucw7ip2xOXe72LbpwoPZnSY1u4VG7Bo1napb4urL6OPe0zrIVSbw934-lzCpRtK8UfZNGywKBNkVCHZr1s0yW-A6Shl4F-AhQPulXZqJh3IPeuOcPnJ_YAXDTZsq2U535lRNAznxrAQzbHFDh7QQZLbuMza0nd1veoxR8NfmaEfAcwA2385wZq2deFLh9tw6d4rR2I9ruFy_9j5qFZv_aFbrtcBe3inlC_W9UXksicwOrH_mgmVKJbxoyGtCtRDQQuoHFZ5gBytGSC7Cu3GcyBzPY1SBH4aYAIrHcBOC8ec905T2DfCzBS_uIvgKIqdY4DVHTBE30D_6m3DuqBFP-0yU2OdtFm0qjOKHlO13jYRvXv2-IfbpSi_mNRiRk1nBu0RZQZMAOnurowA_bUPH0kRQ3b8arpoc8wGef_oklf8Sjg3aNX3zmi1EwZ4tVs-FghdbcAjJx4GWJJ4ESZVuyHDgQZzHRfELlN7IPcPgJiieG6hF7bMI7qrG5cFfESQQ9gQbDLKeT3TzTopLOGH-qIadHD5OuERglIsjMY8GEESkBQbdP8D5KJg8qEVeu8qu0dNbulINx8uQW_aXOoujLMCEU82Lfl4dzbtoCy2waXG57Bi3_zQs8Y7hc13TXKvwr7WzflNIbpR2sHk7No_yLQ5W-Hz4OTu0QIr46XIgDrgeLA7klWHUZCP0ykQuBC3Q4muNHLIFMJFNP0dqw8fiQp7AUWjtDoKe4oFOtYzSY75KgxZ--xOKL53vfgQJpxoN7e7VocNJh99B0QMkVCxSIqtk5wlj9coA1f5DwT1ICZk1YeDREWLNOAQDtc7NK24_Gb4THMfZw-91VQxRvBQk1BTn-Tw9onfmTFc7-g1l0J2qeDtWgsf39rD0miQvkXF28sjAZEr6MtAubbimZ2oLI5PGmaJF7ClO5xRqBuBPj_f3KyuV6xZwS_s3npqNp9e0Sgc4ssCAnTv4uvGlnT1NTEVpnOpcV7_x2Bf2tR7F5Fdo-e5EtcsaSAGrRioo-Yr8y-R2LRp-e3LhM1LPsiZYaCeysQBkeso6lR3iBOxIJJ5eYXyHiEzw9PoaCfrJKMB3jAAY3o1PTWNZIK9XvjvILbU0Cb6QU9YkXiyzZhrXkjoe3Nuz0dGIOJKd1GuLmYQYDREE48w5mZuCO7VOjcBomyjfwdJzC5v_JonHX80zl877ttGw8fNcFz68eP4YDp-d0exH_7Yjib5bplY9G6042_frljk_6w7eSNW7OQYM4d9Ncud4b4qeBZ6bWjUEHz2NBn0hIekZodiVcgP0JxJ-mS5Oi0v09JU1xFr-YAiz8TZbl4Mvb4g4lRFX9ZLmy2b6pF8-9ZoqDgLKe69HZeG8RULc351N3yJFp9MSK-4tKQnhowlxt1br9K3DMdKfCEpYg6om8S4DRlG2Op0ouAG6I4nxmVmQURGAZf8LoT_QVipJpTw9qpYbbUZTx-amLBtcJ1ayGkhzZ_Pq9-Y8ih5ufXhg8XhyPjVpwCqGcJ4DzbAuKWo76yKdK_p3AUUlW1yvBiPXckcmxMi_muKR5FeJOS199J6H647TMrmd6O4YZdmuPxq_q2wqJgZyI-4t5VCq1wZzgUMrdye47ANu149jl2XJEdPcUcPO7Mmn2EIMaw2hgVJ_NZ_lvePYDSYSstcUx_HthdmUE5QMO9gQ1Ro5IEFIQqQ0fPBUcjldKPdLSDV1cNnp4Gp3p--X5OSJry2T-LrElxLspHi7K23YBX6UuPpSP_wQovUuyY5Rh9DhxqQBbdrk2ZFUIdknz7yeSGbtSAMR9KR97vm2nelC1n5WjwWKAjRGyliiQ66rgDPADQqnclWlL5HC8udbhVHHen9fFxuXrvksyx6hg0LVacp-9ajrvYNddaVgGePoi4374jzPgAvk9Rh2H02QWqAaSJyAVq97bnf15c-z8nuLmDB-x54YTF-BDpZG7HW-bgXPvJ_X3ZOpOtdJzA94Dd5a72PqG3OOYvMmlj2VK90X-TDfx6z_NG6-Y-h9Xlu47GVkJIU4YeOvEcRm9x5ol3ZEanFhcHS1wmj-S_cPTLnHR8QikHfC122iRV62yHQEkAyPIBB5GYNR8wBmqW_MQFMVxb4DsnxLzOZvpzM1XxC4tPJRJ43S-g8Jti7dpPCoKg8WL3LO70lasMBJKe2ZIr_b_D2XJzzE7l30MBDqHY1V24dHl7fzt2Qm2kwc6YKNgnKrAG0wdtf9E07YfTAoDvvYNoE-CIrHZlsafZmvXF7XKLBo3IFRuDc1ljQPIyYgAFyPcVn9gq6E8W5VmrI8XlBD4Ion98soNf8GthCSYGobL-n3f96TPfuBjzshOwK4geWKHzMFanFZuap2xoqCN5nYils5GQugZzP4Mx_ipsUdzCzcrwg5VHxGKFk96X18i94dJ9pqOfSzdl0VGuanGkKGkOWKpJHQzGXTqWjuj8F4bnbvKC7O1hyK3bNbQtt2lfLlMAAZy3kW7khJMmAihUaY-ei3OsD56DwFWFTko2z4Z_w151XehUhCcG1qVhlr5aNNjy-v5LYKgZ1xN7Ns-3H6HPSMjLre8vKWBlKR-VsbsUbjIevzEOc5jVR7B5NdpuoeM8SaF6lHlPhFfChnLkEw1w4rYJwEHLZ7vfBAg6VBHGEAHf-Mq91JzX0qRL6_HPewowfP-coO_FFKDfAHNG61aLLGMc-LB3BjOnLtHu1sjnybkU8SoedhJqD362AdHb_sfmCk9gTfl3uMwnh362wntRo3ZxVZrYbzNJP0MxzB_YiAsEHRN1pn-AOPYlerKJqtug0QOgdB9eoTtwwv0wO4A2S6s5RmxSFiLOBxVyhCe9SC4PADhkFV9jKwJc9QE6wV1M9p2HHMXc8Nxs-deSc9he2G9mausaENrGW4noKB8GlFcZxyNvreJH2G4jcIkL7Yien4AdApjCfaDOOtPhzi7gACseGkTtdGZ3bDjUxjjLUue9pqYT84G871aK6KxbZmFL0ppADWiPXsObEJYlwJ3iTZTyzZQXTen84yRZjVCCIjeKM2j2Yf0nHLesZug-BXf2x-t2wuqbu2WrbIAvfUwcw44_1qvVunjo1Xfpy_eLfCcHQ&cid=CAASEuRoXU5mDFp8nkt4BAHeJVVcCg&rfl=2%2Chttps%253A%252F%252Fwww.15min.lt%242%2Chttps%253A%252F%252Fwww.15min.lt%252F%240
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6717b4d5ad0b584fed3e3d5ba17c5e38bd4b06acf3be3f300b4fded15a3de63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29111
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EA2 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bc-8joHxuf6ebp4-l1E5ucjAP1-lc7WRAlJfFzAfIZjV63_BfaaM1vQViyckf03QdNmaDar73C07V57uRWfLjvZZq5x_lrT3oAZo5Iz07EWXxdU8Q
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 4EA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 11:30:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4EA2 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547226118934"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Oct 2021 11:33:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 4EA2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:25:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6219
x-xss-protection
0
server
cafe
etag
4041254270185007295
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 11:25:58 GMT
l
www.google.com/ads/measurement/ Frame 4EA2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrmcePcGLYT6QGLLoeR5yloLxIEuHoHZM-x7nSd5Yiu6hvT0xRHxi8ye8JHH4nYmd87S1G26pN61qin-jRU6wNryyOUw
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 04A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELJ7BfMqfNSN0P5smlSJbXI&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELJ7BfMqfNSN0P5smlSJbXI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj3nOe1ATAB&v=APEucNVI2KmdG58PZJAhGYACKOohgwncMlvoM3VoZAlI-s4ftpRyR3CwZBS6k3UQhRg-xoL65FOJQNaoEY8RokKVgjTZJjW55GUja6Z2SHJ4MumREdodYb02ejRKy4Wh8JD6J1GMydyxu8YOi3svP11Yk5GfhZIwxuMTubYp5iQEWw84Ipz12YQ8-PllZTuczriizn3dTKTxRtwcA89zmTzyLwqS55ZCAQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 09 Oct 2021 11:33:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELJ7BfMqfNSN0P5smlSJbXI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 04A3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWF.Ie-aGXKMorcZOgHdeQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELJ7BfMqfNSN0P5smlSJbXI&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELJ7BfMqfNSN0P5smlSJbXI&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj3nOe1ATAB&v=APEucNVI2KmdG58PZJAhGYACKOohgwncMlvoM3VoZAlI-s4ftpRyR3CwZBS6k3UQhRg-xoL65FOJQNaoEY8RokKVgjTZJjW55GUja6Z2SHJ4MumREdodYb02ejRKy4Wh8JD6J1GMydyxu8YOi3svP11Yk5GfhZIwxuMTubYp5iQEWw84Ipz12YQ8-PllZTuczriizn3dTKTxRtwcA89zmTzyLwqS55ZCAQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 09 Oct 2021 11:33:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELJ7BfMqfNSN0P5smlSJbXI&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 04A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGU44kHwwErzsi71RkDtTSQ&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGU44kHwwErzsi71RkDtTSQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj3nOe1ATAB&v=APEucNVI2KmdG58PZJAhGYACKOohgwncMlvoM3VoZAlI-s4ftpRyR3CwZBS6k3UQhRg-xoL65FOJQNaoEY8RokKVgjTZJjW55GUja6Z2SHJ4MumREdodYb02ejRKy4Wh8JD6J1GMydyxu8YOi3svP11Yk5GfhZIwxuMTubYp5iQEWw84Ipz12YQ8-PllZTuczriizn3dTKTxRtwcA89zmTzyLwqS55ZCAQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:53 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c2997bcf-618e-4ed2-a42f-2fd1df592b7d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGU44kHwwErzsi71RkDtTSQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0NTQ3MjQ2MDk4NDk3MTExMA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0NTQ3MjQ2MDk4NDk3MTExMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj3nOe1ATAB&v=APEucNVI2KmdG58PZJAhGYACKOohgwncMlvoM3VoZAlI-s4ftpRyR3CwZBS6k3UQhRg-xoL65FOJQNaoEY8RokKVgjTZJjW55GUja6Z2SHJ4MumREdodYb02ejRKy4Wh8JD6J1GMydyxu8YOi3svP11Yk5GfhZIwxuMTubYp5iQEWw84Ipz12YQ8-PllZTuczriizn3dTKTxRtwcA89zmTzyLwqS55ZCAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:53 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cd665ac2-3159-45df-9bd5-998180772956
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc0NTQ3MjQ2MDk4NDk3MTExMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
pagead2.googlesyndication.com/bg/ Frame EC59 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 21:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
137313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13308
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 07 Oct 2022 21:25:20 GMT
164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
pagead2.googlesyndication.com/bg/ Frame 08BB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 21:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
137313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13308
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 07 Oct 2022 21:25:20 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 4EA2 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
Origin
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 11:42:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Oct 2021 11:42:16 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/elements/html/ Frame 4EA2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8vnqnYsQ0ntfx0qLVOsz4KX--ubANxjOwdQs4a2IaY9NM8J8NUrJHLQmEI4IOA4iT7qAOa7hRvJ1lZHSFj_9oGhK2jR6qSU0PLYN4HyhoGb8lEZNEc2B0wKZ-bUEKGDKQqhyJFwbqYuauMRCeJuqKVZtlkQ&dbm_d=AKAmf-AvI1oB-2UV501chqioyPJFBUSzd9rN_z1QgpIYlupIzOoCGhSuQ4ThL3fUSKS_jkdlW2Aucw7ip2xOXe72LbpwoPZnSY1u4VG7Bo1napb4urL6OPe0zrIVSbw934-lzCpRtK8UfZNGywKBNkVCHZr1s0yW-A6Shl4F-AhQPulXZqJh3IPeuOcPnJ_YAXDTZsq2U535lRNAznxrAQzbHFDh7QQZLbuMza0nd1veoxR8NfmaEfAcwA2385wZq2deFLh9tw6d4rR2I9ruFy_9j5qFZv_aFbrtcBe3inlC_W9UXksicwOrH_mgmVKJbxoyGtCtRDQQuoHFZ5gBytGSC7Cu3GcyBzPY1SBH4aYAIrHcBOC8ec905T2DfCzBS_uIvgKIqdY4DVHTBE30D_6m3DuqBFP-0yU2OdtFm0qjOKHlO13jYRvXv2-IfbpSi_mNRiRk1nBu0RZQZMAOnurowA_bUPH0kRQ3b8arpoc8wGef_oklf8Sjg3aNX3zmi1EwZ4tVs-FghdbcAjJx4GWJJ4ESZVuyHDgQZzHRfELlN7IPcPgJiieG6hF7bMI7qrG5cFfESQQ9gQbDLKeT3TzTopLOGH-qIadHD5OuERglIsjMY8GEESkBQbdP8D5KJg8qEVeu8qu0dNbulINx8uQW_aXOoujLMCEU82Lfl4dzbtoCy2waXG57Bi3_zQs8Y7hc13TXKvwr7WzflNIbpR2sHk7No_yLQ5W-Hz4OTu0QIr46XIgDrgeLA7klWHUZCP0ykQuBC3Q4muNHLIFMJFNP0dqw8fiQp7AUWjtDoKe4oFOtYzSY75KgxZ--xOKL53vfgQJpxoN7e7VocNJh99B0QMkVCxSIqtk5wlj9coA1f5DwT1ICZk1YeDREWLNOAQDtc7NK24_Gb4THMfZw-91VQxRvBQk1BTn-Tw9onfmTFc7-g1l0J2qeDtWgsf39rD0miQvkXF28sjAZEr6MtAubbimZ2oLI5PGmaJF7ClO5xRqBuBPj_f3KyuV6xZwS_s3npqNp9e0Sgc4ssCAnTv4uvGlnT1NTEVpnOpcV7_x2Bf2tR7F5Fdo-e5EtcsaSAGrRioo-Yr8y-R2LRp-e3LhM1LPsiZYaCeysQBkeso6lR3iBOxIJJ5eYXyHiEzw9PoaCfrJKMB3jAAY3o1PTWNZIK9XvjvILbU0Cb6QU9YkXiyzZhrXkjoe3Nuz0dGIOJKd1GuLmYQYDREE48w5mZuCO7VOjcBomyjfwdJzC5v_JonHX80zl877ttGw8fNcFz68eP4YDp-d0exH_7Yjib5bplY9G6042_frljk_6w7eSNW7OQYM4d9Ncud4b4qeBZ6bWjUEHz2NBn0hIekZodiVcgP0JxJ-mS5Oi0v09JU1xFr-YAiz8TZbl4Mvb4g4lRFX9ZLmy2b6pF8-9ZoqDgLKe69HZeG8RULc351N3yJFp9MSK-4tKQnhowlxt1br9K3DMdKfCEpYg6om8S4DRlG2Op0ouAG6I4nxmVmQURGAZf8LoT_QVipJpTw9qpYbbUZTx-amLBtcJ1ayGkhzZ_Pq9-Y8ih5ufXhg8XhyPjVpwCqGcJ4DzbAuKWo76yKdK_p3AUUlW1yvBiPXckcmxMi_muKR5FeJOS199J6H647TMrmd6O4YZdmuPxq_q2wqJgZyI-4t5VCq1wZzgUMrdye47ANu149jl2XJEdPcUcPO7Mmn2EIMaw2hgVJ_NZ_lvePYDSYSstcUx_HthdmUE5QMO9gQ1Ro5IEFIQqQ0fPBUcjldKPdLSDV1cNnp4Gp3p--X5OSJry2T-LrElxLspHi7K23YBX6UuPpSP_wQovUuyY5Rh9DhxqQBbdrk2ZFUIdknz7yeSGbtSAMR9KR97vm2nelC1n5WjwWKAjRGyliiQ66rgDPADQqnclWlL5HC8udbhVHHen9fFxuXrvksyx6hg0LVacp-9ajrvYNddaVgGePoi4374jzPgAvk9Rh2H02QWqAaSJyAVq97bnf15c-z8nuLmDB-x54YTF-BDpZG7HW-bgXPvJ_X3ZOpOtdJzA94Dd5a72PqG3OOYvMmlj2VK90X-TDfx6z_NG6-Y-h9Xlu47GVkJIU4YeOvEcRm9x5ol3ZEanFhcHS1wmj-S_cPTLnHR8QikHfC122iRV62yHQEkAyPIBB5GYNR8wBmqW_MQFMVxb4DsnxLzOZvpzM1XxC4tPJRJ43S-g8Jti7dpPCoKg8WL3LO70lasMBJKe2ZIr_b_D2XJzzE7l30MBDqHY1V24dHl7fzt2Qm2kwc6YKNgnKrAG0wdtf9E07YfTAoDvvYNoE-CIrHZlsafZmvXF7XKLBo3IFRuDc1ljQPIyYgAFyPcVn9gq6E8W5VmrI8XlBD4Ion98soNf8GthCSYGobL-n3f96TPfuBjzshOwK4geWKHzMFanFZuap2xoqCN5nYils5GQugZzP4Mx_ipsUdzCzcrwg5VHxGKFk96X18i94dJ9pqOfSzdl0VGuanGkKGkOWKpJHQzGXTqWjuj8F4bnbvKC7O1hyK3bNbQtt2lfLlMAAZy3kW7khJMmAihUaY-ei3OsD56DwFWFTko2z4Z_w151XehUhCcG1qVhlr5aNNjy-v5LYKgZ1xN7Ns-3H6HPSMjLre8vKWBlKR-VsbsUbjIevzEOc5jVR7B5NdpuoeM8SaF6lHlPhFfChnLkEw1w4rYJwEHLZ7vfBAg6VBHGEAHf-Mq91JzX0qRL6_HPewowfP-coO_FFKDfAHNG61aLLGMc-LB3BjOnLtHu1sjnybkU8SoedhJqD362AdHb_sfmCk9gTfl3uMwnh362wntRo3ZxVZrYbzNJP0MxzB_YiAsEHRN1pn-AOPYlerKJqtug0QOgdB9eoTtwwv0wO4A2S6s5RmxSFiLOBxVyhCe9SC4PADhkFV9jKwJc9QE6wV1M9p2HHMXc8Nxs-deSc9he2G9mausaENrGW4noKB8GlFcZxyNvreJH2G4jcIkL7Yien4AdApjCfaDOOtPhzi7gACseGkTtdGZ3bDjUxjjLUue9pqYT84G871aK6KxbZmFL0ppADWiPXsObEJYlwJ3iTZTyzZQXTen84yRZjVCCIjeKM2j2Yf0nHLesZug-BXf2x-t2wuqbu2WrbIAvfUwcw44_1qvVunjo1Xfpy_eLfCcHQ&cid=CAASEuRoXU5mDFp8nkt4BAHeJVVcCg&rfl=2%2Chttps%253A%252F%252Fwww.15min.lt%242%2Chttps%253A%252F%252Fwww.15min.lt%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 11:23:04 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame 4EA2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8vnqnYsQ0ntfx0qLVOsz4KX--ubANxjOwdQs4a2IaY9NM8J8NUrJHLQmEI4IOA4iT7qAOa7hRvJ1lZHSFj_9oGhK2jR6qSU0PLYN4HyhoGb8lEZNEc2B0wKZ-bUEKGDKQqhyJFwbqYuauMRCeJuqKVZtlkQ&dbm_d=AKAmf-AvI1oB-2UV501chqioyPJFBUSzd9rN_z1QgpIYlupIzOoCGhSuQ4ThL3fUSKS_jkdlW2Aucw7ip2xOXe72LbpwoPZnSY1u4VG7Bo1napb4urL6OPe0zrIVSbw934-lzCpRtK8UfZNGywKBNkVCHZr1s0yW-A6Shl4F-AhQPulXZqJh3IPeuOcPnJ_YAXDTZsq2U535lRNAznxrAQzbHFDh7QQZLbuMza0nd1veoxR8NfmaEfAcwA2385wZq2deFLh9tw6d4rR2I9ruFy_9j5qFZv_aFbrtcBe3inlC_W9UXksicwOrH_mgmVKJbxoyGtCtRDQQuoHFZ5gBytGSC7Cu3GcyBzPY1SBH4aYAIrHcBOC8ec905T2DfCzBS_uIvgKIqdY4DVHTBE30D_6m3DuqBFP-0yU2OdtFm0qjOKHlO13jYRvXv2-IfbpSi_mNRiRk1nBu0RZQZMAOnurowA_bUPH0kRQ3b8arpoc8wGef_oklf8Sjg3aNX3zmi1EwZ4tVs-FghdbcAjJx4GWJJ4ESZVuyHDgQZzHRfELlN7IPcPgJiieG6hF7bMI7qrG5cFfESQQ9gQbDLKeT3TzTopLOGH-qIadHD5OuERglIsjMY8GEESkBQbdP8D5KJg8qEVeu8qu0dNbulINx8uQW_aXOoujLMCEU82Lfl4dzbtoCy2waXG57Bi3_zQs8Y7hc13TXKvwr7WzflNIbpR2sHk7No_yLQ5W-Hz4OTu0QIr46XIgDrgeLA7klWHUZCP0ykQuBC3Q4muNHLIFMJFNP0dqw8fiQp7AUWjtDoKe4oFOtYzSY75KgxZ--xOKL53vfgQJpxoN7e7VocNJh99B0QMkVCxSIqtk5wlj9coA1f5DwT1ICZk1YeDREWLNOAQDtc7NK24_Gb4THMfZw-91VQxRvBQk1BTn-Tw9onfmTFc7-g1l0J2qeDtWgsf39rD0miQvkXF28sjAZEr6MtAubbimZ2oLI5PGmaJF7ClO5xRqBuBPj_f3KyuV6xZwS_s3npqNp9e0Sgc4ssCAnTv4uvGlnT1NTEVpnOpcV7_x2Bf2tR7F5Fdo-e5EtcsaSAGrRioo-Yr8y-R2LRp-e3LhM1LPsiZYaCeysQBkeso6lR3iBOxIJJ5eYXyHiEzw9PoaCfrJKMB3jAAY3o1PTWNZIK9XvjvILbU0Cb6QU9YkXiyzZhrXkjoe3Nuz0dGIOJKd1GuLmYQYDREE48w5mZuCO7VOjcBomyjfwdJzC5v_JonHX80zl877ttGw8fNcFz68eP4YDp-d0exH_7Yjib5bplY9G6042_frljk_6w7eSNW7OQYM4d9Ncud4b4qeBZ6bWjUEHz2NBn0hIekZodiVcgP0JxJ-mS5Oi0v09JU1xFr-YAiz8TZbl4Mvb4g4lRFX9ZLmy2b6pF8-9ZoqDgLKe69HZeG8RULc351N3yJFp9MSK-4tKQnhowlxt1br9K3DMdKfCEpYg6om8S4DRlG2Op0ouAG6I4nxmVmQURGAZf8LoT_QVipJpTw9qpYbbUZTx-amLBtcJ1ayGkhzZ_Pq9-Y8ih5ufXhg8XhyPjVpwCqGcJ4DzbAuKWo76yKdK_p3AUUlW1yvBiPXckcmxMi_muKR5FeJOS199J6H647TMrmd6O4YZdmuPxq_q2wqJgZyI-4t5VCq1wZzgUMrdye47ANu149jl2XJEdPcUcPO7Mmn2EIMaw2hgVJ_NZ_lvePYDSYSstcUx_HthdmUE5QMO9gQ1Ro5IEFIQqQ0fPBUcjldKPdLSDV1cNnp4Gp3p--X5OSJry2T-LrElxLspHi7K23YBX6UuPpSP_wQovUuyY5Rh9DhxqQBbdrk2ZFUIdknz7yeSGbtSAMR9KR97vm2nelC1n5WjwWKAjRGyliiQ66rgDPADQqnclWlL5HC8udbhVHHen9fFxuXrvksyx6hg0LVacp-9ajrvYNddaVgGePoi4374jzPgAvk9Rh2H02QWqAaSJyAVq97bnf15c-z8nuLmDB-x54YTF-BDpZG7HW-bgXPvJ_X3ZOpOtdJzA94Dd5a72PqG3OOYvMmlj2VK90X-TDfx6z_NG6-Y-h9Xlu47GVkJIU4YeOvEcRm9x5ol3ZEanFhcHS1wmj-S_cPTLnHR8QikHfC122iRV62yHQEkAyPIBB5GYNR8wBmqW_MQFMVxb4DsnxLzOZvpzM1XxC4tPJRJ43S-g8Jti7dpPCoKg8WL3LO70lasMBJKe2ZIr_b_D2XJzzE7l30MBDqHY1V24dHl7fzt2Qm2kwc6YKNgnKrAG0wdtf9E07YfTAoDvvYNoE-CIrHZlsafZmvXF7XKLBo3IFRuDc1ljQPIyYgAFyPcVn9gq6E8W5VmrI8XlBD4Ion98soNf8GthCSYGobL-n3f96TPfuBjzshOwK4geWKHzMFanFZuap2xoqCN5nYils5GQugZzP4Mx_ipsUdzCzcrwg5VHxGKFk96X18i94dJ9pqOfSzdl0VGuanGkKGkOWKpJHQzGXTqWjuj8F4bnbvKC7O1hyK3bNbQtt2lfLlMAAZy3kW7khJMmAihUaY-ei3OsD56DwFWFTko2z4Z_w151XehUhCcG1qVhlr5aNNjy-v5LYKgZ1xN7Ns-3H6HPSMjLre8vKWBlKR-VsbsUbjIevzEOc5jVR7B5NdpuoeM8SaF6lHlPhFfChnLkEw1w4rYJwEHLZ7vfBAg6VBHGEAHf-Mq91JzX0qRL6_HPewowfP-coO_FFKDfAHNG61aLLGMc-LB3BjOnLtHu1sjnybkU8SoedhJqD362AdHb_sfmCk9gTfl3uMwnh362wntRo3ZxVZrYbzNJP0MxzB_YiAsEHRN1pn-AOPYlerKJqtug0QOgdB9eoTtwwv0wO4A2S6s5RmxSFiLOBxVyhCe9SC4PADhkFV9jKwJc9QE6wV1M9p2HHMXc8Nxs-deSc9he2G9mausaENrGW4noKB8GlFcZxyNvreJH2G4jcIkL7Yien4AdApjCfaDOOtPhzi7gACseGkTtdGZ3bDjUxjjLUue9pqYT84G871aK6KxbZmFL0ppADWiPXsObEJYlwJ3iTZTyzZQXTen84yRZjVCCIjeKM2j2Yf0nHLesZug-BXf2x-t2wuqbu2WrbIAvfUwcw44_1qvVunjo1Xfpy_eLfCcHQ&cid=CAASEuRoXU5mDFp8nkt4BAHeJVVcCg&rfl=2%2Chttps%253A%252F%252Fwww.15min.lt%242%2Chttps%253A%252F%252Fwww.15min.lt%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9203
x-xss-protection
0
server
cafe
etag
15223966529599630443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 11:33:36 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4EA2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 11:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 08 Oct 2022 11:42:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A16F 		1 KB
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 09 Oct 2021 08:58:57 GMT
expires
Sun, 10 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
9296
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4EA2 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9702d332ea0cab02a7defc77db5e2e524fdb7f6f7b433fc1593953a16648143

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 963D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 08 Oct 2021 11:42:17 GMT
expires
Sat, 08 Oct 2022 11:42:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
85896
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mtrcs_220434.js
s79.mxcdn.net/bb-mx/serve/ Frame 4EA2 		148 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-67.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bcad36a72dbc1761ef55d73706876aef910405d11565b9598dc2fed877be339e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 11:33:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 13:38:06 GMT
Server
nginx
ETag
"\W00000580251633613886776"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control
public, max-age=1800
Connection
keep-alive
Content-Type
text/javascript
Content-Length
58025
Expires
Sat, 09 Oct 2021 12:03:53 GMT
index.html
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/ Frame 0136 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e890f3e73917f420895b30927d5c5f745c9a745418dd0b5b40646477e40f4b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
1932
date
Fri, 08 Oct 2021 13:00:16 GMT
expires
Sat, 08 Oct 2022 13:00:16 GMT
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
81217
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4EA2 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufvM5z2SXEpqtpVevAkRVOr_xSDcLaeQ_uodRD5JNwauA_2tEp5Gnj1bQbAQ7znK35iyw_eiaro6WbqWo2ecUfe4RfC1HCQmXddVVord7jK3qqUPU2ibVhsMujTQDFM2ElU41NYJtJjriKc2ij6QxHl8-bGbLSgBcep2XI0sQ5-Bnj11tgReubwuKVrog_W8HUb3G-hauCAM-3c8qcsJ-PbXfrRUB9cvdHf6Bk5lmptbQRTNtDUXD0w-ObDXmxyAr7M42uojO3UWJq51GMtguGdUTjvPNdeLuRTGT73uOy6QOfpR6N0n9q1clZpfM2cUd4sKHC4N4yzV7u-hzPLwiFqQ9NFUGlp6I35A8iHZ5UwNW0LrypK0u3Y2vzVMsC3GyUhvwznJcVhYERyIp5WgtKtH19hhMYSVYIPLiQQBbh0mDmlcEbVwu3dShgQdomPoI3FIfMgv17EOlJzFA3NgAfd8g5N3uxWgF7jXspj-Qq_2vsivbBrCRe1M2eZKW7kWVPrBngrTljOkrFQF4rVVXpdhJRVF1Be-9_IpeCwY3B-x08K2oGh179H8FKa3U6phMTgwhXMqIY2xprs-JItbeKJEpebJRQA4dCmSZEKC23J5FFgxHOTy4GXwmFjksJDyc7NNzorb9EV1969DicFcoqHiSJR3hQtD5XtRNxZAIfPnhzGdSOkC6yHR0iW4JMQ8Id8xzDn0wq-N9KzCHVB-kQ6haIpGZKm-XCPBRBGnDJUyT-58dosheN4zR3gDtpQwPWD7TFqpjdCc1374CM9LfAITZ7YnCU7Yd7FM8GZhDT64AcoVVN5Z-G72CPiNW4aDsexeIXiSKI0wj8NB_o7ZnuBj6poh4FDBjQ0IJQdZl_-b7xBazIK4SqC4VoQoeo89NS0L87gDS_eXzhEe_3n5VJhWWfaj10WK5OKEWnjB7iWUodFvr5OAGF4F3f6F6geq6uWN3pZ8QXWv9YnMDwlwYfayJisxXzZKf9toeI4SlZ7Q1QBRsTJzxjqOw-lyZEtQjHzxKtiLabZ1SEag0pois6FJUqqkiNkmlkZLAfIgPhD0AQ8laWWfqyHMlUYyzQYrxIqOCzJo03aKkv0hqG2G8ZxUHDlUyFclNGFgbCsHz0hen0HtwmF_iJDVpffQliOKsDoWzlwvtmYl1JdftIL8qJyHkZ4Xymrp3_O0RYyuow0q56aDfLmMu1Amxs5x3lgqybacRGqXonDnda4O_EnhO64UjFypXW&sai=AMfl-YSBsbMXQU8wLYPqNY2mTuwjegkIApHlM15-25ESlu-JIGomS6DqkbVNrmz1pUm_S7tYAQ_9qj4yQfeK2ynBTO-938W7kZR3t6CKzgZWl2mM0Ah-9x-KVpIa_M-q_dSXcOV3oQLmafNFGgcrcdaR3LiXExUnLA&sig=Cg0ArKJSzNChos8YW7X_EAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=126&cbvp=1&cstd=124&cisv=r20211006.54738&adurl=
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sat, 09 Oct 2021 11:33:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
cm.g.doubleclick.net/ Frame A16F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECx0N6MkA4C4AzWK_wotfSY&google_cver=1&google_push=AYg5qPLoF0QZWELg761-Wb9CsNAb5EPn0D05maHdgn5NTbSPvuWrpm1nSLyUR7FCsJ35y7X5HkwEoun38gpaJbSsS0TfY5Lxgtzz
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B292A8ECC7C746E2AA6F09134E13980A&google_push=AYg5qPLoF0QZWELg761-Wb9CsNAb5EPn0D05maHdgn5NTbSPvuWrpm1nSLyUR7FCsJ35y7X5HkwEoun38gpaJbS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B292A8ECC7C746E2AA6F09134E13980A&google_push=AYg5qPLoF0QZWELg761-Wb9CsNAb5EPn0D05maHdgn5NTbSPvuWrpm1nSLyUR7FCsJ35y7X5HkwEoun38gpaJbSsS0TfY5Lxgtzz
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Oct 2021 11:33:53 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B292A8ECC7C746E2AA6F09134E13980A&google_push=AYg5qPLoF0QZWELg761-Wb9CsNAb5EPn0D05maHdgn5NTbSPvuWrpm1nSLyUR7FCsJ35y7X5HkwEoun38gpaJbSsS0TfY5Lxgtzz
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 08 Oct 2021 11:33:53 GMT
pixel
cm.g.doubleclick.net/ Frame A16F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBS0-cvosuK_Iw0rs1oZYLo&google_cver=1&google_push=AYg5qPJoS8nJTy9iHrptvgTSNbxbb3VTTrzTOY53MBGGQ-RvAJfMDxkWG4tZxMD7ZMDJw_ZErnT0BU3JQGcyk3...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzAyODM3NDYyNTk3NDQxMg%3D%3D&google_push=AYg5qPJoS8nJTy9iHrptvgTSNbxbb3VTTrzTOY53MBGGQ-RvAJfMDxkWG4tZxMD7ZMDJw_ZErnT0BU3JQGcyk3K0y5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzAyODM3NDYyNTk3NDQxMg%3D%3D&google_push=AYg5qPJoS8nJTy9iHrptvgTSNbxbb3VTTrzTOY53MBGGQ-RvAJfMDxkWG4tZxMD7ZMDJw_ZErnT0BU3JQGcyk3K0y5a8s1xPf7M4
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzAyODM3NDYyNTk3NDQxMg%3D%3D&google_push=AYg5qPJoS8nJTy9iHrptvgTSNbxbb3VTTrzTOY53MBGGQ-RvAJfMDxkWG4tZxMD7ZMDJw_ZErnT0BU3JQGcyk3K0y5a8s1xPf7M4
Date
Sat, 09 Oct 2021 11:33:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A16F
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAUR48WCOJtw2h092VFpJys&google_cver=1&google_push=AYg5qPJB1Yt8h-fzKOMazQw1shjmcflz0ZPqwGiNYpSjhYWJUgOOf7b2uEO6V7t__rlHStCuLN1FXbHKCqcmiSoX...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mLvzfhDWRZeRM3iz9VYLKQ2&google_push=AYg5qPJB1Yt8h-fzKOMazQw1shjmcflz0ZPqwGiNYpSjhYWJUgOOf7b2uEO6V7t__rlHStCuLN1FXbHKCqcmiSoXyvNDpYxeFlmK
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mLvzfhDWRZeRM3iz9VYLKQ2&google_push=AYg5qPJB1Yt8h-fzKOMazQw1shjmcflz0ZPqwGiNYpSjhYWJUgOOf7b2uEO6V7t__rlHStCuLN1FXbHKCqcmiSoXyvNDpYxeFlmK
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Oct 2021 11:33:53 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mLvzfhDWRZeRM3iz9VYLKQ2&google_push=AYg5qPJB1Yt8h-fzKOMazQw1shjmcflz0ZPqwGiNYpSjhYWJUgOOf7b2uEO6V7t__rlHStCuLN1FXbHKCqcmiSoXyvNDpYxeFlmK
x-host
tde-deliveryengine-production-7f8fcb5db4-znmgv
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame A16F
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEI-Sfhk1iwFmT3Nkku_JIVs&google_cver=1&google_push=AYg5qPLJBBx49SRGZ44-dMJbC19jQsnQ-8whymp7UmigCR7tXFDpI0ksF3Gh8he6ra1Zj1RXnvp8_Cjgv1KfdlcU-JJ06azNdXg
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bnJDeXhsSDRBSXFMa3ktbUluNWhZUQ%3D%3D&google_push=AYg5qPLJBBx49SRGZ44-dMJbC19jQsnQ-8whymp7UmigCR7tXFDpI0ksF3Gh8he6ra1Zj1RXnvp8_Cjgv1Kfd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bnJDeXhsSDRBSXFMa3ktbUluNWhZUQ%3D%3D&google_push=AYg5qPLJBBx49SRGZ44-dMJbC19jQsnQ-8whymp7UmigCR7tXFDpI0ksF3Gh8he6ra1Zj1RXnvp8_Cjgv1KfdlcU-JJ06azNdXg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=bnJDeXhsSDRBSXFMa3ktbUluNWhZUQ%3D%3D&google_push=AYg5qPLJBBx49SRGZ44-dMJbC19jQsnQ-8whymp7UmigCR7tXFDpI0ksF3Gh8he6ra1Zj1RXnvp8_Cjgv1KfdlcU-JJ06azNdXg
date
Sat, 09 Oct 2021 11:33:54 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
242
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
exptsync
ads.yieldmo.com/ Frame A16F 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEDXrYfWsacrhSztBafEiRc8&google_cver=1&google_push=AYg5qPIVp6h_5segEii9TsoVrIAbw7fAK5OZkHHtHwmHuTSpbrxHue0aD3mqDiE3FfoS2i6fylzl2JmcgByfKAIryemeOHs4W_Y
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.39.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-39-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:53 GMT
pixel
cm.g.doubleclick.net/ Frame A16F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIN_v4eyeru8P8DaPaJQd0Q&google_cver=1&google_push=AYg5qPIXEC4b5pNX18Sty9ljG6Mj23xadE06WvmFQ8p4hrzRShni0OItQugY8rr4d9lU9PcaKbTtss...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIXEC4b5pNX18Sty9ljG6Mj23xadE06WvmFQ8p4hrzRShni0OItQugY8rr4d9lU9PcaKbTtssgijvO3Xw1jL3759EL3HSdl&google_hm=NDIyNDYxMD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIXEC4b5pNX18Sty9ljG6Mj23xadE06WvmFQ8p4hrzRShni0OItQugY8rr4d9lU9PcaKbTtssgijvO3Xw1jL3759EL3HSdl&google_hm=NDIyNDYxMDcxNTQwODQwNTk1NA%3D%3D
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIXEC4b5pNX18Sty9ljG6Mj23xadE06WvmFQ8p4hrzRShni0OItQugY8rr4d9lU9PcaKbTtssgijvO3Xw1jL3759EL3HSdl&google_hm=NDIyNDYxMDcxNTQwODQwNTk1NA%3D%3D
date
Sat, 09 Oct 2021 11:33:53 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame A16F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOsVeCZfkIpRMfaiSmwmyEA&google_cver=1&google_push=AYg5qPI4IiKkcmsZ_t7OHrcN8pvbKUNiYKBb3uzDf4fTUK7ObaEtVxK0O4bGfaURRO5P81DJRN...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOsVeCZfkIpRMfaiSmwmyEA&google_cver=1&google_push=AYg5qPI4IiKkcmsZ_t7OHrcN8pvbKUNiYKBb3uzDf4fTUK7ObaEtVxK0O4bGfaURRO5P81DJRN...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IeGtxX1hwRTJ1SGVoRy5qNmkyNkxOZ296czlIMlgwTH5B&google_push=AYg5qPI4IiKkcmsZ_t7OHrcN8pvbKUNiYKBb3uzDf4fTUK7ObaEtVxK0O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IeGtxX1hwRTJ1SGVoRy5qNmkyNkxOZ296czlIMlgwTH5B&google_push=AYg5qPI4IiKkcmsZ_t7OHrcN8pvbKUNiYKBb3uzDf4fTUK7ObaEtVxK0O4bGfaURRO5P81DJRNNJEt09U7NDG1YlegeI4k510UE7mw
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 09 Oct 2021 11:33:53 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IeGtxX1hwRTJ1SGVoRy5qNmkyNkxOZ296czlIMlgwTH5B&google_push=AYg5qPI4IiKkcmsZ_t7OHrcN8pvbKUNiYKBb3uzDf4fTUK7ObaEtVxK0O4bGfaURRO5P81DJRNNJEt09U7NDG1YlegeI4k510UE7mw
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame A16F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KIXZF10E-g7Hgqq0G7s6m4lNprexcggtitQ7pA18Z0X0fcnCSwyr23hXD-lkYQXBm9BMT0vA
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
pagead2.googlesyndication.com/bg/ Frame 963D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 21:25:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
137313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13308
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 07 Oct 2022 21:25:20 GMT
stat
stat.meetrics.net/ Frame 4EA2 		82 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.meetrics.net/stat
Requested by
Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.43.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h478.meetrics.de
Software
nginx /
Resource Hash
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 11:33:53 GMT
Cache-Control
private, no-cache, must-revalidate
Last-Modified
Sat, 09 Oct 2021 11:33:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
gettag
s79.research.de.com/bb-mxad/ Frame 4EA2 		0
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s79.research.de.com/bb-mxad/gettag
Requested by
Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.13.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h325.meetrics.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 11:33:53 GMT
Cache-control
private,must-revalidate
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/octet-stream
submit
b187.s79.research.de.com/bb-mx/ Frame 4EA2 		43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b187.s79.research.de.com/bb-mx/submit?/P3z7BeAAA/whFxBo0F0wFz6BvvA33A15AhhFk0B41AimFhiFixBlyBjwB0zAx1A1lEmiF0lEj5BuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFs/Bu9BxBE0pyFo0F0wFz6BvvA33F3uBx1AtpFuuBs0FvBE+k2FoywAyxAtxAwtAw3AtxAz6Az3AtyAywA0zA0tAyuAxyAyuA4tAz0Ax3A3lE5zAKp6Fsp3Fx2AzzA33A5yAzyA4yA2BEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5wAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BwBELlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA22Aw4AwxAxmAzpF0lF91A51Ay3Az5AmwEshFjlF9zAx1Ay5A0yA24AmjEpkF9xA14AzzAw4A3wAmzEp6Fl9B53Aw4Ey1AwmAjiF93A0zAx5A11Ay5AUkzFpBFAAAAAAKP6D6DAPAAAAAAAAAOAAAAGBAAAAAKP6D6DABPXAAAAAAAABSafAZFAAFAx8Ez8ExBEGAxyA42A14Ar0eLAPAAAFAASafT0eLASksF/EbAAAAAAAAAAAAEAAASafAAAAAAAIAy2A2wA4wAxxAJAzxA1yA50Ay2A4BEHA15A1yA3zA5BEHA53Aw4Ey1AwBEJAx1A4zAzwA43AwBEHA53A14Az2A2BEdAAAAAAKPA6DAFAAA0eLAAAiBo0F0wFz6BvvAzwBuyAtkFuuBulF0vBzhFkiF1uFksFlvBx3Az2A54A2xAy1A14Ax4A3wA51A54Av5AtJEXFFtCEh5FvuFrtACpFssFivFhyFktB53Aw4Ey1AwtAChF5vFuvBpuFklF4uBo0FtsFCACCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFK8a8VA
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.195.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h353.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:53 GMT
Server
nginx
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sat, 09 Oct 2021 11:33:52 GMT
data
b187.s79.research.de.com/ Frame 4EA2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b187.s79.research.de.com/data?/P3z7CfAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFIeVNSA
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.195.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h353.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Sat, 09-Oct-21 11:33:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100401&jk=1910339437015335&bg=!DwylDEjNAAbGFvHlxhY7ACkAdvg8WskYJcgxGz9RqGO2shbgkFEpwrVVSDJHJ61XIZrBuqr2a1IcAQIAAAEUUgAAABJoAQcKAIrbMsgDVa26BWoDPPKyjhvMhJisMCZnKf0B0tWydOrgMVn3oTgQ1FPvb0_pA15nMJln8d69rfigFnKRBuxHUNPW3PSnECiPQYmbmaB_dpq2cmj2LJhsHLLTGfDJlQIMYtmJ05paChtknuui7mMoUEOcPdXVdwxv6RwYZ4HFIpAu7UHaZ1k62UnuEm-ZAqr3my2aLRvuingKu6-WYyKIJbw_UnjghDOGiAbhR-RL2J2byV6m0pxho41_h6SwRFGDaxmKqvaQGV82Vt5Hq8CRH57oOIz_RdQ44g3g02h_4Tka4n5o_gfemaDVk6OA-EXvXbfc8CWelYKf5yBXjnDN5MQKNOYWyXKF6OheaZYp7S06WJqnmC1IsFR3SkobiYmlLuGTY5BrQ77QGdQW2YRUDO1ibfcpQd_G_pXhTuKId1i5pnjL1PswVNhvHFoVToWhPNLn8pv_7zoMmB7StttXz7-0-vli6q_UAJy4oEYSYxm34EJ2bTLd_nl-Y5ratbeuaQtoVWN2zClmUgSlRlITQTw8TbtnW9GWJA7KudJE5QQhr71wDNgGThlE2AXh1gVzrW_e2m959DkYX6fXTkolzKBOEVe4QeWj616-nu8MHTpYHBeaTdKXawzFxVYzjN-Ks4cOw7cxgWVZkjMIM8nt1F9OONeLrgTcNk4W4T-ksd2RUjs8rVqcfQJfJA6hg309EIoNOUYBb7ADrXCviTyALlEpwdQesNrs47ljeARzltjdefAMnGErbeosHFcoftWq6uDKvGdyUNCUzNrWEtXsd7_zPkhZjtCn_BamKpnAbYya7bISXHAmClTjXrEkkgp0uLB_gIChXbna9dARIsq7i5rLa2sT0Sf9w26-WcnI-DyFVq6JvKnMy5WcFd0SCvRm2N3MwgypLwYR3lP8QN1H4MBgOpr-CnKKMJN1CgruUVK1WdWrEr98P-XHE2qcsfWJRoq1JOxruT7gxD0FO-a6i4UuHcNBWWExvSkLZG9qqvDHNWZ8J2IAN5uuORIqY342JFzPv7MqZQhDiC3hZJZCqscQSFqvT8vVKhhz-zVtUsZNpAVAgtubFqpBFkcrKmAA3MYLl61bzG4S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 71B9 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100601&jk=69753408999378&bg=!EhGlEVXNAAbGFvHlxhY7ACkAdvg8WkzqYyy78U9k3V0kw7_isyhibiZrNb1QkMlSFdN3796y-h75iwIAAAEYUgAAABNoAQeZAtmClMECjPQpmuck_JUnIu8hriILTke877l5crmbr670hH0XluuBDHiE8nNfS_pfSn8RvC6aDrkwsOxezV6sMBPUH8gurRFFce1ba7xr0rgZkaekTah8xFOzH8t75-iHp_GMLRv3Zf-Z7pB5lHBgTrLy1PdIjL9eKlCd5h2iz9Z4Ds87EuJIOMr64otftIo5d2EAoqzA4y3y4x1IRvcSAzhEabNqLRDzfeepWGzHohfTbNTPNpWfgYa7tz1TpS5hESOstmowQnIk3hsbsk64EzOxYwP1YeXYgqPma87kRD7IW2qeOCcNk0ArIZv1I_aiLmSFmO4umFBCCPdjJNDDlgkPCgB-OZwYsQe9iSvGupScp_V3oKw7s4dzwaM9WE1cQxKnSPqYCqRgTnZNjVm5j527letz1Cu0-RBCTvWwkDN7ZU2z_SEEK2hvQvrodFE2cBtk4OUNXi-B4EhFBhaAdql89rflyf6ZMkvlIoCS4TwdR6mPn8yBYbXpftCLwdvUYKxVbF7PCoiLQGv9C0YaD71wxkJBIWGA0lOg6pLvQGGV67o-rNw97YP5C1MjAJ4I8QDeDcSZu2etsz1-XI4_-pkb8d3bbGdhyXE8gRVPNLe0WsbOgy5vnu6VwaD95p_6gOqP2IleKL_RbyXwGq2URJqlg8CH_ohYPPLC0cJQsPMsmHorIiAMnSxBSd_AJOBcWlwh_RuzMGZFzLuRtcgT2NmBj-AlA1tkc7XOLR2kchopKAdKMdXXgy_XDDM0G_PHWJa1HWAAJ6wJtrAdvIffEL0QBnzTM9VyVueNTAhJpq5xF53c0vodTjjXIAauzzPErKdfRF_T6fS7xlzUNe_8Ho231UIMTJ0Q0NQAyhaQbdjyebmtUON1h4PshjWuv2gzZQ14bHA8eyca4YZZqQ9sCJxeHHWPtM7qfnGiOBnnAiyhG7QHpQ6vA0Z4Q_MQOA-OHuXT87cJVAqKz3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 963D 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7qBbIX5hYa_EC5DK7_UPsIa1yAgAAAAAOAHgBAI&bg=!ammlaS3NAAbGFvHlxhY7ACkAdvg8Wp0jtZwWAROKDq4HAnP0L1gtpMo-ERo9WfXFuJtTR2NLS53I7AIAAAB2UgAAAAloAQeZAxlJEt5XKc5EIxNnBUlUB6taYG5m01n5wNpPeCLpLrOkY0Ldn8LQZknmNLpJvJbEt4Nk7zHpURWoEI2HilsdvrjzBPD6CZqD5t5GrnZcn6woDJl5eEjFo-eFfV8KZOP-Js8fNPtIjHSVXmMR6EwjNakWVcn5GRxaQeIUXj2TG61MGoaS-xhHoO57rTzz_qndWgdqHodXhHkyn1Q1BlFNTcwnVOh-YDihyDavtuqVaoss3vlYNgfSPw2YQai2rQEYJ7rg_p42f0OYJb3BJwrNQZoEsMeDVedicdX61226LE6VEcAtcM0bHgjXakClrpvM644W93O88InjMwCEJWCy0ba8LvmKzOjtQXZCLJDX5OnRsNJiDFUhhyp1Dco8INUtKeeBDP8sNIaoy0AGqSBhaObiMyrw_AtAol4-jTdIfrrGLED1EPsPmFgPkrLoJXcdXHjxR24HdwO_DvD7s8WHqHHpjGYh0a9a8p0IziBFVTzDsaqGMxEpq6oW-aaCmHJgiVSrSpbDeGiepwp9ow1NUnTG3W9-RlmvsjI18OhU8J1l2wv84Bx-6bzo8rOVEbwa211eSmG94sQ5Y4D1z_ghVbZx4CnyLeExgSL3cKcvwohwCWyrJuGG9_d2E_5fh7maZRg15O_21Qnri-bClAY5cDYWhqlCeLrMmYjRU-9rQKv0esO73EkvZSZ_GM-Sq61QdGkQo0DGmohy-6hd2GOc_nBc4PCVuSesTihGP-AJ_hlbE57syib9NSXu6hv3jaS8ffHBNi6csSkQJal4HjuxbSznBpDrYGDTZKZgm1WCQbD1xsMFpZwxmg7mjLzTtTXZpHbf97qk8ND3lbo0iGJBLyT_ygLj6ec9XqZWdJEk-8w3R069B-Sx36jcpCuRm2AP1zCcpv-YB9B5TL3LFb1s7GgKwLVU6vH8fwSQwhppwY0ri5KPqx8r0x3i-mokjYcXuRiJUK_oalZOr4upQHsBBw4vNzVJePF5LDN85q2xI0L3d9c3_BJeYyQcv1cMJR6CXpqmb_liWJVa7zmi5q7Le_Q1Py0npV4Jfni6
Requested by
Host: 7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
URL: https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0136 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Oct 2021 11:33:53 GMT
script.js
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/js/ Frame 0136 		2 KB
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afccfa0460894a3683a53b94ebf6501a327a62d3d711077152af4d5b313436a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237967
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
736
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Oct 2022 17:27:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4EA2 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsufvM5z2SXEpqtpVevAkRVOr_xSDcLaeQ_uodRD5JNwauA_2tEp5Gnj1bQbAQ7znK35iyw_eiaro6WbqWo2ecUfe4RfC1HCQmXddVVord7jK3qqUPU2ibVhsMujTQDFM2ElU41NYJtJjriKc2ij6QxHl8-bGbLSgBcep2XI0sQ5-Bnj11tgReubwuKVrog_W8HUb3G-hauCAM-3c8qcsJ-PbXfrRUB9cvdHf6Bk5lmptbQRTNtDUXD0w-ObDXmxyAr7M42uojO3UWJq51GMtguGdUTjvPNdeLuRTGT73uOy6QOfpR6N0n9q1clZpfM2cUd4sKHC4N4yzV7u-hzPLwiFqQ9NFUGlp6I35A8iHZ5UwNW0LrypK0u3Y2vzVMsC3GyUhvwznJcVhYERyIp5WgtKtH19hhMYSVYIPLiQQBbh0mDmlcEbVwu3dShgQdomPoI3FIfMgv17EOlJzFA3NgAfd8g5N3uxWgF7jXspj-Qq_2vsivbBrCRe1M2eZKW7kWVPrBngrTljOkrFQF4rVVXpdhJRVF1Be-9_IpeCwY3B-x08K2oGh179H8FKa3U6phMTgwhXMqIY2xprs-JItbeKJEpebJRQA4dCmSZEKC23J5FFgxHOTy4GXwmFjksJDyc7NNzorb9EV1969DicFcoqHiSJR3hQtD5XtRNxZAIfPnhzGdSOkC6yHR0iW4JMQ8Id8xzDn0wq-N9KzCHVB-kQ6haIpGZKm-XCPBRBGnDJUyT-58dosheN4zR3gDtpQwPWD7TFqpjdCc1374CM9LfAITZ7YnCU7Yd7FM8GZhDT64AcoVVN5Z-G72CPiNW4aDsexeIXiSKI0wj8NB_o7ZnuBj6poh4FDBjQ0IJQdZl_-b7xBazIK4SqC4VoQoeo89NS0L87gDS_eXzhEe_3n5VJhWWfaj10WK5OKEWnjB7iWUodFvr5OAGF4F3f6F6geq6uWN3pZ8QXWv9YnMDwlwYfayJisxXzZKf9toeI4SlZ7Q1QBRsTJzxjqOw-lyZEtQjHzxKtiLabZ1SEag0pois6FJUqqkiNkmlkZLAfIgPhD0AQ8laWWfqyHMlUYyzQYrxIqOCzJo03aKkv0hqG2G8ZxUHDlUyFclNGFgbCsHz0hen0HtwmF_iJDVpffQliOKsDoWzlwvtmYl1JdftIL8qJyHkZ4Xymrp3_O0RYyuow0q56aDfLmMu1Amxs5x3lgqybacRGqXonDnda4O_EnhO64UjFypXW&sai=AMfl-YSBsbMXQU8wLYPqNY2mTuwjegkIApHlM15-25ESlu-JIGomS6DqkbVNrmz1pUm_S7tYAQ_9qj4yQfeK2ynBTO-938W7kZR3t6CKzgZWl2mM0Ah-9x-KVpIa_M-q_dSXcOV3oQLmafNFGgcrcdaR3LiXExUnLA&sig=Cg0ArKJSzNChos8YW7X_EAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=514&vt=11&dtpt=388&dett=3&cstd=124&cisv=r20211006.54738&adurl=
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 11:33:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
node.php
node.setupad.com/node/ Frame 71B9 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: www.15min.lt
URL: https://www.15min.lt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 09 Oct 2021 11:33:53 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
txt1@2x.png
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/ Frame 0136 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/txt1@2x.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54fdeffe4669100798bd173375098d8276b2271f3fad818e2d68ba1de28959fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:56:26 GMT
x-content-type-options
nosniff
age
409047
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3813
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Oct 2022 17:56:26 GMT
logo.svg
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/ Frame 0136 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 13:00:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 08 Oct 2022 13:00:16 GMT
bg1@2x.jpg
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/ Frame 0136 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/bg1@2x.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e82fad7fc6019bdebac670e3b1fae443a0ea7263e3e495a32fe1b65288625f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 08:45:44 GMT
x-content-type-options
nosniff
age
269289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99485
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Oct 2022 08:45:44 GMT
data
b187.s79.research.de.com/ Frame 4EA2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b187.s79.research.de.com/data?/P3z7DCFAA+rvFpo0F0wFz6BvvA33F3uBx1AtpFuuBs0FgoE00FwzF6vAv3E33FuxA1tEpuFusE0BFLruFCLkqFFlqwFyyAw0Az0AL2vFBLl1FDUkzFuHQTBAAAAAAAYAAAAwBAQAAAyAAyAAXAAAAwBAZ7BAFAx8E18ExBEGAxyA42A14ArY0mAPAAAAAAAAAPY0mAPAAAFAASafTY0mAZBAAFAw8Ez8EwBEGAxyA42A14ArRMPAPAAAFAASafTRMPAPAAAAAAAAAzRMPAZAAAFAw8Ey8EzBEGAxyA42A14ArfeOAPAAAFAASafTfeOAPAAAAAAAAAzfeOAZAAAFAw8Ex8EyBEGAxyA42A14ArehwAPAAAFAASafTehwAPBAAAAAAAAzehwAZAAAFAx8Ex8ExBEGAxyA42A14ArtDOAPAAAFAASafTtDOAPAAAAAAAAAztDOAZAAAFAx8Ey8ExBEGAxyA42A14ArLFDAPAAAFAASafTLFDAZAAAFAx8E18E3BEGAxyA42A14Ar8wBAPAAAFAASafT8wBAZBAAFAx8E18E5BEGAxyA42A14Ar8JVAPAAAFAASafT8JVAPUBAAZAwSAcAAAASksFNQdAAAAAAKPA6DAFAAAY0mAAAQAOPFfTFPVFSDFFfFx2A12Az5ACACCFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAARMPAAAQAOPFfTFPVFSDFFfFx2A12Az5ACACCFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAfeOAAAQAOPFfTFPVFSDFFfFx2A12Az5ACACCFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAehwAAAQAOPFfTFPVFSDFFfFx2A12Az5ACACCFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAAtDOAAAQAOPFfTFPVFSDFFfFx2A12Az5ACACCFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAALFDAAAQAOPFfTFPVFSDFFfFx2A12Az5ACACCFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAA8wBAAAQAOPFfTFPVFSDFFfFx2A12Az5ACACCFAAAAAAAAAAAAAADAEJFWBFdAAAAAAKPA6DAFAAA8JVAAAuEkhF0hF6pEthFnlFvwEunF7iEhzFl2B0sApWFCPFS3FwLEHnFvBFBBFBOFTVFoFFVnFBBFBDFzBFBBFBXFCBFNBFBBFDyFszBpBFBBFBBFCsFCNFWFFVBFBBFErBBjFpXFtaF6XFBBFBBFBuFSTFUsFNBFBwFpkFyCFRBFBBFC1BTVFSCFWCFqUFiaFBCFEzFB3FDBFMoFCvB6vB0jF0FFMWFxtEHoF2UFr2BMBFm5BBCFvuFKYFnPFxxBzyFSWFVzBWqFxvBkGFSjFtuFx2BY1BwYFrxAq4FPrFr3FzwE04E2qFoFFnuFxrBnHFx3E5zFaLFw5ANMFLWF4YEuzB0EEZpFuSFrXFupFICFN5BriEa6FPtF33Fs2FzrAayBo3FqhFz2F0nE0UFVUF2OEwnFHzBarBBOFuhFCTFZvF3zEV3FBBFBBFBFFsGFUrFT1FRtFDDFCACCFAAAAAAAAAAAAAADAEJFWBFQtjFQ1PbYA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.195.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h353.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Sat, 09-Oct-21 11:33:52 GMT
data
b187.s79.research.de.com/ Frame 4EA2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b187.s79.research.de.com/data?/P3z7E3GAALkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2AzzA33A5yAzyA4yA2iE30Az2BpqFv6FnBFlqwFyyAw0Az0ALkmFBTkzFkQWAAAAAAAAYAAAAUAAQAAAAAAAAAXAAAAUAARksFAQtjFRTxQSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.195.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h353.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Sat, 09-Oct-21 11:33:52 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4EA2 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzoGb1gdkvE-BjLSDaXQ26pvni9sZHtX06xIcDIcs2YKNyo3c5nb2ztqePq3F_92M-H0nQpIWeRu-2aNctPSs0a1WNBp4f3gvH65LLTZyPjY034OoyYg&sai=AMfl-YTyYOXBcE9zkojR8p2jIxHPJkwqZ518iSsS8fTFnnWZ-dyg7gK0tCaPyo23LKQ2laNcQRTxfF_YlFuhcIjOzkqxUGN_87SoToKtNuFsEV6pxRVjvoXFYenxWnE&sig=Cg0ArKJSzMJd-iUv3xeiEAE&cid=CAASEuRoXU5mDFp8nkt4BAHeJVVcCg&id=lidar2&mcvt=1000&p=0,0,250,970&asp=-50,0,200,970&mtos=568,568,1000,1000,1000&tos=568,0,432,0,0&v=20211006&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2179972154&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633779232826&rpt=492&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/ Frame 0136 		1 KB
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9433cfd78bfdb749e76a8dc0000f49653100f7d415bb2d17f30153efa956efb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237899
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
400
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Oct 2022 17:28:55 GMT
txt2@2x.png
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/ Frame 0136 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/txt2@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34f56dab2ebdad20dac6cc67ca9e061ff80ee2c06f1f5d755c00713e11824dc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 12:12:00 GMT
x-content-type-options
nosniff
age
516114
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2370
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Oct 2022 12:12:00 GMT
txt3@2x.png
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/ Frame 0136 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/txt3@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9773820b2fc5909f774ae58af812b46ff2475c08e4352823a6398253e3741ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 17:20:51 GMT
x-content-type-options
nosniff
age
238383
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2285
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Oct 2022 17:20:51 GMT
txt4@2x.png
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/ Frame 0136 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/txt4@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9170d7b28657c833dc55233416e6c25a7f53444274d424fadf084f67dd9ff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 13:00:41 GMT
x-content-type-options
nosniff
age
81193
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2146
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 08 Oct 2022 13:00:41 GMT
cta@2x.png
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/ Frame 0136 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/cta@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7633badb955dc3117ae7a61e34119911e94e1c75de48de7a97ce9b3504171939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:52:31 GMT
x-content-type-options
nosniff
age
409283
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1242
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Oct 2022 17:52:31 GMT
logo2.svg
s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/ Frame 0136 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/img/logo2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17369861255818709598/9-IWE-Bayon+-Billboard-970x250-Bayon/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 08:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270146
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 15:28:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 06 Oct 2022 08:31:28 GMT
data
b187.s79.research.de.com/ Frame 4EA2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b187.s79.research.de.com/data?/P3z7F7XAATkzFPPMGAAAAAAAI8wBARksFAQtjFcTRNSA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.195.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h353.meetrics.de
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:54 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-control
no-cache,no-store,must-revalidate
Connection
keep-alive
Expires
Sat, 09-Oct-21 11:33:53 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 71B9 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:24 GMT
server
nginx
etag
W/"615af4d0-1535c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Oct 2021 11:33:55 GMT
syncframe
gum.criteo.com/ Frame 3010 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.15min.lt
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.15min.lt
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2185
set-cookie
uid=6161ffbe-da73-44fc-91be-5533b94ba649; expires=Thu, 03 Nov 2022 11:33:54 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sat, 09 Oct 2021 11:33:54 GMT
content-length
4685
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 71B9 		85 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:24 GMT
server
nginx
etag
W/"615af4d0-1535c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Oct 2021 11:33:55 GMT
sid
mug.criteo.com/ Frame 3010
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=15min.lt&sn=ChromeSyncframe&so=3&topUrl=www.15min.lt&bundle=1wqEb19PU1AyZ0hJRmFwZU9Zd0NUUFdDa3RRdUloOENrWUxwZU0lMkZ4SDZTM0NXc2o5RWkzZ1FLbV...
  • https://mug.criteo.com/sid?cpp=l2-MU3xaZDd6WmJDdnlmRWhWTGcxblQxNUltZVQ3c2kyajBkZWVUeXUrN2VLbHArTm5pUjM3UC9tMFQ2UkNFNHZRWEVad05NbFV5ZDFiMEhSaDJFSUYxZ3VhL094WnVqbGZ2SE56QU5oNFBjSzJQcDhObE5wMlo4RGhmQU...
425 B
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=l2-MU3xaZDd6WmJDdnlmRWhWTGcxblQxNUltZVQ3c2kyajBkZWVUeXUrN2VLbHArTm5pUjM3UC9tMFQ2UkNFNHZRWEVad05NbFV5ZDFiMEhSaDJFSUYxZ3VhL094WnVqbGZ2SE56QU5oNFBjSzJQcDhObE5wMlo4RGhmQUhlUi82elBXM25jZ0N6dlc3cG53ejVyUWhQVlE2Y3pmQ1AyQ1BZSEU4cFk0aUxaNndIYzBFWklBVWcyRWsxLzFtZmxSYjcvamN6dU85Q2tQa0JtNk55U1o1T1N4VnUwRmhvaE9XMnJyZW1pTUJsQU05ZERON25MZk90RU1NNWhka2FyY25vQzlLbktFalZneE5ZaENteVB6LzByOW0wZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
868fd4345585c2e07b619a41b614eb46443621f5513b6775268e6ac9adf347de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 09 Oct 2021 11:33:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2318
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=l2-MU3xaZDd6WmJDdnlmRWhWTGcxblQxNUltZVQ3c2kyajBkZWVUeXUrN2VLbHArTm5pUjM3UC9tMFQ2UkNFNHZRWEVad05NbFV5ZDFiMEhSaDJFSUYxZ3VhL094WnVqbGZ2SE56QU5oNFBjSzJQcDhObE5wMlo4RGhmQUhlUi82elBXM25jZ0N6dlc3cG53ejVyUWhQVlE2Y3pmQ1AyQ1BZSEU4cFk0aUxaNndIYzBFWklBVWcyRWsxLzFtZmxSYjcvamN6dU85Q2tQa0JtNk55U1o1T1N4VnUwRmhvaE9XMnJyZW1pTUJsQU05ZERON25MZk90RU1NNWhka2FyY25vQzlLbktFalZneE5ZaENteVB6LzByOW0wZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1946
content-length
541
expires
0
index.html
cdn.districtm.io/ids/ Frame 3B30 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
69b74bfddc894d84-FRA
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8CC0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=80908
expires
Sun, 10 Oct 2021 10:02:23 GMT
date
Sat, 09 Oct 2021 11:33:55 GMT
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 959D 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.15min.lt/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

Date
Sat, 09 Oct 2021 11:33:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
Dt294QpawtNR10fmt04i/E9z//OMSi9w/VEk3jrbZgYkkUJUkpy+PD6nufgStLb0aV63ozhzeoQ=
x-amz-request-id
HWSTNQVGK70Z6EFW
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
1351
Expires
Sat, 09 Oct 2021 11:34:55 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
69b74bfe0b344309-FRA
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame 850F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.15min.lt/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIxeIyEAoYASABKAEwoPyFiwY4AUABSAEQoPyFiwYYAA..; uuid2=3745472460984971110; anj=dTM7k!M41.D>6NRF']wIg2E?e</#mb!@wnfH8K6pQK`!5=E<*L5?%KFjER[jYZ/Fn[5dn.lg>25Z)M@K>ln:Wjt!ETP(hw9P-HC_#tuVL*)orC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 09 Oct 2021 11:34:15 GMT
Age
23092
X-Served-By
cache-lga21975-LGA, cache-fra19170-FRA
X-Cache
HIT, HIT
X-Cache-Hits
228128, 186808
X-Timer
S1633779256.511911,VS0,VE0
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 1F5E 		27 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
bh.contextweb.com
:scheme
https
:path
/visitormatch
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.15min.lt/
accept-encoding
gzip, deflate, br
cookie
vf=1; V=Kc3NvuVwLz0S; wf=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-69cc595ff7-thhj2
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
de-DE
content-type
text/html;charset=iso-8859-1
set-cookie
V=;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 09-Oct-2021 11:33:55 GMT;Max-Age=0;SameSite=None INGRESSCOOKIE=988e7fbe3de9fb4d; path=/; HttpOnly; Secure; SameSite=None
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ixmatch.html
js-sec.indexww.com/um/ Frame 50C3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.15min.lt/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sat, 09 Oct 2021 11:33:55 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 4316 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.15min.lt/
Accept-Encoding
gzip, deflate, br
Cookie
khaos=KUJPYZMK-O-FB91; rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5P2njRaqUZL6IgI/FKQautD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZuHCx0jzGqpEKRWU66THvScWV7/AA==; audit=1|hLZGFuTafB2tNcZLMZeKJa3T44WD0xC8rrUfOpRTiXEqxomP/o7qYmvJC0EQPKfrZtKa4PLIUHcUxrelmXm7PdO5/PBqRvSN/R7Fz5/Qhm0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.15min.lt/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Oct 2021 11:33:55 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 4316 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 11:33:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=50514
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sun, 10 Oct 2021 01:35:49 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 7EF2 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aa871171fcf2285e88164575ecc11c047087f49910b489dc11dfb04aea61d506

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YWF.Ie-aGXKMorcZOgHdeQAA; CMPS=5206; CMPRO=1133; CMST=YWF+IWFhfiEA; CMRUM3=2d61617e212760CAESELJ7BfMqfNSN0P5smlSJbXI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|39|46|191|47|195|4
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1673
Expires
Sat, 09 Oct 2021 11:33:55 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:55 GMT
Connection
keep-alive
Set-Cookie
CMID=YWF.Ie-aGXKMorcZOgHdeQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 09 Oct 2022 11:33:55 GMT CMPS=5206;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 07 Jan 2022 11:33:55 GMT CMPRO=1133;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 07 Jan 2022 11:33:55 GMT CMRUM3=2761617e230b40&2e61617e2305a0&f161617e2305a0&2f61617e2305a0&bf61617e2305a0&c361617e2305a00&e661617e232760&0461617e2305a0&2d61617e212760CAESELJ7BfMqfNSN0P5smlSJbXI;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 09 Oct 2022 11:33:55 GMT CMST=YWF+IWFhfiMA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Oct 2021 11:33:55 GMT
async_usersync
ib.adnxs.com/ Frame 850F 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:55 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
e397a51e-3cf8-41de-98d1-9af6c4ae5045
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8CC0 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75990654&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
49a92a1a19cdedffadc388fdfba7ac3d71f95903a61d151764d15d2075fab71a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame 7EF2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWF-Ie_aGXKMorcZOgHdeQAABG0AAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWF-Ie_aGXKMorcZOgHdeQAABG0AAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWF-Ie_aGXKMorcZOgHdeQAABG0AAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.154.242 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:56 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TS39YXADSX5850BHFN1K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:56 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YBEEYSP4H2X70SWDR3DE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YWF-Ie_aGXKMorcZOgHdeQAABG0AAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7EF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YWF-Ie_aGXKMorcZOgHdeQAABG0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHyhIVEeurnjaVfijc-WMW4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHyhIVEeurnjaVfijc-WMW4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 09 Oct 2021 11:33:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHyhIVEeurnjaVfijc-WMW4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7EF2 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame 7EF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
index
dmp.brand-display.com/cm/api/ Frame 7EF2 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 -, , ASN (),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:56 GMT
via
1.1 google
last-modified
Sat, 09 Oct 2021 11:33:56 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Sat, 09 Oct 2021 11:33:57 GMT
crum
dsum-sec.casalemedia.com/ Frame 7EF2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YgziN1EY1MzaBZ5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YgziN1EY1MzaBZ5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 09 Oct 2021 11:33:55 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:54 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-0c2251bd6b5eb8816@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YgziN1EY1MzaBZ5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7EF2
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-39057dcc-a99f-48e2-8493-2c99c7e1052b
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-39057dcc-a99f-48e2-8493-2c99c7e1052b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 09 Oct 2021 11:33:56 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-39057dcc-a99f-48e2-8493-2c99c7e1052b
date
Sat, 09 Oct 2021 11:33:56 GMT
server
Apache-Coyote/1.1
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 7EF2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7188744322431514683
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7188744322431514683
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 09 Oct 2021 11:33:55 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7188744322431514683
pragma
no-cache
date
Sat, 09 Oct 2021 11:33:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 7EF2 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YWF.Ie-aGXKMorcZOgHdeQAA%261133
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.15min.lt/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 11:33:55 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1792
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 09 Oct 2021 12:03:47 GMT
match
c1.adform.net/serving/cookie/ Frame 2E30
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=1693860114608556328; expires=Wed, 08 Dec 2021 11:33:55 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sat, 09 Oct 2021 11:33:55 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Tue, 09 Nov 2021 11:33:55 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame D904
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5174310226411430601
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5174310226411430601
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5174310226411430601
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=85C440C3-1C9D-43A6-9787-B36D3C8C8E62; chkChromeAb67Sec=1; DPSync3=1633824000%3A174%7C1634947200%3A197_219_201; SyncRTB3=1634342400%3A223_2_15%7C1635033600%3A35%7C1636329600%3A203%7C1634947200%3A8_81_13_54_189_7_231_220_56_99_88_230_222_22_204_71_234_55_176_21_3_166_165_161%7C1634601600%3A63; KRTBCOOKIE_391=22924-6032031246190383492&KRTB&23263-6032031246190383492; PUBMDCID=3; SPugT=1633779234; KRTBCOOKIE_1101=23040-7017028374625974412; KRTBCOOKIE_27=16735-uid:dc8c6161-7e23-4a00-81b0-87526ed7606d&KRTB&16736-uid:dc8c6161-7e23-4a00-81b0-87526ed7606d&KRTB&23019-uid:dc8c6161-7e23-4a00-81b0-87526ed7606d&KRTB&23114-uid:dc8c6161-7e23-4a00-81b0-87526ed7606d; KRTBCOOKIE_153=19420-KapnUCj-Y1Iy-mIEff18BSyqYFcyqWhXKa_cDudG&KRTB&22979-KapnUCj-Y1Iy-mIEff18BSyqYFcyqWhXKa_cDudG; PugT=1633779235; KRTBCOOKIE_80=22987-CAESEAJOaAJ-F8mJuKarGkYKvlI&KRTB&16514-CAESEAJOaAJ-F8mJuKarGkYKvlI&KRTB&23025-CAESEAJOaAJ-F8mJuKarGkYKvlI; KRTBCOOKIE_57=22776-3745472460984971110; KRTBCOOKIE_409=22966-Say9xEiX8SDelQBLPj0PXniV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-5174310226411430601; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 08-Nov-2021 11:33:55 GMT; path=/ PugT=1633779235; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 08-Nov-2021 11:33:55 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-Jan-2022 11:33:55 GMT; path=/
x-lat
lhrpug020:0:391
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5174310226411430601
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 5313
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=85C440C3-1C9D-43A6-9787-B36D3C8C8E62; chkChromeAb67Sec=1; DPSync3=1633824000%3A174%7C1634947200%3A197_219_201; SyncRTB3=1634342400%3A223_2_15%7C1635033600%3A35%7C1636329600%3A203%7C1634947200%3A8_81_13_54_189_7_231_220_56_99_88_230_222_22_204_71_234_55_176_21_3_166_165_161%7C1634601600%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 09 Oct 2021 11:33:54 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-Jan-2022 11:33:54 GMT; path=/
x-lat
amspug015:0:608
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Sat, 09 Oct 2021 11:33:55 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Sat, 09 Oct 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1519546
Pug
simage2.pubmatic.com/AdServer/ Frame 3168
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7017028374625974412
42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7017028374625974412
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7017028374625974412
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=85C440C3-1C9D-43A6-9787-B36D3C8C8E62; chkChromeAb67Sec=1; DPSync3=1633824000%3A174%7C1634947200%3A197_219_201; SyncRTB3=1634342400%3A223_2_15%7C1635033600%3A35%7C1636329600%3A203%7C1634947200%3A8_81_13_54_189_7_231_220_56_99_88_230_222_22_204_71_234_55_176_21_3_166_165_161%7C1634601600%3A63; KRTBCOOKIE_391=22924-6032031246190383492&KRTB&23263-6032031246190383492; PugT=1633779234; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7017028374625974412; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 08-Nov-2021 11:33:55 GMT; path=/ PugT=1633779235; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 08-Nov-2021 11:33:55 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-Jan-2022 11:33:55 GMT; path=/
x-lat
amspug007:0:399
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 09 Oct 2021 11:33:55 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7017028374625974412; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7017028374625974412
redir
rtb-csync.smartadserver.com/ Frame 8DA9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFUDIwN0N3dndBQUJQMFpyNEdBUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEP207CwvwAABP0Zr4GAQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEP207CwvwAABP0Zr4GAQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEP207CwvwAABP0Zr4GAQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEP207CwvwAABP0Zr4GAQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Cookie
pid=4224610715408405954
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Sat, 09 Oct 2021 11:33:56 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEP207CwvwAABP0Zr4GAQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 6A1C
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=85C440C3-1C9D-43A6-9787-B36D3C8C8E62; chkChromeAb67Sec=1; DPSync3=1633824000%3A174%7C1634947200%3A197_219_201; SyncRTB3=1634342400%3A223_2_15%7C1635033600%3A35%7C1636329600%3A203%7C1634947200%3A8_81_13_54_189_7_231_220_56_99_88_230_222_22_204_71_234_55_176_21_3_166_165_161%7C1634601600%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
text/html; charset=utf-8
x-lat
amspug012:2:312
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=c827af85-2516-4fa1-833c-b4ad7ba531bd; path=/; domain=csync.loopme.me; Expires=Tue, 09-Nov-2021 11:33:55 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Sat, 09 Oct 2021 11:33:55 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 9CE1
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8191723921
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8191723921
  • https://sync.1rx.io/usersync/tradedesk/31ed125d-629e-4e3c-82b5-54fa1dcbdd3a
  • https://sync.targeting.unrulymedia.com/csync/RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003
42 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=85C440C3-1C9D-43A6-9787-B36D3C8C8E62; chkChromeAb67Sec=1; DPSync3=1633824000%3A174%7C1634947200%3A197_219_201; SyncRTB3=1634342400%3A223_2_15%7C1635033600%3A35%7C1636329600%3A203%7C1634947200%3A8_81_13_54_189_7_231_220_56_99_88_230_222_22_204_71_234_55_176_21_3_166_165_161%7C1634601600%3A63; KRTBCOOKIE_391=22924-6032031246190383492&KRTB&23263-6032031246190383492; PUBMDCID=3; SPugT=1633779234; KRTBCOOKIE_1101=23040-7017028374625974412; KRTBCOOKIE_27=16735-uid:dc8c6161-7e23-4a00-81b0-87526ed7606d&KRTB&16736-uid:dc8c6161-7e23-4a00-81b0-87526ed7606d&KRTB&23019-uid:dc8c6161-7e23-4a00-81b0-87526ed7606d&KRTB&23114-uid:dc8c6161-7e23-4a00-81b0-87526ed7606d; KRTBCOOKIE_153=19420-KapnUCj-Y1Iy-mIEff18BSyqYFcyqWhXKa_cDudG&KRTB&22979-KapnUCj-Y1Iy-mIEff18BSyqYFcyqWhXKa_cDudG; KRTBCOOKIE_80=22987-CAESEAJOaAJ-F8mJuKarGkYKvlI&KRTB&16514-CAESEAJOaAJ-F8mJuKarGkYKvlI&KRTB&23025-CAESEAJOaAJ-F8mJuKarGkYKvlI; KRTBCOOKIE_57=22776-3745472460984971110; KRTBCOOKIE_409=22966-Say9xEiX8SDelQBLPj0PXniV; KRTBCOOKIE_377=6810-31ed125d-629e-4e3c-82b5-54fa1dcbdd3a&KRTB&22918-31ed125d-629e-4e3c-82b5-54fa1dcbdd3a&KRTB&23031-31ed125d-629e-4e3c-82b5-54fa1dcbdd3a; KRTBCOOKIE_336=5844-5174310226411430601; KRTBCOOKIE_22=14911-7188744322431514683; KRTBCOOKIE_466=16530-9eb3d50b-93dc-449d-a6da-752904c4bf86; PugT=1633779234; KRTBCOOKIE_218=22978-YWF_IwAAAlALRwA6&KRTB&23194-YWF_IwAAAlALRwA6&KRTB&23209-YWF_IwAAAlALRwA6&KRTB&23244-YWF_IwAAAlALRwA6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 09 Oct 2021 11:33:53 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003&KRTB&17107-RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-Jan-2022 11:33:53 GMT; path=/ PugT=1633779233; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 08-Nov-2021 11:33:53 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-Jan-2022 11:33:53 GMT; path=/
x-lat
amspug010:0:383
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003%22%7D; path=/; expires=Sun, 09 Oct 2022 11:33:55 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003
etag
RX710974c7bf984cc3968899bf3cafc3fb003
Pug
image2.pubmatic.com/AdServer/ Frame 8D18
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Say9xEiX8SDelQBLPj0PXniV
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Say9xEiX8SDelQBLPj0PXniV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Say9xEiX8SDelQBLPj0PXniV
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=85C440C3-1C9D-43A6-9787-B36D3C8C8E62; chkChromeAb67Sec=1; DPSync3=1633824000%3A174%7C1634947200%3A197_219_201; SyncRTB3=1634342400%3A223_2_15%7C1635033600%3A35%7C1636329600%3A203%7C1634947200%3A8_81_13_54_189_7_231_220_56_99_88_230_222_22_204_71_234_55_176_21_3_166_165_161%7C1634601600%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-Say9xEiX8SDelQBLPj0PXniV; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 08-Nov-2021 11:33:55 GMT; path=/ PugT=1633779235; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 08-Nov-2021 11:33:55 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-Jan-2022 11:33:55 GMT; path=/
x-lat
lhrpug008:0:955
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sat, 09 Oct 2021 11:33:55 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=Say9xEiX8SDelQBLPj0PXniV; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Say9xEiX8SDelQBLPj0PXniV
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 998C 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69b74bfecc942bc6-FRA
bridge
cm.adgrx.com/ Frame CA9C 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 09 Oct 2021 11:33:55 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 3232
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=acnoeUr2PKsFuYnTXt6jwlmVe71HmDHtPZcAiGhcH
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 09 Oct 2021 11:33:56 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aonsIHq0I1e9yNy6Qwm3Vx9dnUUP9aZatxWGaYXnTKuL9Zd7SWOr1t2Ws2KHHPZb4NYZbLb5cZdBsADJaBKTdUTnRVd67; path=/; domain=.tribalfusion.com; expires=Fri, 07-Jan-2022 11:33:56 GMT; SameSite=None; Secure; ANON_ID_old=aonsIHq0I1e9yNy6Qwm3Vx9dnUUP9aZatxWGaYXnTKuL9Zd7SWOr1t2Ws2KHHPZb4NYZbLb5cZdBsADJaBKTdUTnRVd67; path=/; domain=.tribalfusion.com; expires=Fri, 07-Jan-2022 11:33:56 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69b74c00efae5c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
20747
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=acnoeUr2PKsFuYnTXt6jwlmVe71HmDHtPZcAiGhcH; path=/; domain=.tribalfusion.com; expires=Fri, 07-Jan-2022 11:33:55 GMT; SameSite=None; Secure; ANON_ID_old=acnoeUr2PKsFuYnTXt6jwlmVe71HmDHtPZcAiGhcH; path=/; domain=.tribalfusion.com; expires=Fri, 07-Jan-2022 11:33:55 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69b74bfeda265c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 1323
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93b62758-3e71-417d-bafb-c9b71462bcd3-tuct85b03a3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93b62758-3e71-417d-bafb-c9b71462bcd3-tuct85b03a3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93b62758-3e71-417d-bafb-c9b71462bcd3-tuct85b03a3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=93b62758-3e71-417d-bafb-c9b71462bcd3-tuct85b03a3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sat, 09 Oct 2021 11:34:15 GMT
via
1.1 varnish
x-served-by
cache-fra19170-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1633779256.700051,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=93b62758-3e71-417d-bafb-c9b71462bcd3-tuct85b03a3;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 09-Oct-2022 11:33:55 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93b62758-3e71-417d-bafb-c9b71462bcd3-tuct85b03a3&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sat, 09 Oct 2021 11:33:55 GMT
via
1.1 varnish
x-served-by
cache-fra19172-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1633779236.652158,VS0,VE9
x-vcl-time-ms
9
content-length
0
141
match.deepintent.com/usersync/ Frame 2628 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sat, 09 Oct 2021 11:33:55 GMT
server
a
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8CC0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hcRAwxydQ6aXh7NtPIyOYg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=70962
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 10 Oct 2021 07:16:37 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=85cb6161-7e23-4100-b163-94274e3a9ad3
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=85cb6161-7e23-4100-b163-94274e3a9ad3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 09 Oct 2021 11:33:55 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x13 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=85cb6161-7e23-4100-b163-94274e3a9ad3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 09 Oct 2021 11:33:54 GMT
/
pixel.onaudience.com/ Frame 8CC0
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=85C440C3-1C9D-43A6-9787-B36D3C8C8E62
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=21ed5842690bdf825299543c5b978cdf
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=21ed5842690bdf825299543c5b978cdf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-2.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sat, 09 Oct 2021 11:33:55 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=21ed5842690bdf825299543c5b978cdf
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODVDNDQwQzMtMUM5RC00M0E2LTk3ODctQjM2RDNDOEM4RTYy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:340
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAJOaAJ-F8mJuKarGkYKvlI&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAJOaAJ-F8mJuKarGkYKvlI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:418
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAJOaAJ-F8mJuKarGkYKvlI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 8CC0 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 08 Oct 2021 11:33:55 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=31ed125d-629e-4e3c-82b5-54fa1dcbdd3a
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=31ed125d-629e-4e3c-82b5-54fa1dcbdd3a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:589
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=31ed125d-629e-4e3c-82b5-54fa1dcbdd3a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6032031246190383492
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6032031246190383492
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:392
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6032031246190383492
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:dc8c6161-7e23-4a00-81b0-87526ed7606d&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:dc8c6161-7e23-4a00-81b0-87526ed7606d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:54 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:592
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 09 Oct 2021 11:33:55 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:dc8c6161-7e23-4a00-81b0-87526ed7606d&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 09 Oct 2021 11:33:54 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3745472460984971110&gdpr=0&gdpr_consent=
42 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3745472460984971110&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:533
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:55 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
052459e2-f7cb-4838-bd80-af98fc12b48a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3745472460984971110&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KapnUCj-Y1Iy-mIEff18BSyqYFcyqWhXKa_cDudG
42 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KapnUCj-Y1Iy-mIEff18BSyqYFcyqWhXKa_cDudG
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:461
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KapnUCj-Y1Iy-mIEff18BSyqYFcyqWhXKa_cDudG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4gbcKylE2uV7fB4xVNXuXbVpfAEZMhc-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4gbcKylE2uV7fB4xVNXuXbVpfAEZMhc-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 09 Oct 2021 11:33:55 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4gbcKylE2uV7fB4xVNXuXbVpfAEZMhc-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
85C440C3-1C9D-43A6-9787-B36D3C8C8E62
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8CC0 		43 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/85C440C3-1C9D-43A6-9787-B36D3C8C8E62?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=5863ebe4-effc-44ad-9eeb-d4ffdcccaaab&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9eb3d50b-93dc-449d-a6da-752904c4bf86&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9eb3d50b-93dc-449d-a6da-752904c4bf86&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:54 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:428
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=9eb3d50b-93dc-449d-a6da-752904c4bf86&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 09 Oct 2021 11:33:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWF_IwAAAlALRwA6&gdpr=0&gdpr_consent=&_test=YWF_IwAAAlALRwA6
1 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWF_IwAAAlALRwA6&gdpr=0&gdpr_consent=&_test=YWF_IwAAAlALRwA6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:54 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:402
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1633779236.858075,VS0,VE0
x-served-by
cache-fra19183-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YWF_IwAAAlALRwA6&gdpr=0&gdpr_consent=&_test=YWF_IwAAAlALRwA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 8CC0 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=85C440C3-1C9D-43A6-9787-B36D3C8C8E62&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:56 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:481
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7188744322431514683&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7188744322431514683&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:465
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7188744322431514683&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 8CC0 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8CC0
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3745472460984971110
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3745472460984971110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 11:33:54 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:526
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 11:33:55 GMT
X-Proxy-Origin
168.119.25.194; 168.119.25.194; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9bacc995-6b97-42c2-bb67-ff361ee88da5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3745472460984971110
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 8CC0 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.175.241 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 11:33:55 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
PageStatEntry
lisslpagestat.panel.kantartns.lt/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lisslpagestat.panel.kantartns.lt/pagestat/PageStatEntry?cookie=4D5886B6594E47DA856584E37054D328&time=1633779235967&location=https%3A%2F%2Fwww.15min.lt%2F&referrer=&is_flash=0&session_id=628310589&version=3.5.327_lt/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param5=6&vt=d
Requested by
Host: lisource.panel.kantartns.lt
URL: https://lisource.panel.kantartns.lt/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.62.138.182 Kaunas, Lithuania, ASN15440 (BALTNETA Customers AS, LT),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://www.15min.lt/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Oct 2021 11:33:55 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster string| BASE string| MBASE object| dataLayer object| _gaq string| GoogleAnalyticsObject function| ga string| __15min_base_url string| __route string| __cosite boolean| __is_mobile_page boolean| __is_mobile_app boolean| __is_tablet string| __mobile_app_name string| __device boolean| __theme_dark object| __minconfig string| __lang number| _sf_startpt boolean| page_refresh_on string| GOOGLE_CLIENT_ID boolean| __homepage string| __img_quality object| lazySizesConfig function| setCookieObjectValue function| getCookieObjectValue function| setCookie function| getCookie function| extend function| getParameterByName function| inView function| gaEvent function| gaTagEvent function| getUserInfo function| bytesToString function| secondsToString function| popupWindow object| utils object| __15min_user undefined| cookie_user function| showLoadingOverlay function| hideLoadingOverlay function| nextPrev function| openPopup function| linkToClipboard function| noriu_buti_zalias function| animateLogos function| hitGemius object| reCaptcha object| Id15min object| UserBookmark function| stickyHeight function| stickLastWidget object| _stikcyAds function| unStickAds boolean| news_tmp_script_loaded object| header function| showActiveDialog function| updateUserMenu string| feedback_cosite function| newFeedbackForm function| submitFeedbackForm function| removeButton function| $ function| jQuery object| stick object| lazySizes function| bookmark function| removeBookmark function| removeAllBookmark function| checkBookmarked function| listAfterArticleCallback function| htmlParser function| postscribe object| toastr function| initWidth function| TopMenu string| ROUTE string| CURR_URL object| Polls object| EmbedRecipe object| googletag object| dfp_config object| dfp_targeting object| dfp_slots string| pp_gemius_identifier function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| top_menu object| sticky_menu object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| ggeac object| google_js_reporting_queue number| tns_already object| tnscm_adn string| currentProtocol object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| google_optimize function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| dfpRefreshInitial object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| heatmap function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm object| cm_events function| CrossDomainStorage boolean| is_article string| ajax_list_url function| showGdprForm function| saveGdprSettings function| getGdprSettings object| _sf_async_config function| chartbeat string| axel number| a function| fbq function| _fbq function| OneSignal object| firebase object| firebaseConfig object| perf function| gtag object| gdpr object| regeneratorRuntime object| JSON3 object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| __wpcc number| __oneSignalSdkLoadCount function| __jp0 boolean| inDapIF boolean| inGptIF object| dicnf number| google_srt object| viewReq function| vu object| ampInaboxIframes object| ampInaboxPendingMessages object| _aoConsentBuffer object| aomini undefined| _ado_elem object| d function| stpdSPI number| stpdSF object| stpdW string| filterSettings string| pbkumepkpmwftrkkhlqpsstcoo object| uskumepkpmwftrkkhlqpsstcoo function| _AO_sendHits number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| ADAGIO object| _ADAGIO object| GoogleGcLKhOms object| google_image_requests

72 Cookies

Domain/Path Name / Value
.15min.lt/ Name: _gid
Value: GA1.2.1669294577.1633779231
.15min.lt/ Name: _dc_gtm_UA-5421911-1
Value: 1
.15min.lt/ Name: __gfp_64b
Value: 3hEbwBfXm0ztUqG7R8kh9zKa1Z5uwwI5PvOtLytxsTf.F7|1633779230
.15min.lt/ Name: _gat
Value: 1
.15min.lt/ Name: _fbp
Value: fb.1.1633779231144.1232750554
www.15min.lt/ Name: _cb_ls
Value: 1
www.15min.lt/ Name: _cb
Value: BIsErFCiXEIwGzzQz
www.15min.lt/ Name: _chartbeat2
Value: .1633779231186.1633779231186.1.DNxH0kDEI4Eob57zcD8RM8kjP9l2.1
www.15min.lt/ Name: _cb_svref
Value: null
.15min.lt/ Name: _ga_VQSG19L01Y
Value: GS1.1.1633779231.1.0.1633779231.0
.15min.lt/ Name: _ga
Value: GA1.1.1916161465.1633779231
.doubleclick.net/ Name: IDE
Value: AHWqTUleEFWjKHARumr_HUUdKaUpP1TMGaotz_0IX16ttTpvKnlAE6W-MGgENCqiZ9I
.15min.lt/ Name: __gads
Value: ID=46dc88cd5430122a:T=1633779231:S=ALNI_MaE1xcKoIjaI4HrCrxiw2aB2gq2AA
.lv.adocean.pl/ Name: GAD
Value: KlSbrMGGQMGGjEeAp-YsHflissGMXP8cXRySssX6xssGvaGpI7EPojJ5L1BGFCaG6x8iXD3nG7GKUXuxGiQPLs2rP4SGg3ZxAlcHnM78XiSeG8Ma6Gy8GAqG
www.15min.lt/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.15min.lt/ Name: _pubcid
Value: 924ab9e1-ab4a-4ab1-8f09-71377fc9e9d2
.hit.gemius.pl/ Name: Gdyn
Value: KlGd4RMGQMQGtPFcGCxsHflissGMs1siL6nxmG8ff1hWljrxssWcqXLPbmjSssX2nsGfGnZ_HQ2xuSlsxcSKswCt07l8MG..
www.15min.lt/ Name: cto_bidid
Value: jaFgl19JOXRSazclMkJnajRXTzRydVNDVTQ3UXZsZTgyRVlXMWZ6dTVqNTNKSkl5S0JUOHYzRlpVQnhBNGpCWkd1UHVyd3dGdVRtaDR0RTE0UndWWkZjdTYzSGZ3JTNEJTNE
www.15min.lt/ Name: cto_bundle
Value: 1wqEb19PU1AyZ0hJRmFwZU9Zd0NUUFdDa3RRdUloOENrWUxwZU0lMkZ4SDZTM0NXc2o5RWkzZ1FLbVZOR1JxOG5BT245TVN1NkxBVWZGZmdvS1RnaTRSYk13REJ2d0pyaWtyYm5KYm1IRHVZVzJldncyVWhMdWM5eVBham9MY3BwS281cmJB
.rubiconproject.com/ Name: khaos
Value: KUJPYZMK-O-FB91
.rubiconproject.com/ Name: rsid
Value: 1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5P2njRaqUZL6IgI/FKQautD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZuHCx0jzGqpEKRWU66THvScWV7/AA==
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2tNcZLMZeKJa3T44WD0xC8rrUfOpRTiXEqxomP/o7qYmvJC0EQPKfrZtKa4PLIUHcUxrelmXm7PdO5/PBqRvSN/R7Fz5/Qhm0=
.adnxs.com/ Name: icu
Value: ChgIxeIyEAoYASABKAEwoPyFiwY4AUABSAEQoPyFiwYYAA..
.adnxs.com/ Name: uuid2
Value: 3745472460984971110
.contextweb.com/ Name: vf
Value: 1
.contextweb.com/ Name: V
Value: Kc3NvuVwLz0S
.contextweb.com/ Name: wf
Value: 0
.casalemedia.com/ Name: CMID
Value: YWF.Ie-aGXKMorcZOgHdeQAA
.casalemedia.com/ Name: CMPS
Value: 5206
.casalemedia.com/ Name: CMPRO
Value: 1133
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?e</#mb!@wnfH8K6pQK`!5=E<*L5?%KFjER[jYZ/Fn[5dn.lg>25Z)M@K>ln:Wjt!ETP(hw9P-HC_#tuVL*)orC
.adfarm1.adition.com/ Name: UserID1
Value: 7017028374625974412
.yahoo.com/ Name: A3
Value: d=AQABBCF-YWECENGdZ_DHXljE_iWstAouZcEFEgEBAQHPYmFrYQAAAAAA_eMAAA&S=AQAAAqy4Ate8h-EXe9UYSWM4nF0
.simpli.fi/ Name: suid
Value: B292A8ECC7C746E2AA6F09134E13980A
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2298BBF37E-10D6-4597-9133-78B3F5560B29%22%7D
.smartadserver.com/ Name: pid
Value: 4224610715408405954
.c.appier.net/ Name: _auid
Value: nrCyxlH4AIqLky-mIn5hYQ
.c.appier.net/ Name: _gu
Value: CAESEI-Sfhk1iwFmT3Nkku_JIVs
.criteo.com/ Name: uid
Value: 6161ffbe-da73-44fc-91be-5533b94ba649
.15min.lt/ Name: cto_bundle
Value: UmKwkl9PU1AyZ0hJRmFwZU9Zd0NUUFdDa3RSY1Z6cDdFMWRWJTJGWWNXVW1Fb0ZmNURkWjNJdHVOTGowOWl4dmt5bDhpc1NZb3dXNmRUMXk3UjVtaFpCbTV5MU5YMUZDMUdyZHJQTnRIdXVuJTJGQjZoZzkzTkUwc28zbGtDdW05Q2hEdldOOCUyRkdTWGp1TEY3TkZDVDA3UkhlZU9SQXclM0QlM0Q
.www.15min.lt/ Name: cto_bundle
Value: UmKwkl9PU1AyZ0hJRmFwZU9Zd0NUUFdDa3RSY1Z6cDdFMWRWJTJGWWNXVW1Fb0ZmNURkWjNJdHVOTGowOWl4dmt5bDhpc1NZb3dXNmRUMXk3UjVtaFpCbTV5MU5YMUZDMUdyZHJQTnRIdXVuJTJGQjZoZzkzTkUwc28zbGtDdW05Q2hEdldOOCUyRkdTWGp1TEY3TkZDVDA3UkhlZU9SQXclM0QlM0Q
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMST
Value: YWF+IWFhfiMA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 85C440C3-1C9D-43A6-9787-B36D3C8C8E62
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1633824000%3A174%7C1634947200%3A197_219_201
.pubmatic.com/ Name: SyncRTB3
Value: 1634342400%3A223_2_15%7C1635033600%3A35%7C1636329600%3A203%7C1634947200%3A8_81_13_54_189_7_231_220_56_99_88_230_222_22_204_71_234_55_176_21_3_166_165_161%7C1634601600%3A63
.w55c.net/ Name: wfivefivec
Value: YgziN1EY1MzaBZ5
.w55c.net/ Name: matchcasale
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~20uz:18z8~20uz"
.taboola.com/ Name: t_gid
Value: 93b62758-3e71-417d-bafb-c9b71462bcd3-tuct85b03a3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-710974c7-bf98-4cc3-9688-99bf3cafc3fb-003%22%2C%22zdxidn%22%3A%221508%22%7D
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: 9eb3d50b-93dc-449d-a6da-752904c4bf86
.bidswitch.net/ Name: c
Value: 1633779235
.bidswitch.net/ Name: tuuid_lu
Value: 1633779235
.erne.co/ Name: u
Value: Say9xEiX8SDelQBLPj0PXniV
.quantserve.com/ Name: d
Value: ENwBCwG4JPijAA
.quantserve.com/ Name: mc
Value: 61617e23-a3ebf-d3116-29664
.turn.com/ Name: uid
Value: 7188744322431514683
.onaudience.com/ Name: cookie
Value: 29e363191fe58474
.onaudience.com/ Name: done_redirects161
Value: 1
.adform.net/ Name: uid
Value: 6032031246190383492
.casalemedia.com/ Name: CMRUM3
Value: 2761617e230b40&bf61617e2305a0&f161617e2305a0&2e61617e2305a0&2f61617e232760YgziN1EY1MzaBZ5&c361617e2305a00&0461617e2327607188744322431514683&2d61617e212760CAESELJ7BfMqfNSN0P5smlSJbXI&e661617e232760
.adsrvr.org/ Name: TDID
Value: 31ed125d-629e-4e3c-82b5-54fa1dcbdd3a
.adsrvr.org/ Name: TDCPM
Value: CAEYBSgCMgsIwMeXiu3IhToQBTgB
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6032031246190383492&KRTB&23263-6032031246190383492
.pubmatic.com/ Name: PugT
Value: 1633779234
.pubmatic.com/ Name: PUBMDCID
Value: 3
.de17a.com/ Name: guid2
Value: 1.5174310226411430601
.mathtag.com/ Name: uuid
Value: 85cb6161-7e23-4100-b163-94274e3a9ad3
.pubmatic.com/ Name: SPugT
Value: 1633779234

8 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/files/js/aomini.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/files/js/aomini.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://lv.adocean.pl/files/js/aomini.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1633779231614/ad.js?id=QQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://lv.adocean.pl/files/js/aomini.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lv.adocean.pl/_1633779231614/ad.js?id=QQ9WZl8CQs..K_.yI_5SjmNuo24q4JJzp2j2ethyVzD.j7/x=1600/y=1200, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

58895eb4f37174a5ac5a935d2763ba5c.safeframe.googlesyndication.com
7759aad485bfabb1e2c043155efb4ec9.safeframe.googlesyndication.com
a.c.appier.net
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad4m.at
adlv.hit.gemius.pl
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.travelaudience.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adx.adform.net
b187.s79.research.de.com
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
c1.adform.net
cdn.districtm.io
cdn.onesignal.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dmx.districtm.io
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu.ck-ie.com
eu4.heatmap.it
eus.rubiconproject.com
fastlane.rubiconproject.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
freep.bite.lt
galt.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
lijuke.panel.kantartns.lt
lisource.panel.kantartns.lt
lisslpagestat.panel.kantartns.lt
loada.exelator.com
ls.hit.gemius.pl
lv.adocean.pl
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
nep.advangelists.com
node.setupad.com
onesignal.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.15min.lt
s79.mxcdn.net
s79.research.de.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stat.meetrics.net
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
stpd.cloud
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.heatmap.it
um.simpli.fi
ups.analytics.yahoo.com
www.15min.lt
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
match.adsby.bidtheatre.com
104.109.78.125
104.16.190.66
104.17.120.107
13.248.242.197
13.32.21.201
136.243.13.5
136.243.43.220
141.95.34.104
142.250.181.226
142.250.185.98
142.250.186.98
146.59.148.16
146.59.30.96
148.251.195.97
149.202.80.197
151.101.129.108
151.101.129.44
151.101.66.49
159.253.128.188
159.89.25.223
162.55.6.213
169.197.150.8
172.105.221.240
178.250.0.157
178.250.0.163
178.250.0.165
18.184.28.154
184.31.84.150
185.11.24.36
185.11.24.37
185.184.8.65
185.29.132.245
185.33.221.13
185.33.221.14
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.86.137.133
185.86.139.104
198.148.27.134
198.148.27.139
2.18.233.180
2.18.233.67
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::11
213.155.156.181
213.19.147.44
213.226.139.106
2600:9000:2057:ce00:18:1fcd:34f:cdc1
2602:803:c004:200::143
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700:3108::ac42:2b03
2606:4700::6812:c05
2606:4700::6812:e234
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:831::200a
2a00:1450:400c:c02::9d
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:13::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::300
3.120.57.46
3.125.99.7
3.126.56.137
31.148.200.7
34.199.149.82
34.236.212.156
34.254.143.3
34.98.107.212
35.190.0.66
35.241.40.233
37.157.3.29
37.157.5.142
46.105.202.39
51.77.53.76
52.215.67.80
52.30.39.253
52.46.154.242
52.48.175.241
52.95.126.160
54.194.211.3
54.38.133.137
63.251.232.170
66.155.71.25
69.173.144.139
79.137.68.72
85.114.159.93
87.98.242.60
92.62.138.182
00c2ab50445dcc5d185c5a3fa30da7250fb0883309c6f3238cc399e108c3d433
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01e91ac266aa69aeb06f4264cba1a37ad8013132aefae84ce828735dc0f8acd8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd01b8902f40985b3b1ab0d85daf64976ffa83ffc7669052afbe65557acede8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f94f262142bd783259bfd6292bd3f2691b725489e5c5aea82903dc1c4e75f17
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
122ee0bdf233d4c892aa38676b513aa53f4b4dfa663bc8610e5060b3383608de
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
17c604e98240bd311d4bb7f32ffcd77a2e3bac55d2594c1c703fc8644d81cbab
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1e020ce904fa4c54df840cfafa585165503aae600f7d572fdcdf9144a459cd4b
212407323420d4a4fc9e19a38c121bf526293ac1a0bfbfa221b2a4ebab112eab
2148022def76b9fb894dda29d0fe31651e0492d59a87b3de6fad4ec69ae0a9be
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e
2b5e92248722bbbe12208cccc7bc1ef098963cff6efd05c9d8364c3452ab7571
2b6af8a6327b2ffc27912f67be0eb5cadd7cae15105f78d3cfb34e7a8cad0588
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2d5692a3deda60c363db176e08b284894dfa927137cd02ace4e27d2b38f16919
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2edc12a3e29f1297d40619b275897f03be619a0ec6f64040cad5fce161540508
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
3399cbe623a9ee3ace6278f061b6fa1245b95de960573ad49f41baa073b4a608
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34f56dab2ebdad20dac6cc67ca9e061ff80ee2c06f1f5d755c00713e11824dc1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e48d2c294f57cc0c3c88722200bb17a244f42ecf20b860888cd9625f0ae2c96
3efcf5d95e1437166d639bb6c6a21be2887f510a14e67a02bc1dc8be5f73b447
3f1246f16fb9992e12f367c05ba332c3e6d80a70b35b5a5a0d8a966cad501641
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4309c178f13cc80536fe691a5487be34d6d833100b933c06bbff21b46a586739
447ff5ca3608d1b7eab666dd8e40bed23b2e330d3610fe67fba8c4613eccc06f
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
471184ddd371386769de7a1975793bd18f6011145002f133ed49dac692a6ac78
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bf04be09630e4455e38a532808e961a90be21c6c8a4864822bf08cb5ad8e89
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49a92a1a19cdedffadc388fdfba7ac3d71f95903a61d151764d15d2075fab71a
4af9d4327c38df7357e325a382ada67e5ca71ad3cbd146c1797fc99f2bb47a58
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b614d2c2e98f31c546f1ac9798324fef2c3bf67c09fbaa64d199ed501ce5411
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4ef3e75025fcfbad2709bb4f93522fadb366e8f014594e7f5575279cefaad939
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fdeffe4669100798bd173375098d8276b2271f3fad818e2d68ba1de28959fb
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5773e8fc7a83b45255b8464df63020be618800f1fa39cfd0ea6ffd10e3822ad8
5e51cc8c77883ba9beb5f9c1c9275d99613ad1cde2631b862ae56f301d9ae5b4
5e991bbeb03c1f34a39cab8dea2ac24ef16f2065d22106ffda3b7bfc77b80005
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
62829675b31c3c336b79e09872f249e6d6262c6faa9371985f821223dbaf2d6b
6334f6595917e21b820d03f75bfb5281da3ed6a174aa1feab44ad79c47032aba
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
70a974a2c754bd5f83fedf69142cea227ede0352f6818ef548176fc9ad77ca2a
73e49ed2ec4f472e1c7c95c36a5358bd2764f256fcc9011ff7e28727eb6bdc73
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7633badb955dc3117ae7a61e34119911e94e1c75de48de7a97ce9b3504171939
7770fb287496ea4c36d2ac2f7ee6200008b73da0ec061c4d7e6d7a591df92fd5
78076bcbc195fc3004fd66ff4cf1a5838d1a2e5263d953775cd4db547369d542
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643
7aa5652d6344b8ff282a4e9e2095c805fc4c6c7c44421efaca078f9d773e1eab
7d7ddf617c63da9bd588428601e0f8ad67395a39a44c1f014577ac0f2bbb5f9c
7e890f3e73917f420895b30927d5c5f745c9a745418dd0b5b40646477e40f4b1
7eb45051564ce39b0f40d619249dded08d25ebd730aaef1cca21ee65ac693c04
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
82b7f2372323bf98630a6501534a6cd861988a3550fd3fc70b6dbf8f586082d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a9d7e190de46cbabfdae119e224fc42a56c46db7751724ff783e1921c11722
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
868fd4345585c2e07b619a41b614eb46443621f5513b6775268e6ac9adf347de
8982ed1069faef4d8c8b1570a1661e3ecef8eff2a40294e90a989b29d73ee6ad
89ea14bfd3e2d637476fb50a7fe36481f8e09876451449a248adb37f889e5951
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c5bc53771a5a3188f9e675b0000a54da10d0523b906e6fe9848fe469c0ae852
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3628fa21609d1f2ff3949fb52fad421d7800f25a69f7904021b750ad5aeb50
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8ef645c24732e65b85d93111f79bdc80a3bb0bf25dec36a63654a7c08ecff1d0
8f15ec34423cfe92f0432dd6adf4221419ffaabd1c5373b19816bf58c4677c78
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90b0f9be4b71d2eff69b1c86d2a0e932a7b1295dbc200e12d9e4da1944f18d60
9429705ee7ac19daffe75663417f99ac21804e03e411cc16cce1d81571c485eb
9433cfd78bfdb749e76a8dc0000f49653100f7d415bb2d17f30153efa956efb7
96f6bb3683462d85a7f75abdc91baa711c716f1f21178a71cb3f86585cc3c4ef
9773820b2fc5909f774ae58af812b46ff2475c08e4352823a6398253e3741ce4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a623f896b707d8e75760ff6b570850b56d1a359f4230bfa70a5ebd03bc0579c9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa871171fcf2285e88164575ecc11c047087f49910b489dc11dfb04aea61d506
ab85ab96378fc9f42d9d1861080f1dc9fe1d2c9b632ea2a1abdc112b1150b5f4
adc001d72b213450bb3e0bc11bea2f3c5fc8cccf620743bee783a2060c079087
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af56215f2636f597c7feb1b44fe6827d015b2a9fd74afe91bea2eff6ef9cabac
afccfa0460894a3683a53b94ebf6501a327a62d3d711077152af4d5b313436a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b448446e0e9bcadc01d54b55d28469282d21d55e98fab894c289192ba62b0478
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b5b54604d8ec12ab31d009505a8847a8594958cc7c213fb70caab6e271131e7a
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b828d833aecc8d7bee66b56209385b8395bafea56128151f141a96e9cc945b3d
ba6f5a0a159314a1abbc8faee2735474f3c01c9601fa882ec65034f74c0b06ca
ba9170d7b28657c833dc55233416e6c25a7f53444274d424fadf084f67dd9ff5
baaeffa2122732851a41ef5026d0ddba838815504eddac190408247f46201325
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcad36a72dbc1761ef55d73706876aef910405d11565b9598dc2fed877be339e
bfee3aaae52a8e772c619f79150bb21d5e6ece8a846b966b3bd283a4a7f4ed6f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c9d355e1a65a6bb97cd4af5a0fe10a9e0169fd568cd00a0f35a2bd82e8c4bb80
c9de9feb8b113b8afeaef2e9c1e86948e1dfd0929b65468c977feb245c20d413
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdcfd2c4489c22333d330be4860a63ba699409dc36bde582df1c25603d69be26
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
d9702d332ea0cab02a7defc77db5e2e524fdb7f6f7b433fc1593953a16648143
d9ef8925ebe0941cbecaf4a05ca95f6d1aafdd688f36827cd03728c9f2c045a9
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
da9185b1a35048233dadeab2fe5106fb9537b3768342ed777f5ac41d7591b012
dadfe4e91e73ab90896138ee443d45aad1bcb0e3de72aaeab3020f1f25a1c4af
daee85e32a87cc50e0e8421a30dbbf52ead3d81712e1e537520959ddf872d178
daef822edf3324a75278a9e5899198cf93fb8592bacae514afdf3b3b7837cd79
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e13e25d28a342962cdfeb5d8e128d34edf89bc5e7af3fc13297b71adfef5f164
e1aeb82d0f04142527a45ee0258de8c1e6c4e4466bafcefd75144f3517d3a2dc
e35eab17958bdf9a8e2db6bd305647871c6b706aa51b10a822077d695b102476
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3faa5520ae3c9b0232ec894f887206e19af6921b0192ad4d042e91622f4596f
e6717b4d5ad0b584fed3e3d5ba17c5e38bd4b06acf3be3f300b4fded15a3de63
e82fad7fc6019bdebac670e3b1fae443a0ea7263e3e495a32fe1b65288625f83
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
ecfe2e165ae96f6d0a80b40d7cd7e0d1b117df3c5b5932b33e4feb897840b011
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24b3c21a64c5e2ce7297d6506281c93de63f2307b4f098d6f3b9092c7fe5ff3
f84baca24d9f94c61750248038b068218da1300bd7cd2683005692e87760cb8f
faaa40b5fe3ec593f42957c67044a6bd6e03d1cd9f8b4592c745bc4bd2f07030
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd5d1ae22dd0d690c61091557e59c0efe9f2b3055ad7d7b04c3c131d0b34aed6